Malware Analysis Report

2024-11-30 04:56

Sample ID 240229-cwz4yabd89
Target Loader.exe
SHA256 dde02744526968833651a9f70be666ceec221599b03272c9c5fc5d729667dd72
Tags
lumma stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

dde02744526968833651a9f70be666ceec221599b03272c9c5fc5d729667dd72

Threat Level: Known bad

The file Loader.exe was found to be: Known bad.

Malicious Activity Summary

lumma stealer

Lumma Stealer

Unsigned PE

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-29 02:26

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-29 02:26

Reported

2024-02-29 02:29

Platform

win10-20240221-en

Max time kernel

150s

Max time network

158s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Loader.exe"

Signatures

Lumma Stealer

stealer lumma

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133536472095688214" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1903027113-674645041-2759338396-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3408 wrote to memory of 656 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 656 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3408 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Loader.exe

"C:\Users\Admin\AppData\Local\Temp\Loader.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd0,0xd4,0xd8,0xac,0xdc,0x7ff9915a9758,0x7ff9915a9768,0x7ff9915a9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1848 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2956 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2916 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4388 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4868 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4872 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4716 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3756 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3016 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3016 --field-trial-handle=1796,i,13468575503129979028,15797176705579981748,131072 /prefetch:2

C:\Users\Admin\Desktop\Temp-Spoofer-Lifetime-main\Loader.exe

"C:\Users\Admin\Desktop\Temp-Spoofer-Lifetime-main\Loader.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 sideindexfollowragelrew.pw udp
US 8.8.8.8:53 gemcreedarticulateod.shop udp
US 8.8.8.8:53 secretionsuitcasenioise.shop udp
US 104.21.16.152:443 secretionsuitcasenioise.shop tcp
US 8.8.8.8:53 152.16.21.104.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
IE 74.125.193.147:443 www.google.com udp
IE 74.125.193.147:443 www.google.com tcp
US 8.8.8.8:53 94.116.253.172.in-addr.arpa udp
US 8.8.8.8:53 147.193.125.74.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 94.202.85.209.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
IE 74.125.193.95:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 94.203.85.209.in-addr.arpa udp
US 8.8.8.8:53 95.193.125.74.in-addr.arpa udp
US 8.8.8.8:53 claimconcessionrebe.shop udp
US 8.8.8.8:53 liabilityarrangemenyit.shop udp
US 8.8.8.8:53 modestessayevenmilwek.shop udp
US 104.21.78.62:443 modestessayevenmilwek.shop tcp
US 8.8.8.8:53 62.78.21.104.in-addr.arpa udp
US 8.8.8.8:53 triangleseasonbenchwj.shop udp
US 172.67.204.169:443 triangleseasonbenchwj.shop tcp
US 8.8.8.8:53 169.204.67.172.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 216.239.34.117:443 beacons2.gvt2.com tcp
US 216.239.34.117:443 beacons2.gvt2.com udp
US 8.8.8.8:53 163.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 117.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 culturesketchfinanciall.shop udp
US 104.21.53.166:443 culturesketchfinanciall.shop tcp
US 8.8.8.8:53 166.53.21.104.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
IE 74.125.193.102:443 consent.google.com tcp
US 8.8.8.8:53 102.193.125.74.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 185.199.109.133:443 private-user-images.githubusercontent.com tcp
US 8.8.8.8:53 3.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 154.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
IE 74.125.193.95:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.112.22:443 collector.github.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.6:443 api.github.com tcp
US 8.8.8.8:53 22.112.82.140.in-addr.arpa udp
US 8.8.8.8:53 6.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 codeload.github.com udp
DE 140.82.121.9:443 codeload.github.com tcp
US 8.8.8.8:53 9.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 sofahuntingslidedine.shop udp
US 172.67.166.242:443 sofahuntingslidedine.shop tcp
US 8.8.8.8:53 242.166.67.172.in-addr.arpa udp
US 8.8.8.8:53 3.17.178.52.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
IE 74.125.193.101:443 clients2.google.com udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 101.193.125.74.in-addr.arpa udp
US 8.8.8.8:53 sideindexfollowragelrew.pw udp
US 8.8.8.8:53 gemcreedarticulateod.shop udp
US 104.21.16.152:443 tcp

Files

memory/4988-0-0x0000000000290000-0x0000000000327000-memory.dmp

memory/4988-5-0x00000000008A0000-0x00000000008A1000-memory.dmp

memory/4988-6-0x00000000008A0000-0x00000000008A1000-memory.dmp

memory/4988-7-0x00000000008A0000-0x00000000008A1000-memory.dmp

memory/4988-8-0x00000000008A0000-0x00000000008A1000-memory.dmp

memory/4988-9-0x00000000008A0000-0x00000000008A1000-memory.dmp

memory/4988-10-0x00000000008A0000-0x00000000008A1000-memory.dmp

\??\pipe\crashpad_3408_RWLJQLJJWKJEPQZK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

memory/4988-31-0x00000000008A0000-0x00000000008A1000-memory.dmp

memory/4988-32-0x00000000008A0000-0x00000000008A1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5b2cc5e88ea8b3417f77980bc9e36f7e
SHA1 13af52638e0063c6e7b59d3228ed34ab6f8902dd
SHA256 df87132be2a63598bfdc310cf714a681dfac612a1f7f13687e58b2c0d7e633c5
SHA512 05fc1c933b4b4ad8244912ee60e290302919d735b6589c7a937fd11ebac23fbd98cf7cdf6649ecb1a61750d97e9896ec2b5bfb94cbb98197624a2b3cc7c9034c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2f300ea34b44da7e63eebf056884c2b
SHA1 ba1b220ec991e2abff6f172a01ab359821dc9683
SHA256 35f08e341a0523ada519627622212ef98e15d748f5c097f98fd8e365b97d286c
SHA512 fd49ded6d6cc2f57e1f720cea13fa3e3f976ac7b4c5cf8fc5e2fda631879fe77887adc96c52e1086e6adbd74c7aa59bc5432f2d72dcb756d31fff5b701a99fa6

memory/4988-44-0x00000000008A0000-0x00000000008A1000-memory.dmp

memory/4988-43-0x00000000008A0000-0x00000000008A1000-memory.dmp

memory/4988-45-0x00000000008A0000-0x00000000008A1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6062bdaf021968fa1c7281fdd21803c2
SHA1 d1867705089c34605a4393b05c4191c8700cf771
SHA256 8b9b57f5605a038f6c6702441e76c09e91907d17e4beaf497ee988dc27cffd7c
SHA512 dc893f1e80a6c4450857d58e5773d653221118d3e55d645be5e0579c60a314bc6a204aa40779ff1c70a1ec0609c9983a37ede310124ba0e6c322721c7fc809b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 89d79dbf26a3c2e22ddd95766fe3173d
SHA1 f38fd066eef4cf4e72a934548eafb5f6abb00b53
SHA256 367ef9ec8dc07f84fed51cac5c75dc1ac87688bbf8f5da8e17655e7917bd7b69
SHA512 ab7ce168e6f59e2250b82ec62857c2f2b08e5a548de85ac82177ac550729287ead40382a7c8a92fbce7f53b106d199b1c8adbb770e47287fc70ea0ea858faba6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b945d630c95cc60abfc7b99d482b62e
SHA1 e5b16913f029d184a127279f1531b7273723ef5c
SHA256 42eeacb33b859ecd30cf24c77efb601654077c2845137694b9b1c449a5e8a9d9
SHA512 524c82d90357764155254b51c11604da3a0c9f17274e37085cb97f871d3f4ec567e8dd9516fc32b0960884b8a5e90a5083942723c72ca9ae534d9ad15f716b52

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fd40674c0c32e3542290eee5c7d55c6f
SHA1 250fdf484dd5fdf5ee72dacd80de827725414256
SHA256 4f788bbb5dcd6a75b2278dbad4e684d051f8b4c3654eff6f41cbb0724f4a1640
SHA512 89ef5bc43378e148fff3b64fc8dbbd86baa943ab031b9b7029918e6ba39e52be61785fe2a3e742cc3e9b88e77d5c8f080c062e77d2e407ff4b10794df40af9bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0940552558d9663e8acc3ab27745f0b3
SHA1 e1387b955db0dba3cc53033299c734a12c0b66ed
SHA256 c0e171f02c81d1fac41f93e7cc2ce5ceb663f9efc93e626459276574b00737bf
SHA512 01444bb88dd86c57edbd45210e54e22960fc715e4d313dcb250188a648ae230e060e8d9fbdf94a8a556bb7b25d88de6580a1e18e56e5866d73e11e3ce54e998f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\c1592e30-7706-4b10-b9a5-755d231a83f1.tmp

MD5 3c3549c9b71c2de855c5dc6c52c1576d
SHA1 3c9cca22ee8abe0e21ec0d7e4e8d4e86a5a67b6a
SHA256 b43c0710d575609c849a999d5362255245f9e363b75c00f7b9f1158a56af9d56
SHA512 22a5698924a2bbfed67094374c145118ec0f25c185b37026bf06f66a87ae28168ede67e79d209ef18d37295cdb22fa13ac53fc9d070d0b6ca8598634fa0cfc7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4131bbe2c1557309315ae9137e47386e
SHA1 018a7b61a0508bfc9a53c8cbe859b4e73efc9cd8
SHA256 eac58155f6e24e586169931d9986cc8a310bc51de4c47e3ecc1536265853e27e
SHA512 8f5ef1fe95c7cad0dcb42c173871339a336fd98a8f785f1d8c1ca5e2bf9ea653038cbfbaa1daf37129447941ecce493fe0cb74a63851f50949c747b7b9f39aeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c74135f98f65fcf48ef4a4e2d8e9a409
SHA1 56df26814046b1b3c59bdffac23d4249e5496f64
SHA256 c615dc6c7676a9b203f3b406f5e5cef94903ddaa6e99e3008da2d78c98b856a1
SHA512 6e4f5dccd4c7161d0ae451b6a970dabf6982486f55314ac15296f4b944554ba0cb74ea82eb1e6187131e0a9b5730be94ab826583f2584c6267938bf4f0ed5687

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 84ece8a057c205f1772357135867f6f1
SHA1 ecae8b01b17ef5185c7c6adadf5d93657c8cd422
SHA256 9f83746530bc7ac55e79ac8a52850883509d09aebc6cb206aec675a4bc01fb20
SHA512 501d2137453ca79f85c65d2b58ff0bd8e634833bc5e694546e9243144b48d88cc42830e8efd28167fd80d224142f2c77a1c131bdc24b4c0db06ede5f5f5c0baf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4ba750dc6926670fdc5b9ec475d6e89e
SHA1 d5d84264ba544e491a3441c83b904bd20ce8fb0c
SHA256 65952a97eccfd93ae9a5a990ad09e406ebcd0927e5d52b4cff9b6c232a381f98
SHA512 173acf34fa54cfc9891977a87819cb0c8b223b40e470c2b9e737989f94ac0adc568a468d4d9a081a7f0139c3d4141c7f0505c05a6d1dde276e1d7f1bcdac6e36

C:\Users\Admin\Downloads\Temp-Spoofer-Lifetime-main.zip.crdownload

MD5 ee2407cadf7d970e8f828cd0b2a154a5
SHA1 1991a745497dcfb99182e9acd11ab97442bcb150
SHA256 b20b682bccf264fb5cafa0f9379f597e5786aecdd17a7064f5ed4f4cd7a10924
SHA512 e8216793506b316835b9cf4d261c8b0ae55a216408d255360fa2909e849eefe2d700f2c5a4f281b514b2d8f353708490881d4799d8887c3093e4096bd0c672e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a53dfb0fb3bcccd7bfb270a217506401
SHA1 225da1829280d159c703e778b59809ec9457b52b
SHA256 10896c8a0df361c559f2a1bb398860046ece20aeb30c0ca8a25b81d70a794ebe
SHA512 d7ca1224e0f2fce32df94af543d51b1a425fb6c4656151a4a81f2602de72a195f990e91fce38341f93dc5bd35fca26e8ac6b0042f34e612a7185d820d50f79f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b04a966de65afcd16f3cfa43ed04a877
SHA1 9ba02ab40ea09463ce42b1ba7b6cc23ce9eb7c59
SHA256 9e80bdf6e259fbf30e99059b3e6d70436b9b5dcced9ec302d101de0c14fa4c15
SHA512 ccd8b48a3e5a93d752ae852607ca35a205c1fb9b1d307a4f3e9adae7e994f3ca113db95f39ad5f82c5606b16b10f6fb8ae3e21b110755f20db020116594928a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16b7a7890e00e38a906834895c6958ab
SHA1 b768ff4a1d76dc18f4f051d765caa6642e79c6ad
SHA256 080e43d310e4f9d8328ade5729bc88a4b53066b3f0a9dcdc84cfca3e41a58f94
SHA512 1a1a929134da1ecf908df2df9d7a698ccbb585969c1d80c4d119c8dabad226b7c73b3bf07a2c7a2366196fbe8ee6da7ab4c556fe19d75a5f2ecab52a0ccd34d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 286ea460a2b3a7a46f9c3c36b83daf65
SHA1 96ca5b93a0b6a00b6fc14a7ed624a53f29c2d005
SHA256 0e8e14ddc714884a86bdc568f68a7d6d0b721b60f8e6201ef2d6ba31f10c5ebe
SHA512 a96501cb2c355e658187003e235a1c8bd7f46dfcf33e037e9a0e7336a916c9a24bca823fc409bd43e2648667c97b8a1527a971795f342bf53428a3526f645ff7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe598795.TMP

MD5 ea98dcb2f6326e3fa09fa0edba694eb6
SHA1 01306487d74326a85cc6f8e929ca24e7c60af946
SHA256 fd1fee9055c8fb40282822266e702a1334c143235ef0a60aedac0b91c03a7a43
SHA512 5c2b1c5589eaba8f1130f3e62213b6fb95c346fe91036e5263c7eff3f6ac86f40ae575453ca7f815a670cd17ea32aab25c91c936e855233f04ef6a0b3cf25377

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 895ca8f856d914ed993cd49fcceff6a7
SHA1 d0f1faebb74d72ba9c083497816f3e49faed4ed0
SHA256 6d8237ce3e94b796793d6f2adc305d41889c4dfe4263126ea6d2c9ecf5c83fba
SHA512 64f3ceb46b019096300336fe3637c156b72382fd3a848b0d1044aa990e5dd14b9a8f167194abc252c98264c14c34f07072b947476136e8f63d2aee6833f95781

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 71a574e243507da5f03f43e2e4682a39
SHA1 ed08a3fc48a033131cfe43540cf16c3a55de85f3
SHA256 6ca036b6b70f079096e89c1af67d52f0b832497a974b9ae61fc8e4b7322989fe
SHA512 f9303fabfa927ef8ddb786b3f3e28f555fbf34928871d043c43a221ee4ece125a542a98252ec1e5b3d4705a43606e37cd6006b20d9c3cce3ca6fa765146be1da

memory/2992-434-0x0000000001040000-0x00000000010D7000-memory.dmp

memory/2992-439-0x0000000001020000-0x0000000001021000-memory.dmp

memory/2992-441-0x0000000001020000-0x0000000001021000-memory.dmp

memory/2992-440-0x0000000001020000-0x0000000001021000-memory.dmp

memory/2992-443-0x0000000001020000-0x0000000001021000-memory.dmp

memory/2992-442-0x0000000001020000-0x0000000001021000-memory.dmp

memory/2992-444-0x0000000001020000-0x0000000001021000-memory.dmp