Overview
overview
1Static
static
1OEBPS/Text...1.html
windows10-2004-x64
1OEBPS/Text...2.html
windows10-2004-x64
1OEBPS/Text...3.html
windows10-2004-x64
1OEBPS/Text...4.html
windows10-2004-x64
1OEBPS/Text...l.html
windows10-2004-x64
1OEBPS/Text...e.html
windows10-2004-x64
1OEBPS/Text...t.html
windows10-2004-x64
1OEBPS/Text/3-TOC.html
windows10-2004-x64
1OEBPS/Text...e.html
windows10-2004-x64
1OEBPS/Text...d.html
windows10-2004-x64
1OEBPS/Text...1.html
windows10-2004-x64
1OEBPS/Text...0.html
windows10-2004-x64
1OEBPS/Text...1.html
windows10-2004-x64
1OEBPS/Text...2.html
windows10-2004-x64
1OEBPS/Text...3.html
windows10-2004-x64
1OEBPS/Text...4.html
windows10-2004-x64
1OEBPS/Text...5.html
windows10-2004-x64
1OEBPS/Text...6.html
windows10-2004-x64
1OEBPS/Text...2.html
windows10-2004-x64
1OEBPS/Text...3.html
windows10-2004-x64
1OEBPS/Text...4.html
windows10-2004-x64
1OEBPS/Text...5.html
windows10-2004-x64
1OEBPS/Text...6.html
windows10-2004-x64
1OEBPS/Text...7.html
windows10-2004-x64
1OEBPS/Text...8.html
windows10-2004-x64
1OEBPS/Text...9.html
windows10-2004-x64
1OEBPS/Text...t.html
windows10-2004-x64
1OEBPS/Text...s.html
windows10-2004-x64
1OEBPS/Text...1.html
windows10-2004-x64
1OEBPS/Text...t.html
windows10-2004-x64
1OEBPS/Text...t.html
windows10-2004-x64
1OEBPS/Text/cover.html
windows10-2004-x64
1Analysis
-
max time kernel
1800s -
max time network
1686s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-es -
resource tags
arch:x64arch:x86image:win10v2004-20240226-eslocale:es-esos:windows10-2004-x64systemwindows -
submitted
08-03-2024 19:11
Static task
static1
Behavioral task
behavioral1
Sample
OEBPS/Text/1-Cover-1.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral2
Sample
OEBPS/Text/1-Cover-2.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral3
Sample
OEBPS/Text/1-Cover-3.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral4
Sample
OEBPS/Text/1-Cover-4.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral5
Sample
OEBPS/Text/10-HH-Legal.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral6
Sample
OEBPS/Text/11-eBook-license.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral7
Sample
OEBPS/Text/2-Backlist.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral8
Sample
OEBPS/Text/3-TOC.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral9
Sample
OEBPS/Text/4-Title-Page.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral10
Sample
OEBPS/Text/5-Primarchs-Legend.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral11
Sample
OEBPS/Text/6-Primarchs-Content-1.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral12
Sample
OEBPS/Text/6-Primarchs-Content-10.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral13
Sample
OEBPS/Text/6-Primarchs-Content-11.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral14
Sample
OEBPS/Text/6-Primarchs-Content-12.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral15
Sample
OEBPS/Text/6-Primarchs-Content-13.html
Resource
win10v2004-20231215-es
windows10-2004-x64
Behavioral task
behavioral16
Sample
OEBPS/Text/6-Primarchs-Content-14.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral17
Sample
OEBPS/Text/6-Primarchs-Content-15.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral18
Sample
OEBPS/Text/6-Primarchs-Content-16.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral19
Sample
OEBPS/Text/6-Primarchs-Content-2.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral20
Sample
OEBPS/Text/6-Primarchs-Content-3.html
Resource
win10v2004-20231215-es
windows10-2004-x64
Behavioral task
behavioral21
Sample
OEBPS/Text/6-Primarchs-Content-4.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral22
Sample
OEBPS/Text/6-Primarchs-Content-5.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral23
Sample
OEBPS/Text/6-Primarchs-Content-6.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral24
Sample
OEBPS/Text/6-Primarchs-Content-7.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral25
Sample
OEBPS/Text/6-Primarchs-Content-8.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral26
Sample
OEBPS/Text/6-Primarchs-Content-9.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral27
Sample
OEBPS/Text/6-Primarchs-Content.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral28
Sample
OEBPS/Text/7-Josh-Reynolds.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral29
Sample
OEBPS/Text/8-Extract-1.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral30
Sample
OEBPS/Text/8-Extract.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral31
Sample
OEBPS/Text/9-Newsletter-advert.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral32
Sample
OEBPS/Text/cover.html
Resource
win10v2004-20240226-es
windows10-2004-x64
General
-
Target
OEBPS/Text/6-Primarchs-Content-7.html
-
Size
26KB
-
MD5
384215dc96b205250d52dbb2c5bc2c4a
-
SHA1
807c8838990aaa6b13504c23750f2dd78cdca832
-
SHA256
26c7aff59653fdc24f0901b0a4f7fe8e4842842fac850875ace1b4e7124b2b3a
-
SHA512
7ca87a4750a77a8fe5a8642a5633b7e6f0a8ef64430b9ac2367f7153433db5ab5f9f3c61eaa05f229bc337875bc7d5b55464c8440f30a1108e4e3bee62ebc67a
-
SSDEEP
384:PTD2wqM9pU5h56+gzoRDCNJz0OZlwwjUb3czqrDUVY4a0H3k+gGgdkEhUPOP:Puw+VzIJz0clwr7cecT/3k+0NUPE
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133544017482030307" chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 4720 chrome.exe 4720 chrome.exe 4732 chrome.exe 4732 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 4720 chrome.exe 4720 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe Token: SeShutdownPrivilege 4720 chrome.exe Token: SeCreatePagefilePrivilege 4720 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe 4720 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4720 wrote to memory of 1072 4720 chrome.exe 88 PID 4720 wrote to memory of 1072 4720 chrome.exe 88 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 2980 4720 chrome.exe 93 PID 4720 wrote to memory of 4716 4720 chrome.exe 94 PID 4720 wrote to memory of 4716 4720 chrome.exe 94 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95 PID 4720 wrote to memory of 2776 4720 chrome.exe 95
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\OEBPS\Text\6-Primarchs-Content-7.html1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4720 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa49e19758,0x7ffa49e19768,0x7ffa49e197782⤵PID:1072
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1836,i,2976087941826413874,1816185997125206553,131072 /prefetch:22⤵PID:2980
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1836,i,2976087941826413874,1816185997125206553,131072 /prefetch:82⤵PID:4716
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2204 --field-trial-handle=1836,i,2976087941826413874,1816185997125206553,131072 /prefetch:82⤵PID:2776
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1836,i,2976087941826413874,1816185997125206553,131072 /prefetch:12⤵PID:2080
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3068 --field-trial-handle=1836,i,2976087941826413874,1816185997125206553,131072 /prefetch:12⤵PID:2340
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4832 --field-trial-handle=1836,i,2976087941826413874,1816185997125206553,131072 /prefetch:82⤵PID:5052
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4940 --field-trial-handle=1836,i,2976087941826413874,1816185997125206553,131072 /prefetch:82⤵PID:3444
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 --field-trial-handle=1836,i,2976087941826413874,1816185997125206553,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:4732
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:4320
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6KB
MD51a645c9501dfb3adeaf113726227a7b5
SHA1e1de15268fb1a4f23797708a48b3194e34fc55a1
SHA25648b43ac9a33fc71169cabec6b7f8567d7bf70a8a37a19dd16ef69c3181bcebef
SHA5122268f1ae4ee861d5df1e97a03f0aaf254e9c771f76766eccd0ea95182a5876f71782ed2f025ae8ab97f56099ba95076fcd8f5d3f90e2bd6b05d7493bdb5ed892
-
Filesize
6KB
MD5da9f74f2958195df788dcff911fccd45
SHA1a035ce0990b95e7b98ad853ca0d66817d6625d51
SHA2569a8015a0a6939362a73101350c63a508e93e8c6f982fdd018214340ac6c54025
SHA5129731c4af778a1198f2a04290ba8a98a54718b85ff88b5412486c50273caf92e5a4be4d17fe84377af393d23632fd054bb62f5c9361fb420b00d4c614fa972dd3
-
Filesize
128KB
MD5fce658c7d53eefa5e0f327a3c1fcc3dd
SHA166206e72c8aedde90783bf2dc8182e7eece6116e
SHA2566fda0b4a81d2371e5b367aff71deeaac08e5623987097c8e80afdf8598b70689
SHA5123a1a683da83a0efcb01ed8cecd16af41ebe9577ab3f1d7e6946d8932f30b21df1b1f3bee66835f54332aeec6ad0593615798083924def2c8247849e5ac73a180
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd