hxxp://globalquake[.]net

Analysis

max time kernel
209s
max time network
773s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
16/02/2024, 19:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://globalquake.net

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1572 wrote to memory of 2968	1572	chrome.exe	28
PID 1572 wrote to memory of 2968	1572	chrome.exe	28
PID 1572 wrote to memory of 2968	1572	chrome.exe	28
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2032	1572	chrome.exe	30
PID 1572 wrote to memory of 2736	1572	chrome.exe	31
PID 1572 wrote to memory of 2736	1572	chrome.exe	31
PID 1572 wrote to memory of 2736	1572	chrome.exe	31
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32
PID 1572 wrote to memory of 2724	1572	chrome.exe	32

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://globalquake.net
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef77e9758,0x7fef77e9768,0x7fef77e9778
  2⤵
  PID:2968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1160 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:2
  2⤵
  PID:2032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:8
  2⤵
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1604 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:8
  2⤵
  PID:2724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2164 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:1
  2⤵
  PID:1968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2152 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2752 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:2
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3176 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:1
  2⤵
  PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3500 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:8
  2⤵
  PID:2508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=1040 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1140 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:8
  2⤵
  PID:304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1920 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:1
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3740 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3796 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:8
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3900 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:1
  2⤵
  PID:1688
- C:\Program Files\Java\jre7\bin\javaw.exe
  "C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\Downloads\GlobalQuake_v0.10.0.jar"
  2⤵
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3560 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:8
  2⤵
  PID:2828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3732 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3704 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:1
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4108 --field-trial-handle=1364,i,15006538030930926954,18220614677905433574,131072 /prefetch:1
  2⤵
  PID:2976

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:296

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:1952

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0xc4
1⤵
PID:2412

C:\Windows\System32\control.exe
"C:\Windows\System32\control.exe" SYSTEM
1⤵
PID:2648

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
1⤵
PID:1104

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9ed2c48d3c121226dcd726d316e0d989

SHA1
df3da69759f08bcd66519e57c3e575546cee1bcc

SHA256
7f0c3e4391fb977a753582a3f2c6e94a5d613480b791442b7a230ea564ed1101

SHA512
f126443b9340d10903b63a4985c01f6351e28ea328edb21ad6a9753b855287c8af3a71405fa1ed06d550c96e6cb8660c8bbd4ea875942d3bf06fe1f3f914d3db

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
53e95d9ee2384e74bd09efa0ab13a5de

SHA1
28eeacd3c4116fcbf1fb8a233f5d5d93d7b9a11a

SHA256
5bbe9fc75bf79adf070436c93c1254af4ed2281204c0108aebf5f350a031495e

SHA512
0ad8c0896bf9792356b4d94ca39e62fedda863ce629af0d649f6deb416ae2201288e138511663339ddd78ee0cb2c2cd8d6807e9bc443740609a079dc022216fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8b49fa29-8e05-4077-8c9b-481f23eb2f41.tmp

Filesize
6KB

MD5
a9872ca07ccc9857cd068c076aa0e876

SHA1
ed59465593618aadd609334b746b77931f75cf1d

SHA256
1e8718825b2e3e52a45002aaa1c0d6d71c07b3b5cd6593e42f00bbcf2fcd5eef

SHA512
0945a3a1d0224bab8fb23275858a97f33ee2a0a7229e242ef36618ad80c9d33a54ca619516f074bf9ff6a6e7a0e504395396b749aa0a4fc58ec930ac9881bdd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
194KB

MD5
ac84f1282f8542dee07f8a1af421f2a7

SHA1
261885284826281a99ff982428a765be30de9029

SHA256
193b8f571f3fd65b98dc39601431ff6e91ade5f90ee7790bfc1fba8f7580a4b0

SHA512
9f4f58ab43ddadad903cea3454d79b99a750f05e4d850de5f25371d5bec16fc312015a875b8f418154f1124c400ae1c82e2efd862870cd35c3f0961426c8cd82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
24KB

MD5
b82ca47ee5d42100e589bdd94e57936e

SHA1
0dad0cd7d0472248b9b409b02122d13bab513b4c

SHA256
d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d

SHA512
58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
d4c695651c7dd851d862a7a48aab05f5

SHA1
d18d0ee56e31237b15e205f7a5b8bde3a2932756

SHA256
c57e4b5ff50c4875e9440b34b9d6c49c71ba7d3279996aec7a056326909c407b

SHA512
402b88b7553eeb3523609a9585a896c775261e53f1e9e61c0e58455b5f1bf3c59d3f4d464467436d858ae1d492c88bc2a37322cdfae6cadcb3420ae9766beb71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
c0f3c4b3ec88c6d4b85456ea42caaa76

SHA1
217a7dcfae9a3bde944c969b66a61a1b0db7461f

SHA256
74b6a433940a4217487dab520199cf65109b537774d94bbe4ac6002750d891ff

SHA512
c253b08a54bbc4edc283547ddef0d2a3749534a96584c0936ca3a5de0f7781528ac4fb64c4f447806d6c8106a5b973803329f0f0c36c2f4a7aeaff2e6a6072c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1015B

MD5
3edc0882bcf18e124eec4db543b8e58f

SHA1
21b5c96695ab2599823f9c87dd13e55a0cef7a24

SHA256
2de079b9f0f8e7bc1a6e043a31e4c15551337a860a1b31cb9b8cf870ba2a4c5b

SHA512
4605fbfd57e7a9cfe239a940fb7210e2ed5be35ef8a272e3acb13409bd5e2c51542fc03a3c111f88d25089a2380ef0acd4ed278afec0d9eedb9eb1f80887160d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d81c8cc82f4c0ad54ba4bb9aa47eb690

SHA1
926066de03c106c23ea6a97b50ef6f395700ddfb

SHA256
5889e3fda79f7e37b587d8d876338b0ef07a63c43db9a66edfb1dab8f33d74a8

SHA512
d32228e407629392fbe37769e3d7b740ccedc6665281dcd2c8255f2215bb4f8d0fa544f27f53facd3bdf6186cdc761797c614738a0db2e9b0205b63c7fc4ce9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
687B

MD5
5e4f69a8019bdc0eb8a4e79f2fb6c3d4

SHA1
601e43f33a9a89ed3d0b3c87483b57d3c76ea510

SHA256
d448c3bac21c864a8b9ef515ebe447a2ef71e82f19f81346e712671993e44f8b

SHA512
24bb2a349c8c29383d7550098cfc4246d6040bb1ccecd3d8500bc31c1c1b109cafefabd626651eae304a668c63e44a1a3424f5005b4add0681227a3c036f4d53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
850B

MD5
2b25e10a415fc1c3cfefba1ed3ea2179

SHA1
85b99db629eba9867dbceb754f55fb3a367c0cea

SHA256
54a7a4f573a5bf6b8ee85b67c778634f1d40520699b09cc8bd07e72a143f178a

SHA512
aad11d45b5a04be6ba1ddb253b3960cc39e9255012db73cc4cf10128e89034cddf7af249ae3e66dc8105e28b9855aa177fe25631054dea5536a6b2f8eda592e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
687B

MD5
c0852dfdbb8812bd9b51c0b6ae2306e5

SHA1
720a9b9f816bfca277b84b72ce137240f397cf9a

SHA256
46f0b93f1e2250885ea7ed8aeb64dd873dfb2355b2f401da6132d097d2a328d8

SHA512
a16bd5c5b8750473376ff28b635bd1050276ac0aece4705f8f62bf5aa0bbb82bc2e7377bfb65696ceeff077c8a7b89511f2e3d0bb31a482996fe1c621c891134

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
850B

MD5
d06423695dcb10c6f3619b588941b4db

SHA1
aaf078828615308f6928fb0fa890218954e2b54b

SHA256
16d878f0f4c25a7ced2e071de168d79de4157677f3e4ffa0309fe85bf20a5b4b

SHA512
558d5dea7c43df244ac905286cd1dba3d90a1c783d5ec3a1b808dfb8e2fece17495e90593468fcd7f64a6514161f0599f48f57f20a778a33209cce7be4ec809f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
850B

MD5
a582b327e82c38e383d67e2bf309ecfb

SHA1
dcc8b6e60efea48e043b14332d015ec92811d9b1

SHA256
9d417f0f8fa22b11304f436b64fbdc614908693304d63f63e97517e15dcd04db

SHA512
f6eabb32504ed7b12aabf44457f3c535714c0b15dcb11d1fdc21bb68e79b0a3601d9df9331d405d87aea3f0093f321794b1cb60da2d5ae5ce42771f01cbf0c21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
235daa39b634ef70832be85aadd3d0bf

SHA1
47be1ff5c801d78a14a0235467205cf601a62af4

SHA256
4fe1665dbb6ab6f80766ca9c8f23bdcac35c1068fae9de3074e041f17e6ca361

SHA512
493699caa9d3be08228b25309c971ecf95e5992ef758e73d35654dcf7e6a09ac23acc713288cb0639ad1e22b76411cc971f6b0212c85cba64aa167fa8daef1fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
26c401e83c1b1c0ecd42136888c49599

SHA1
e3fe7dafd889282d2fba3b892c8dad85d1c2291b

SHA256
ce2f7af74aa9fc31ee2416d51947e6b159b39fc2c77537b08db3f8fe6f066a0f

SHA512
1048d45fa6312981bff07cc49edbff2d18c8974ce449d2c50761c358a78a93c92300433ed2dae237aedaa2b099eea26f801fc8e46d864c896b91071892422baa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
1a5b47257484ffbf3ad04d30643d5bc1

SHA1
09d6ac3414d21efedf8a883a8035d2e0300b7661

SHA256
fe42ca88787a5768f51bb4aba7de50a65dd67449a9892c6f64e64b1e60289ea9

SHA512
dd043f4b68b55285a014d0708cf50e0136690cc71316d57ad77481a4ce78da88c0f21a38407e2df3d82539f22e9aacb2eec440e81dd2fb9cd407501152a6e5fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1b7b23d02863701e33bb0175ee0d2220

SHA1
fe6cff812771dd4d1a71e5b8c9bc021678538dc3

SHA256
25c3cbc91990472861c6ed1af2812a63845d4d5e4ec7c2d9b5cca0f267a6d4e1

SHA512
a1ba7fd3bd595c5a29c53babb968d7c7510194168a010de01b83ffd55bfc1a2089b9a3a5ee4c0eec052353b33baf48088e54558b4d05e13c18702d107ea58ee5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
0059001d53fac1b6ca1c538400993379

SHA1
d9136cf9bd30e86ff498684eef428e7c36794d19

SHA256
c0757c36e3b396604a429ad14c21597d9e7632049197e8e14783d001c55062fc

SHA512
3141e21598892edff4db0887e0602925be8a144435e092d3ea84a3d8a6f9212dd75ec4fa0ef630bc8cb7e2de0b8772ea122c0d9796ec1239373fb773f1d7a63e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
92582e915d71d89204c2fc2514435b02

SHA1
91ca5b43da9213d2efa17053e0bb01780a98a588

SHA256
45edc935dcbbad02ed1224dbf94bbbd1858ac9ede08b032b14b85807ccf1f59c

SHA512
3f1c95194d9e0f41aa1852c2190d72594c62730ac37852f7cf5bddaecdb9318a646f347af9bf6d8287d973056cb7c0740e17a306936296401700754330054651

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT~RFf7fb2cc.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
a272d7d35776626229d7eb140439e449

SHA1
2d2160466496779ded077c874fe9f2ef67be8a38

SHA256
7a0d4d4e5641ed4a2e2c6b6570d6a55f4f0a2e9d42ce3ea3c993e5de652cc6c8

SHA512
31cba7f097ef4808fe8c3622faa3ebc0c534378007b8085df6546a9eacbd4b8c90bef632b6beaf819d5d97b8680c0ce19d385a0852415f36e944d86457000c46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
10f6c4936cf81ea879d08c46eaf4d47e

SHA1
3f509fe06722f0d33c854e0f905fb404ea7a14a4

SHA256
8fe1f156e204d8cefd8f7675ac53745d40daa78cf432f39126f3b80c18142b03

SHA512
e5d7de92069969ba081a1d3d35fd6ff82dd6811cb6b6c77e3461ae2c635e093c1d8e4d7e0e775767211dcf3a45f9b5b50ae4379a6088e8c41430ac07a2a3bf40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
e208f4cf729895fa52b52fd483c13e5f

SHA1
44932a36c9c77d811e6f7ec8e919596b945b1ba3

SHA256
6430bd04bcdec83eee1e157db10e569b4ef64d3e93683147a374b980387d6ea0

SHA512
8b59a4091861831378c38f81d38f66b6d04233c70f31adf8c5a27865b68816147c3a5714c7e686f1f0f01836000e6796c22201833384cde0091c45de4a56f729

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
82KB

MD5
17f80db0fb197fe54c3aed0efa8d79a1

SHA1
60077157a0331b7644c9231c00c8eb8d2fd67d98

SHA256
267a57969654c8ff34ce38a8ebd349da2c5167f335b94fc3bf36b8416edfb5eb

SHA512
52eb872b374ab127b4e7304f4255825ee7c31fe9f49984ffefb984a0c3fc1970565ecbca049271dd992bbe76e8616a064e664658d779815d36943ca956e1a1cd

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2CBD.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2CD0.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\Downloads\GlobalQuake_v0.10.0.jar

Filesize
6.7MB

MD5
8b0b7c7dbcca747fcf741364ddd3659d

SHA1
260687b964f571d5be594be4d138db14fb774704

SHA256
1710805e05ad2eee7dea83b43015778011205946a3e4815f411ed5428cbe4f55

SHA512
71056a5f4123efa59d3e983750e0d5bd2c54527bf62ada717555df8df92f8c7a2ed638362bcab92c50d83bed3572f6ab00f15774282ec80f16e67a6325e5839c

Download Submit
C:\Users\Admin\Downloads\GlobalQuake_v0.10.0.jar

Filesize
7.2MB

MD5
bb50d8b935a71edeb73af29fada6141b

SHA1
1537e2249c176904df543c6c1dc54d673bcda0d6

SHA256
f5ced8f779c45d250cdb1a92e2abf4d397c823301658f1be9bcea1a8638f6924

SHA512
703d69a6216c77374ce66dd11cc1e06ec2b0665c39e09b55923ac2be21a0e96fa71964ee9012640050e4a0a98bcb78b3ce446dba94a51636a1986564927ad1b0

Download Submit
memory/2900-492-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download