hxxp://asdasd | Triage

Analysis

max time kernel
299s
max time network
303s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
12-02-2024 18:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://asdasd

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service
T1102

Processes:

flow ioc

66 discord.com
67 discord.com

flow	ioc
66	discord.com
67	discord.com

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133522356876061094"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3791175113-1062217823-1177695025-1000\{0B9E4FBD-5489-4F98-AB3B-789C8F644A07}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

4520 chrome.exe
4520 chrome.exe
3224 chrome.exe
3224 chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 33 IoCs

Processes:

chrome.exe

pid	process
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe
Token: SeShutdownPrivilege	4520	chrome.exe
Token: SeCreatePagefilePrivilege	4520	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

Processes:

chrome.exe

pid	process
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

Processes:

chrome.exe

pid	process
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe
4520	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 4520 wrote to memory of 2508	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2508	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 220	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 1716	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 1716	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe
PID 4520 wrote to memory of 2020	4520	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://asdasd
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4520

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa62da9758,0x7ffa62da9768,0x7ffa62da9778
2⤵
PID:2508

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:2
2⤵
PID:220

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:8
2⤵
PID:1716

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2204 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:8
2⤵
PID:2020

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2776 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:2532

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2768 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:1732

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4636 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4212

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3256 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:5088

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5116 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:8
2⤵
PID:1636

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:8
2⤵
PID:2244

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3820 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:3576

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1612 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:3408

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5808 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:1380

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5844 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:3712

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3076 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:8
2⤵
PID:4300

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5788 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:1864

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3056 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:8
2⤵
- Modifies registry class
PID:4652

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3112 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:8
2⤵
PID:4936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2520 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:8
2⤵
PID:628

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=1016 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4696

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5064 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3224

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:8
2⤵
PID:4832

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=948 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4436

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5304 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:5028

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5460 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:1284

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5200 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4544

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3240 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4532

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5808 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4364

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=3580 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:2216

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5076 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4764

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5448 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4436

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6448 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:3360

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5048 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:1864

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=6368 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:3812

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6308 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4300

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6528 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:1820

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6504 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:468

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6328 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4140

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6728 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:2888

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=6440 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4640

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=3264 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:5068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5516 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:2256

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=4696 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:4904

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6772 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:1440

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=4684 --field-trial-handle=1844,i,7266194569529018297,7029930634180755491,131072 /prefetch:1
2⤵
PID:1436

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3864

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x430 0x300
1⤵
PID:1984

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
194KB

MD5
36104d04a9994182ba78be74c7ac3b0e

SHA1
0c049d44cd22468abb1d0711ec844e68297a7b3d

SHA256
ccde155056cdce86d7e51dfd4e8fb603e8d816224b1257adfcf9503139dd28f1

SHA512
8c115e3e5925fb01efd8dda889f4d5e890f6daaf40b10d5b8e3d9b19e15dadcb9dcf344f40c43f59a1f5428b3ee49e24e492cf0cb6826add1c03d21efdec52ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
75KB

MD5
d11d3741468264c6cd339fd91466dbca

SHA1
c1939db6c518d7510151b9141d202571f00c3dfd

SHA256
a984e5408efcda6218d935a92e7a4483f37df25bbc4aedaf4f50a990717c7e6b

SHA512
6ede49da99e39265e19768e380c77c4f7419760b387a539de1398afe118fed6d8409749250258490ab4ba2ebb3b57117d8b6a1ea21e2ab2b3e4fffc2e259ddf0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
40KB

MD5
1128652e9d55dcfc30d11ce65dbfc490

SHA1
c3dc05f00453708162853a9e6083a1362cc0fc26

SHA256
b189ff1f576a3672b67406791468936b4b5070778957ba3060a7141200231e4e

SHA512
75e611ba64a983b85b314b145a6d776ed8c786f62126539f6da3c1638bf7e566c11daf18d1811b07656de47ff8b50637520cf719a2cacc77a9d27393fc08453b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000078

Filesize
315KB

MD5
401d45f399bdfff617bda6e391b9d543

SHA1
587c28716f12748482fbe8ff692e26069bd3baa8

SHA256
f67df8f9cdbe7a2193f486282920b4f34509b2c0812713a0b8fbcef897f6dcd5

SHA512
aa67cdc78bbc81b2be9941f686f086a7231cc3c9362d76799138393c34f6c29a5806bda421fe2ac8c41be84d723259feba637973030e6a80324a9d3716af7237

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000079

Filesize
128KB

MD5
387371574308140b9e31f78d6904e758

SHA1
314d2b137e88e427c1d17afe1eff05f668a8cc85

SHA256
fad3f544ef4ea7f26aead0b6327a655e6d339efadceb7184a3f44c7f9d102418

SHA512
089681600da0c3ea88cc8a992756b51729b8136c68b99382835cd839c020d0de7c81f58a62eca115ec0337a122ae8a3618772cf00d1da0d2fb7c7b1f6de0c484

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007a

Filesize
43KB

MD5
07fbab13a0ea3d5932148e4ac936d88c

SHA1
2ea35642e93b38f4802e5ee79f93c13af73f9ee2

SHA256
3f413572a681b8eda45f1717a83d012c1a07b26fb6230d3054a1e9751a51f6c7

SHA512
c21bcb05941d9d9d83d0128fe6ad64c62214b8b96fbb0218b8bbab38ec701d9eb80fe51248d03529eb50aa4c0e41ab5b512c4f8fd0eb34788ef4a89f12b32489

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007c

Filesize
31KB

MD5
aa60653192311a086739145918c1540b

SHA1
0375d0195837e25d0ccd875014eff09bac856481

SHA256
28c81478071d25f721140d389518c8ee100b4882f0a2f1a9d2130c1e3ee93fb3

SHA512
abcf309b0ce7e97bfbd93b511cecc207f733f8f1590a5017a51a1c3c9465cafae84b94bf895cbfe3a98309862380e644942020cf9f93f2436fd4dbc1679067f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007d

Filesize
61KB

MD5
fefcad5313c0aa2b32031f0f0c31f9f3

SHA1
1242e9faf10613006ccd43814e92aca13e436fd2

SHA256
55d1332ea7513e37937014ab7118cc5ded3ab74dfe0585697fad8663d3b7010e

SHA512
c1cbb50fb5f45ae1f59554014910149d90492d509ec8effd8681eba732df0e697662562a6808407de4844e31e59f775311baf8906fcf86c0e66a4dec85c42f9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007e

Filesize
75KB

MD5
24535d67433802d5ce737e769c962110

SHA1
1cd2bfffbd68bc40c33cb33cd6403eb638dc89bb

SHA256
7b24e2e14842d722fa295d7479f99a81276c3124c2644fefe562a70d4d8aecb1

SHA512
38af0b4fa1c4983f624ce350b93cb0c352da85aec779738c2382e35f14e2ec13fbab0059cded14a0cc2b662c2500b0c857040273b603718aae84c930b529e222

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007f

Filesize
71KB

MD5
b70425bf0a0599be6e7b190c73160516

SHA1
3dd87b0e5635ea71e4a0ba1a00bb19646c81bd37

SHA256
3dbee8630307034aa764454f36ad48667594aec94cf1e31109e072d38d4eacc2

SHA512
0e442111d99281f796f8d65e67e0c0d5ab646555a7b950c494d9357a7359035db0df60c9ad3fa35dbd58e0ccc3df82d45167421fbdcc25cf2ec9444b6774ab03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000093

Filesize
61KB

MD5
de88eea07eae84aeef510fb69593823a

SHA1
26cf9c9181ac9f00df34b6abf4faee271b057dab

SHA256
3002c562ce1f7bdd7bcc5e88677b67fcda891adeaf4f1913801302a1d4abc63a

SHA512
f69894bb1f2060407656eb44c22890dcf62f9b08747777f74e4a59d700749db3735c25b66eaff25e834d1be17ea739ef0bd1347f5cf18d5a059eda0c070246bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
b31f7e69721b66177859f7bab6a8c914

SHA1
b95877058b3f7de5f0d83945e7c58ff1b67a6ced

SHA256
af599a73886b83932ee7d19a20faf043c4f2679ab6d3bdb0c282caceddd5cb76

SHA512
bef6f727570eee35ef8b6bfa4bfcb84d9945b28e38a61d1505cf56189d9fcaf557ef13b9222d9566f2f08763b43bde20105f5f72222514db3ad3594f9c9706c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
ab6092ef48cf431f0af1d628c8df4b29

SHA1
d73cd6386d331d958d3c2aed881f65fe7cb2d6d7

SHA256
7aa515463f0d27cde287d1319937c4fe75d4c625ec39000e2045f54f56bfb288

SHA512
6229c1f2e62f7ae73df6f027d289d47957a48a9d1355464e3eadd221f3cf3767302f900b5c93efc6c851bd6af5e4f74f6307419f11506374e04266c073e70bb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
74038eb383bfcebe8b4d7c98765a58e7

SHA1
c807d9393f26a2cd87b4627a698cc57104fb2a0f

SHA256
783b2864803ac741c811b901a9408cd308a624d5014c2408dc2d2d91a357166a

SHA512
14f65d29e5ee3ac808917ed6f3b818ee7efba7bab8f4f22e81425783a6c943c38c3ba04a0c450dbd157edf871d83bd3c8a71461c6fa3777b77e2b8b68fd44468

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
eba4f1ed355e161f1619343e41e3cb61

SHA1
5e09711eb817fad4a36628c2da0282089d64036d

SHA256
91925fd4f2d82b805acc8c26b8f6b773876a81868c99fbfd907ca34b0bfb2269

SHA512
fabe7e2b2a44f0a38810f9ce0b0e00da11d4a542b266aabbb30673d3bf419da744921c625aa2b58b72c8a816f285cbb0d82b15286da05cf70a82a9e7f7b089ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
c92c42e2ef66aa34f233d21effa93aff

SHA1
76abe86224a9af4d2dfca323e1793d1dc9546f7d

SHA256
5d4c3fd4e243c379056520c74e5290b2e8dc4490a0fc8a40aee6cea1296876e4

SHA512
25e5c583eee7d518251605470e3a494ec439b3677d89204486f63471b1ec2b356835df80d77a03b8feec0843a191fd7a04a569fea5337f97430f747646ff99e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
b55ce03cfc07a4d326d93d3845fde69d

SHA1
380ba975e32fabf422971a4bb2cefe1e2782dc71

SHA256
c765bd9fa11a4a53804302d4cac2117645791f36ff3c1c4a35dfc16b3007a5d6

SHA512
32dfa98d0aabfea22793c9aff85cfd4da7bcb3f086427b2a3612e48fb023fe449e44b0b36d6bd28773fb4c4438b94bd55cdff1a4de3b1bf3eb1e5986c89c15f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5bc25b2f81206c274680841840e90294

SHA1
6288dc2962d3ae8e6058d5f38c6e85de4cf057dd

SHA256
5a88848a835624c3828a5daac5e7f96c42e979db45d13de6d35b50c851f2728b

SHA512
d2e72b61507aaff6341c125459ab43fcec3dcb84514d3fc1baf604ae13737adde46678763fa4c9ed8f24de3778ff25ab3733f40f1d171fc642b012d2cbc7b601

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9fef74ccf5ed3e4b8d1b7e76802bedd2

SHA1
a3247a33056529976449fd911b4335a02ff3e49c

SHA256
c4fa8d6fac075239eed567386ed10fce28e6cdd131a03ff4a9a480292ebd3cd3

SHA512
e1f3f7b186c74b86b832ec2b44da7c7d051440919684073acd54e7ed82bf4cd53d97eec2944cfe06280b0f6bda86d54b75e2bd97856a7d99dcfb4854acdbe7e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
9e2b5d699164b03d6067751daa98f273

SHA1
4d05475ff1a54f2c0bcab0277fd031184ac06705

SHA256
0dcb9dd7242d3dd1402746bba3c353ccbf0262bae37329e9e364b8bb032cec22

SHA512
6e3f02f00448c62be02ae3235714e5e28a09bb38402f6fed1c18f1355e10890bd8d0b7a59fd349847d172ff389e96b03c5daf3dd7f6ec5ecb792a3e50e0914e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
20fe0443600ac861028c61dc551abcda

SHA1
45d073ee90f722ec6fb8badc080ea3c27389d3a4

SHA256
c5d1108edf6dbceae390eefb3d800e93fb2435629cdfbcd9ef3ad6484ddb39d5

SHA512
3cbf8ee64186503436842ed85c608f1c8816b343d709d14c57d4b2d06d0f77fa059caa15f2c0779e4e5b581ba0888c1dbdcd2a91a3cb57e052bbdfb294cfe1f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e75ccfd9df7ad9d002e690720b84f964

SHA1
4e9dadd0f9254f2cb3926eea8c0a9b1f57f9fa35

SHA256
b3cda07f5c4a4b4e315587a5780e73386440934da851c71cd9ff8b50130ad83b

SHA512
985059d729c5496a1103813dc06809a4723fefc62ee01c6e3e6f53ec328fde9b51118e265ca17034c4202a29706dd768cb793fd425be52a6f77e1927fb41f8b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
fb497d7aa57a56f35584ed9292c59a00

SHA1
872b808b385e4f8ff479008c937696a5b080ae63

SHA256
b133b4585b311793a3461ed4a4fa9bc336915c00a9ea932242c410c230893858

SHA512
6bef0af17d33a27f56dcfa5f6f3c9b117d17c5b3442fa4a586aaa4e2fe7d954070528eb94ec11ab3c14d5e1c25a26edfd650c785c9e616cec4fa440fc4f412ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
71a5b8cd8eabd804254d7f43efb149c2

SHA1
aa07c68c7f12976bd7e974a785bfe1c0011f185b

SHA256
69c73a314b94b0a1aeeeeb8808e672f134ad3369d356b005bc00f39b974dcf9f

SHA512
26cd3fbf2f3b174e3e523e74c5929d98929b1451b30bd47d7be5dfece9d4cd8f7be34df78efcb703efcc63595cef0516c2cdb33745ff7164a1b577f701d64949

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
33f8a30b5b11521a6e0a465af007624a

SHA1
49e63dc31a81039b8bfc46a355a165ab30846e03

SHA256
e6dbc1276cb74c398d0358c78901bd815a480f739bba9b6716083042947642d1

SHA512
707f112b00d6c57cd0ea26f9a3dd8b3bef6e890f664ff095ef955a33231766f38272e60ea5d66f5c54b3c0ba22b70cf09a612275dc6f06fbbeab489aba365f01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
bd87c5c661f22b5514d6eb2790ab35f4

SHA1
a669fd253ad093e26b07e5926b32a0cb7a0331fe

SHA256
8f2d17bafacf53bf0a7fbd87669cf491e11aea3ef51c4e55dfb91f10245b7cf9

SHA512
49ec17c4691dd232bad56445146849ecdd8b6599cdbd0b8f9a400570d8ddfbf84dbd4896a2bc46a98cb6e8d8f094cb831478203f401b0f36727854837a164561

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7d9b0540b5caa6fd85f1dd2711295dd2

SHA1
20ec1d502fd9178bf3c44b5c978668e521416c82

SHA256
07ffc31dc7daa073bc670a1898b6b8658f04f7bc841d8a181748b3ab5552ae90

SHA512
9ad68e82c3de2ac8a04fd5255f25704dfb1249ccd7af66a0cd529361bfecd1ed58d2ac328b30385c79c49b6442cd7957ed7762dd67b5c76d91211072303ebc50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\bb4ccdd5-985f-48ee-85cb-c73e40585458.tmp

Filesize
4KB

MD5
fcd8ebd6d00495848c436bc2721f5211

SHA1
58a6dffc28341348eac8b2a2df7a0bd09556f311

SHA256
96c6d71d9eb5ba864e5b2612632ed514ac3bc13b1d48aa4a6a37b75207120411

SHA512
40c742968c3d6c87bbb818bbcc181e4539e385d2fef8bb9b7f029d0a1282535da6f3d0f2382e4d676c5a28cb382f44b0521a090d6cde22413d20bb0bc18f3978

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
6379002631407ea636c4d411e84b77fd

SHA1
8c8b6d1907dce135f7f7104dbeb9d09b833f28a6

SHA256
cb6876e5f4af2300db65fc9d13fb673d9014e210afca6532f1ff2c451070f131

SHA512
94ef6f095614c7f305ce1c4f2d956be3157327c1020cd2ba11a95654a2866a99b25505ccbf97c548cbf29ff99f8321152ebfba25f803df3a14844a888c72e933

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3f46c48589cb77bc684d9b3c5d142c3e

SHA1
71359031ab80241b718d43114413d2709a471e54

SHA256
c4bf9819c8ef473c4a2cfe7c0a3d06024f4333133925235755e44c7484887538

SHA512
e45ad60b45bb0460733aacd973f16906a203c0d617d66a35bc34705d1ecae7785ef740d999593556e04e9ee4129c66630f09d93ff61850809376db3a66c0e98a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
b508df443975e3abee50cb89a46f8764

SHA1
d9287c433925e2e05a8387e956913e2df678e0fb

SHA256
855b3b26b25b7a01e925bd787cae10eb27647a854041f14452669890c31c8c04

SHA512
062b27ad1fea99ff2498bcd68096721442f80aa623069aaa6ba829a4dd93493fcceff7b2c90a05df51080deac0647888f9239b5b62fa7860a34e6d3dc795ad77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
650d88f542c7d18494edb38b41fb82db

SHA1
eb2b97d2115ee1070ed883edf914a8ee6c045af9

SHA256
1bd89d284c180d6391e246e521582d1fa22119e89e3cd9491001c438c6245881

SHA512
16f6454f9016468bbde2303f1eb3dd1e4872497d4cc5a3bf3feffbeac2ad311aee40268b20a54fdc5087c95fe61d438816a0f30957550843740164cc15c0def7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
9a88d5ce0688a42b77d91f7393b4c2da

SHA1
263ad57307b1cf40646c3a3c1e5b27f5c853778d

SHA256
7a53a635a3ddfc4d38b77a8647e9fcb4a76bc7070db0a9daa7c3b995fa9212a1

SHA512
6b3c23c4ef23d33067f73f460cde91608f90a5e9adbbea4d836816697af395d09b2aaef4e6ceee6359006f9b812e5670b12566876dd391c841134c2897b500fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
046a87a97e446a86fad61229270af82c

SHA1
58e5cf8a79dd717dd389615e9357d329543c2208

SHA256
c008b370c1050241abb8204481724b9067e988a6ace30c4a62bf5878a07c0041

SHA512
e7d2ac277b7e97a0ae5760bde107ea1465f724cf064d667e217c0895b7b731a97a4a7cc9b25e6420eaeb289b03c13ac4f1573aa208f567b2f1e8234ff9e0e722

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
2c5d1b72e3869aa987cf90c96d212ad2

SHA1
a47076c54e11e4cce9c861f6bb300aa40a5ab8ff

SHA256
162cbbc36107942df5ac9b8dc9d97875430ccd11f9e719f65447e18f41e398ac

SHA512
356adf0f7ff07ec6bbbc367db32da42bfadd282d738cd00bc657a2632dfb593702b0f0499fb542037fd265869bf757cc8cb724b25c101997df794a360aa00e23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
6ed30c13e3375d061d8d3441bed9f422

SHA1
52598a47ff958bed78cdf1051aa117ec617c5aff

SHA256
57019980c1de2ebcee2d80a77a8cb3c721360c9f78d14fac6181c1935a309530

SHA512
5890047fc917c06e4a7dc287e5666a1f97c041fd4f5e559a3e132110d62bd88981fd4232d9dbbeb18b9735c4352596e9f50823495cd72c00c1dfeb6fe2d0c485

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
532904c3d6896e10a02ccb238fd0b668

SHA1
c9bbc13f238b277a37941163154f17f9ebf4c894

SHA256
bfe9fc32eb2fb59494abbe1684f2e671511b00e0e125d6260881a24347855908

SHA512
459e9d53ffc8b64aa5dd4686426e5ef19e0a348971d06dab5b4754b453b1814a5465dc6409f0461afb559e65294caf6881d47ec4f07d03b93babb5b96d40fb86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
23f83557b4b9a35a57af7e7c90008048

SHA1
cf8140b75117ca6cbfd73ceb4d4c8f8728b76290

SHA256
3c71d5f0ade31c3482ea84301d20c63ae1f1daa3ebd9898c751d2f62413e4216

SHA512
753082f8e8ddca821b87ada6afc1882ab1b7803384781cf402c68055a6c7cedcf3761ca373e2517989ab16b6cc99381a480cd2a3c877bf7a850bb09924b09084

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
104KB

MD5
60200d21e78021a9693bff2e32895076

SHA1
8d05f58e965fd9262cbdb612313f71c0c9f17b67

SHA256
d481e5201fa16998b663d172ece4976e0141e4060e534f4791914ca31cb5d387

SHA512
e383008f124e691e7137a1427283380aa4260f7244cff6be4f8f9a863a30c330a2f46555640d86b432d390b3c5d51db31e8609e127e4d9673d32c496cc2c27e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe585a7f.TMP

Filesize
97KB

MD5
51d5cca3078c4f844b560255a6b06c58

SHA1
5b3ff640e07aee41573ab2249e83246753d29dce

SHA256
888bcad63ba6605c47d13e55d585179862866ddc1715f90f8f409b74ea53a728

SHA512
8958c6d7707e26c68226283d2c4c67a5718a89215aacdaf86c6a5121fbc8624f5ed8148affe1096f7b415b1df995fa31c7b826f4760ec80abb368cf4cfa255b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
\??\pipe\crashpad_4520_GSXPAQEHQWZHKLPU

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit