893a864ee28a6ca677a90873099a6f816e7fbb8e604f7fc9e4ffa90167d61001

Resubmissions

24/02/2024, 12:33

240224-prj85sbf84 6

24/02/2024, 12:32

240224-pqstwsbf58 1

24/02/2024, 12:28

240224-pnngdscc7x 6

Analysis

max time kernel
31s
max time network
148s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 12:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

HK416-bonk.mp4
Size

93KB
MD5

f7aaecedf1d24e05de0641cd686cd075
SHA1

ab7e8b802dc8d406ba093c721d1cc88fc7aaa9df
SHA256

893a864ee28a6ca677a90873099a6f816e7fbb8e604f7fc9e4ffa90167d61001
SHA512

a9ebc2e5fa1e74c954cf1e944eecd32b2cc30e0f9a9055747bf47f01f5bc02f42b72cde72f72d7ddc1c82d7108956371a84c35eb007a90ad7b446e2891dbda88
SSDEEP

1536:z8iPfqSSI9UQGo7BxnZQOdtzqNVQNolHuesWrOWD7wZX42NtOSP7T8F4D7q9fU8x:giPfZo4ZhtONqNkHuesZUiX42VXJ3CUO

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2300	vlc.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1916	chrome.exe
1916	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2300	vlc.exe

Suspicious use of AdjustPrivilegeToken 24 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe

Suspicious use of SendNotifyMessage 53 IoCs

pid	Process
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
2300	vlc.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2300	vlc.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1916 wrote to memory of 1688	1916	chrome.exe	29
PID 1916 wrote to memory of 1688	1916	chrome.exe	29
PID 1916 wrote to memory of 1688	1916	chrome.exe	29
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 524	1916	chrome.exe	31
PID 1916 wrote to memory of 576	1916	chrome.exe	32
PID 1916 wrote to memory of 576	1916	chrome.exe	32
PID 1916 wrote to memory of 576	1916	chrome.exe	32
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33
PID 1916 wrote to memory of 1640	1916	chrome.exe	33

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\HK416-bonk.mp4"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2300

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6c69758,0x7fef6c69768,0x7fef6c69778
  2⤵
  PID:1688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1140 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:2
  2⤵
  PID:524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1432 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:8
  2⤵
  PID:576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1540 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:8
  2⤵
  PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2344 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2308 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:1
  2⤵
  PID:2772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1896 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:2
  2⤵
  PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1316 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:1
  2⤵
  PID:2868
- C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  PID:896
- - C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13f9f7688,0x13f9f7698,0x13f9f76a8
    3⤵
    PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3996 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:8
  2⤵
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3884 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=724 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:1
  2⤵
  PID:1168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3392 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:8
  2⤵
  PID:1536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1676 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2332 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:1
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 --field-trial-handle=1380,i,10894836122028898432,16410614411234923633,131072 /prefetch:8
  2⤵
  PID:2436

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2120

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1881ce62fbf80f7c321bbc7ee1e784c5

SHA1
801115596d05b9c6e49b97d704cf8550f30130e1

SHA256
3eaae7bf11104da105f500edc80d49ba6143998644ebadf4ec3bae5e9c54f41e

SHA512
5e72d98e1dc3965d5dd8cc5ff83aa0bd2f7e2b2aa25a2367f760af7bb117c4519af8edbf16b3c9b43bdb62035845bb15a007777ca65034b1c4301838f5c1335f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
81ffb562d9577aa8b63d1b32107c8fec

SHA1
471bd79dcacb9d4436289aa2311f9fe4cb1b3db1

SHA256
7b86163e95d8ff34c2534d7ada603e2e7b05510d122fbad3b964bcda58fad0b6

SHA512
e1e07379405be9fe1caa675a8b3190caf0a4bb6b62740c672ae4aa89d42af2f5eab4b45764c26c43eb8c3574a07dd7602d525e21e060529697fbc2c42badecf8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2069ca4c0e3ce3242638cb7e73e160ac

SHA1
de132fa97d7634b10bc30796474c2dc8543e227d

SHA256
8c19b48336f89f1adc7ded313d06c43a714c4ba1c23f3214067d90e546e99d6e

SHA512
ea24b8ffcd6fd40b8ee1f72b62ab55072c7c9005ed5c5578c1359c2897d383271c65b1298456f6229ab29d1bc0927074a4e200f24d2d88c5f6f1fc3f672212e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4c452f05bb421dbcea28840adc6a9046

SHA1
5fb78e8405b5eca53d8e456c1df28a77a0940501

SHA256
97246b9849608e093ad7853bd318741a72395557efe1180cf398404ec4193c08

SHA512
a30f3b8a7736c4db7e3471829e8ed7a3807728686c0e226047a8295adb0e4decc1b1fc0e963623f365846c65ca604b21443b8d59b879e0122e45dceaf84740f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
195KB

MD5
873734b55d4c7d35a177c8318b0caec7

SHA1
469b913b09ea5b55e60098c95120cc9b935ddb28

SHA256
4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

SHA512
24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
21f156da3805bddab8d9f9acf9120290

SHA1
979090e04fb15384014133b6fde0a5c53a4e5813

SHA256
769d0e68e38d250ef13982b7dd8a8b18ca17e4cdddf2fb04ba22cf8bda2a0823

SHA512
287776009a192aee3e8ec2986b9a3e499c4050f761acca81e3f121fae32bc0dcef6c974c19f9bd999d21cf27904065714505581c46ea5321f1d5580cd6adb930

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
50dbb87e65d3f620c2588cfe68d58589

SHA1
c35c5592b63419a5f83143cafaed16df0395ab76

SHA256
45a904e38c92a7d2ad66212cee887aba4bc669a3d9074f23a75b1d2e889ebac5

SHA512
ec3266a7a94cc830add685c8d6692b92d7e39a6d354852ddfa90b43b790957b43da5760e89754b7aab4dfeb3b2061d7726a06b4ef90490abfb85c4e2e2454a46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
38621de4aa3def9378867c01f8ebd424

SHA1
9f0845bd615f899dbe10c06484847b3c14691405

SHA256
d0b04bc222a8eac591fb063c005f69d390d6721515ca9b307333dc8ad7e12566

SHA512
e0324060942806a384cfc1ae6e17316e1c9c23c2e5224f87402d06958d9171139c154ef601221b937021850824be185fa5017599b126f6ed71afe1c23d57267b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
08694ca214ce13e8f60bdb82f3237087

SHA1
2ade874e2a9c255168903ffb33ac6383e9db0fcb

SHA256
f4ebf8bd9a42913a2e0504d6fe93fdbdf9993671f8632ad0f6f713ab2bdae551

SHA512
a5b4e4ba6cf877d1b1a51ccfd96f4f37adbe786f6f2831569e9e59c166682e73906214f196ff20af43da246f998153852c75cd0d154c2bd31087b2ed1c881799

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
04c183de5027100c536e1064c23701a1

SHA1
f335a22f5680879a290137f3b0ec94dfdd7bbd93

SHA256
9d34849dfe3d5b60eabd5c4164afe33c82fd2c00b115b94a2b71b8cb2425ef9d

SHA512
ad9790fbc1d0a8856d7967f36e455b2d4d1bb73d522e0b401af652ae89bff3732c64bd91f75e3139690fb39151b30a1af5442dde3c8fabd0b6b8c899a67de3a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
57768c0bdab22e1a50c499c2e22f392b

SHA1
d779966622f3a795acbb649c2ff78c8a5b55ff1b

SHA256
b144b1003662ff4c08966fbe93f86f98c0a743cd3a690c172181eef85a10579c

SHA512
162d51c6a31e4e591a73dd20f223f4ae5cfcf6dcdfa955ce6f78e90fd439eafd20d3758050af14540d3ad89c2fb44f013f790c2da3250ba5b340185116015738

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
88fbfef073c7f68f9cade45dd758f037

SHA1
72883c9ecc12fc916bb842a83dee7beec0abda12

SHA256
75b632730c01ccf76b4ad9041efdba0d4370478930e06f1bb38dc47188a6cb25

SHA512
bd18b69e56491dc23b472818474184af827e8853fce8b9c5a80a4df22864a9e5273223c45e60f0c98ab9bb47a5f0f873294815a42a177ecb4bc08425cd443203

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab16A.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar312.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini

Filesize
86B

MD5
a9ebd0c26cd197e2d93cadce251bae94

SHA1
25ae14d6120bd7b354fb4b0f9ab4c78b7dbce90f

SHA256
4129d3edb8519ed549da9e9bd7de99dc4154e0edcc597ebe5c1b533237755623

SHA512
55c93bafcb1fd59b8395ea89a277f20a1976c97e4bfdb109211a95e2c6e943ea26b3e679ab64d274ecfa6783ea1898fd167562349cffac4ccf055ed87f6308f5

Download Submit
memory/2300-25-0x000007FEF4DA0000-0x000007FEF5E4B000-memory.dmp

Filesize
16.7MB

Download
memory/2300-24-0x000007FEF5E50000-0x000007FEF6104000-memory.dmp

Filesize
2.7MB

Download
memory/2300-23-0x000007FEF76A0000-0x000007FEF76D4000-memory.dmp

Filesize
208KB

Download
memory/2300-22-0x000000013FCC0000-0x000000013FDB8000-memory.dmp

Filesize
992KB

Download