Overview
overview
1Static
static
1OEBPS/Text...1.html
windows10-2004-x64
1OEBPS/Text...2.html
windows10-2004-x64
1OEBPS/Text...3.html
windows10-2004-x64
1OEBPS/Text...4.html
windows10-2004-x64
1OEBPS/Text...l.html
windows10-2004-x64
1OEBPS/Text...e.html
windows10-2004-x64
1OEBPS/Text...t.html
windows10-2004-x64
1OEBPS/Text/3-TOC.html
windows10-2004-x64
1OEBPS/Text...e.html
windows10-2004-x64
1OEBPS/Text...d.html
windows10-2004-x64
1OEBPS/Text...1.html
windows10-2004-x64
1OEBPS/Text...0.html
windows10-2004-x64
1OEBPS/Text...1.html
windows10-2004-x64
1OEBPS/Text...2.html
windows10-2004-x64
1OEBPS/Text...3.html
windows10-2004-x64
1OEBPS/Text...4.html
windows10-2004-x64
1OEBPS/Text...5.html
windows10-2004-x64
1OEBPS/Text...6.html
windows10-2004-x64
1OEBPS/Text...2.html
windows10-2004-x64
1OEBPS/Text...3.html
windows10-2004-x64
1OEBPS/Text...4.html
windows10-2004-x64
1OEBPS/Text...5.html
windows10-2004-x64
1OEBPS/Text...6.html
windows10-2004-x64
1OEBPS/Text...7.html
windows10-2004-x64
1OEBPS/Text...8.html
windows10-2004-x64
1OEBPS/Text...9.html
windows10-2004-x64
1OEBPS/Text...t.html
windows10-2004-x64
1OEBPS/Text...s.html
windows10-2004-x64
1OEBPS/Text...1.html
windows10-2004-x64
1OEBPS/Text...t.html
windows10-2004-x64
1OEBPS/Text...t.html
windows10-2004-x64
1OEBPS/Text/cover.html
windows10-2004-x64
1Analysis
-
max time kernel
1800s -
max time network
1697s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-es -
resource tags
arch:x64arch:x86image:win10v2004-20240226-eslocale:es-esos:windows10-2004-x64systemwindows -
submitted
08-03-2024 19:11
Static task
static1
Behavioral task
behavioral1
Sample
OEBPS/Text/1-Cover-1.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral2
Sample
OEBPS/Text/1-Cover-2.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral3
Sample
OEBPS/Text/1-Cover-3.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral4
Sample
OEBPS/Text/1-Cover-4.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral5
Sample
OEBPS/Text/10-HH-Legal.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral6
Sample
OEBPS/Text/11-eBook-license.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral7
Sample
OEBPS/Text/2-Backlist.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral8
Sample
OEBPS/Text/3-TOC.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral9
Sample
OEBPS/Text/4-Title-Page.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral10
Sample
OEBPS/Text/5-Primarchs-Legend.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral11
Sample
OEBPS/Text/6-Primarchs-Content-1.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral12
Sample
OEBPS/Text/6-Primarchs-Content-10.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral13
Sample
OEBPS/Text/6-Primarchs-Content-11.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral14
Sample
OEBPS/Text/6-Primarchs-Content-12.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral15
Sample
OEBPS/Text/6-Primarchs-Content-13.html
Resource
win10v2004-20231215-es
windows10-2004-x64
Behavioral task
behavioral16
Sample
OEBPS/Text/6-Primarchs-Content-14.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral17
Sample
OEBPS/Text/6-Primarchs-Content-15.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral18
Sample
OEBPS/Text/6-Primarchs-Content-16.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral19
Sample
OEBPS/Text/6-Primarchs-Content-2.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral20
Sample
OEBPS/Text/6-Primarchs-Content-3.html
Resource
win10v2004-20231215-es
windows10-2004-x64
Behavioral task
behavioral21
Sample
OEBPS/Text/6-Primarchs-Content-4.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral22
Sample
OEBPS/Text/6-Primarchs-Content-5.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral23
Sample
OEBPS/Text/6-Primarchs-Content-6.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral24
Sample
OEBPS/Text/6-Primarchs-Content-7.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral25
Sample
OEBPS/Text/6-Primarchs-Content-8.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral26
Sample
OEBPS/Text/6-Primarchs-Content-9.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral27
Sample
OEBPS/Text/6-Primarchs-Content.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral28
Sample
OEBPS/Text/7-Josh-Reynolds.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral29
Sample
OEBPS/Text/8-Extract-1.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral30
Sample
OEBPS/Text/8-Extract.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral31
Sample
OEBPS/Text/9-Newsletter-advert.html
Resource
win10v2004-20240226-es
windows10-2004-x64
Behavioral task
behavioral32
Sample
OEBPS/Text/cover.html
Resource
win10v2004-20240226-es
windows10-2004-x64
General
-
Target
OEBPS/Text/6-Primarchs-Content.html
-
Size
20KB
-
MD5
48f0a82fb4255b6c0de8af1f3dc25dc1
-
SHA1
ce8c5374cf06231ea6119110117fa89b0f17e413
-
SHA256
a377c8f546e5b4fb0981a23b2687544e7fe61e1a4bb679e5dbdbbf70a126556b
-
SHA512
b2af4ce1b9a2bbcdc866d79f36d4be868503e22ecf362e7ff9672a364c5b552bbf4ba5e7402a44e6d1f88485af793b2cbf8992071d71396c7af98f0200958b75
-
SSDEEP
384:PT/cJw36R0MM5ZcJ2TE0zj+hPKy6Ej/g14/SqyDGXznAX8QX0M1n:Psw3PfGJ2oCfEj/gcKyzOd
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133544020287700900" chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 4680 chrome.exe 4680 chrome.exe 4944 chrome.exe 4944 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 4680 chrome.exe 4680 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe Token: SeShutdownPrivilege 4680 chrome.exe Token: SeCreatePagefilePrivilege 4680 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe 4680 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4680 wrote to memory of 4976 4680 chrome.exe 89 PID 4680 wrote to memory of 4976 4680 chrome.exe 89 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 1596 4680 chrome.exe 91 PID 4680 wrote to memory of 384 4680 chrome.exe 92 PID 4680 wrote to memory of 384 4680 chrome.exe 92 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93 PID 4680 wrote to memory of 2504 4680 chrome.exe 93
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\OEBPS\Text\6-Primarchs-Content.html1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4680 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbd6d29758,0x7ffbd6d29768,0x7ffbd6d297782⤵PID:4976
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1872,i,14772140973905637926,13978732679055749961,131072 /prefetch:22⤵PID:1596
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1872,i,14772140973905637926,13978732679055749961,131072 /prefetch:82⤵PID:384
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2204 --field-trial-handle=1872,i,14772140973905637926,13978732679055749961,131072 /prefetch:82⤵PID:2504
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=1872,i,14772140973905637926,13978732679055749961,131072 /prefetch:12⤵PID:380
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3156 --field-trial-handle=1872,i,14772140973905637926,13978732679055749961,131072 /prefetch:12⤵PID:1772
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1872,i,14772140973905637926,13978732679055749961,131072 /prefetch:82⤵PID:4252
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 --field-trial-handle=1872,i,14772140973905637926,13978732679055749961,131072 /prefetch:82⤵PID:3564
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2908 --field-trial-handle=1872,i,14772140973905637926,13978732679055749961,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:4944
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:4292
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6KB
MD5832bf8a2458bd60b4582bbfc2c6ed6f9
SHA1bfbf9efe31006594c453f084be95be49228e3231
SHA256e808ce19e26f9a8a9a88835d848794a63cfb348107ca8df79ce383fe42c3695b
SHA5129e862e681aaec6b5f1c9173d31a420f3699aaa87343914b5bac8f49131211b83c7e6df3d9c898656888b0288e7cb9023fdb578a3f06f4896d1d78e01f671a71f
-
Filesize
6KB
MD5a15c1a8d0ae532666bf3d05e08291f0a
SHA15f01c2076c97e6ab2c7b428766bfd34019a66688
SHA25615e48d276a6c93520cac00c9c521f9e9cd66b285702f0da9103652e92bd0c34e
SHA5121efaab1369e29b2b99188450df86e1e413a6035402fa90ab076bce8043631492bbe60b4527ca260c669d3958deeedc76c1707fb18d97d1494d3bbe9b806dbcf2
-
Filesize
128KB
MD5e16e9696b9198312ec36cef960985bf6
SHA19893b0d0e15038fde86f5881227eda80e098a6cb
SHA2560f3bdf186c4a561a2df1f8579d3a46e5fc27bdb7f5946737691f9f1ba5fd287c
SHA51261aaa662c37f874281a13ef204fc31ed4482a4629156dc54e53eaedb57b4c9fd067b9688009ccf942f0711b0d44b97d8ff6b3cb569e88a563154919aabfb3dc0
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd