Overview
overview
7Static
static
1Ragib's We...ct.zip
windows10-2004-x64
1Ragib's We...t.html
windows10-2004-x64
1Ragib's We...UT.txt
windows10-2004-x64
1Ragib's We...me.css
windows10-2004-x64
7Ragib's We...in.css
windows10-2004-x64
7Ragib's We...me.otf
windows10-2004-x64
7Ragib's We...nt.eot
windows10-2004-x64
3Ragib's We...nt.xml
windows10-2004-x64
1Ragib's We...nt.ttf
windows10-2004-x64
7Ragib's We...t.woff
windows10-2004-x64
3Ragib's We....woff2
windows10-2004-x64
3Ragib's We...d.less
windows10-2004-x64
3Ragib's We...d.less
windows10-2004-x64
1Ragib's We...e.less
windows10-2004-x64
3Ragib's We...h.less
windows10-2004-x64
3Ragib's We...e.less
windows10-2004-x64
3Ragib's We...s.less
windows10-2004-x64
3Ragib's We...r.less
windows10-2004-x64
3Ragib's We...t.less
windows10-2004-x64
3Ragib's We...s.less
windows10-2004-x64
3Ragib's We...h.less
windows10-2004-x64
3Ragib's We...d.less
windows10-2004-x64
3Ragib's We...r.less
windows10-2004-x64
3Ragib's We...s.less
windows10-2004-x64
3Ragib's We...d.scss
windows10-2004-x64
3Ragib's We...h.scss
windows10-2004-x64
3Ragib's We...r.scss
windows10-2004-x64
3Ragib's We...s.scss
windows10-2004-x64
3Ragib's We...d.scss
windows10-2004-x64
3Ragib's We...d.scss
windows10-2004-x64
3Ragib's We...e.scss
windows10-2004-x64
3Ragib's We...x.html
windows10-2004-x64
1Analysis
-
max time kernel
299s -
max time network
304s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
08-03-2024 19:25
Static task
static1
Behavioral task
behavioral1
Sample
Ragib's Website Project.zip
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral2
Sample
Ragib's Website Project/about.html
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Ragib's Website Project/font-awesome-4.7.0/HELP-US-OUT.txt
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral4
Sample
Ragib's Website Project/font-awesome-4.7.0/css/font-awesome.css
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Ragib's Website Project/font-awesome-4.7.0/css/font-awesome.min.css
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral6
Sample
Ragib's Website Project/font-awesome-4.7.0/fonts/FontAwesome.otf
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Ragib's Website Project/font-awesome-4.7.0/fonts/fontawesome-webfont.eot
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral8
Sample
Ragib's Website Project/font-awesome-4.7.0/fonts/fontawesome-webfont.xml
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Ragib's Website Project/font-awesome-4.7.0/fonts/fontawesome-webfont.ttf
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral10
Sample
Ragib's Website Project/font-awesome-4.7.0/fonts/fontawesome-webfont.woff
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Ragib's Website Project/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral12
Sample
Ragib's Website Project/font-awesome-4.7.0/less/animated.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Ragib's Website Project/font-awesome-4.7.0/less/bordered-pulled.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral14
Sample
Ragib's Website Project/font-awesome-4.7.0/less/core.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Ragib's Website Project/font-awesome-4.7.0/less/fixed-width.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral16
Sample
Ragib's Website Project/font-awesome-4.7.0/less/font-awesome.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Ragib's Website Project/font-awesome-4.7.0/less/icons.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral18
Sample
Ragib's Website Project/font-awesome-4.7.0/less/larger.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Ragib's Website Project/font-awesome-4.7.0/less/list.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral20
Sample
Ragib's Website Project/font-awesome-4.7.0/less/mixins.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Ragib's Website Project/font-awesome-4.7.0/less/path.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral22
Sample
Ragib's Website Project/font-awesome-4.7.0/less/rotated-flipped.less
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Ragib's Website Project/font-awesome-4.7.0/less/screen-reader.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral24
Sample
Ragib's Website Project/font-awesome-4.7.0/less/variables.less
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Ragib's Website Project/font-awesome-4.7.0/scss/_bordered-pulled.scss
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral26
Sample
Ragib's Website Project/font-awesome-4.7.0/scss/_fixed-width.scss
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Ragib's Website Project/font-awesome-4.7.0/scss/_larger.scss
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral28
Sample
Ragib's Website Project/font-awesome-4.7.0/scss/_mixins.scss
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Ragib's Website Project/font-awesome-4.7.0/scss/_rotated-flipped.scss
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral30
Sample
Ragib's Website Project/font-awesome-4.7.0/scss/_stacked.scss
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Ragib's Website Project/font-awesome-4.7.0/scss/font-awesome.scss
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral32
Sample
Ragib's Website Project/index.html
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
Ragib's Website Project/about.html
-
Size
2KB
-
MD5
55fa7d385a88662c11ae4374bd323a93
-
SHA1
e7eea59c7f443824610b31c08ae4cf336e0b37f3
-
SHA256
32ec65cdf2b5859d6a20406dabb4c8a15ed0707d02927e048ef41c18e7fde999
-
SHA512
a6f9fdfe82ba93fd199ccc2d42ba707ae09979e1b93099cbe5b2e6d936491f547dbad8bb4542c07d1b6d3e909d2a0c89e2c9bb07bd90701b1f2a5fa361974e8b
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133543995875497430" chrome.exe Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 1336 chrome.exe 1336 chrome.exe 2672 chrome.exe 2672 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 1336 chrome.exe 1336 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe Token: SeShutdownPrivilege 1336 chrome.exe Token: SeCreatePagefilePrivilege 1336 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe 1336 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1336 wrote to memory of 744 1336 chrome.exe 87 PID 1336 wrote to memory of 744 1336 chrome.exe 87 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 1136 1336 chrome.exe 89 PID 1336 wrote to memory of 3236 1336 chrome.exe 90 PID 1336 wrote to memory of 3236 1336 chrome.exe 90 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91 PID 1336 wrote to memory of 2644 1336 chrome.exe 91
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\Ragib's Website Project\about.html1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1336 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff09cd9758,0x7fff09cd9768,0x7fff09cd97782⤵PID:744
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:22⤵PID:1136
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:82⤵PID:3236
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:82⤵PID:2644
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3052 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:12⤵PID:368
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:12⤵PID:2324
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:82⤵PID:4760
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:82⤵PID:3704
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2516 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:2672
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:3296
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD545d48333f7a1e2e877c81b9dad9388d3
SHA126e4854a6af991a791f68583dbdd30e5e863d4cd
SHA2564be41909ae7c90a0cdcefa642fe12637129d295ca2581e6a09fff1ebcc6d2bf2
SHA5128db2a2181766042e647c6ee89ff9d8e267f36095b9cbfb1a3a8b9b662a92ebc14b6e8890c055ec63a97f250b7c6c2ee711b9da9fdf114d5f6490342cc1edfbf1
-
Filesize
1KB
MD5a1149e374fb9d1eed2e760d6e5c9e0d0
SHA19b7cbcae0a97d65729e295d2b5bd16d5a4b6a8f4
SHA256f99770d611f6e15e4447b681e303c3c885ce53d7b739791b9b47f9f2ae09b887
SHA51234d89f9d4ffa6c2b98c1911ac1ac6ca13203c04dc92dd907b576688e8367527c2de5eff5714830a6f7dfe90aa7c71ea7ceb016ba75f443f1a860b2d3e290247a
-
Filesize
536B
MD532f99aeb12deeababf739976af2d1d2f
SHA11e5d249340c529c68b533f1c231519be5f7135f9
SHA256c4497eb3ed29f394959cc99ac1ac23e52bf5f0cfb7d7bd92cad29a0adb4c29d7
SHA512f2fa0e118ddfdae0596d28a21d709b9251c7f48965eae2e4ec43b9516049a6234daf02a5d1c48dc792f2790eb6adcb91f6dcd121628ee296e550bdc17dd2a145
-
Filesize
6KB
MD57b3519ecee210650fe4f51797ab58c72
SHA129179ad186ab99fc51fc4f3d563c5738c0496299
SHA256ba9ce8255e28ea466ab0f18d9041f5f3d2c491a250dd2ac25170c185d7cce326
SHA512a84c2ac8d3f0f1cc2d92e46add2a676693d5573e4fc37cfff152f34ca73f38b3b7e8d430e22b86dc9df068fd043ddaec75fdbd52ff0e928f024be7d51afdf839
-
Filesize
6KB
MD5ac23e4c320c108620b855f0cdbf18e79
SHA14786d7f47b2e3707b739863d88fea40671a3a08e
SHA256234f603f25e79e404f858187bb74f60e422e2e5b74f639cc84875995f9854b89
SHA512101807906604d4e6dd4f282cdbd1e6c7627da2887c36ad3233b5ce58a04b449dfd4ec03cc0307ba76e14a6356bd2b330259be4986390cd5a15cd8644e7ef92d8
-
Filesize
128KB
MD5b351901d631d20d8f8a3afae1fa65716
SHA198b7b0f31aa1f189e384197132c3c2faf062cc84
SHA256969d48e9c2a9bbf9f0914b8d6a931ff5574b6dcd7afbfd9f5ef5611c79523d76
SHA5121aee5c626bdede8d1d78363a5a881d6aa58b9925dc5227e858a1d8132fb799795bc32707a6980b3911778fd4e98f5fbf48824c1e3e429cc0342ffc1acb614a3c
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd