hxxps://berachainevent[.]com/

Analysis

max time kernel
108s
max time network
109s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/03/2024, 07:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://berachainevent.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133559120029182097"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1497073144-2389943819-3385106915-1000\{6924549A-7416-4DF4-94BD-3810C851DDE9}	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2320	chrome.exe
2320	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2320 wrote to memory of 4700	2320	chrome.exe	85
PID 2320 wrote to memory of 4700	2320	chrome.exe	85
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1492	2320	chrome.exe	87
PID 2320 wrote to memory of 1748	2320	chrome.exe	88
PID 2320 wrote to memory of 1748	2320	chrome.exe	88
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89
PID 2320 wrote to memory of 4704	2320	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://berachainevent.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb48a09758,0x7ffb48a09768,0x7ffb48a09778
  2⤵
  PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:2
  2⤵
  PID:1492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:8
  2⤵
  PID:1748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2200 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:8
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2908 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:2584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2916 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4952 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:1016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5412 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:8
  2⤵
  PID:732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5524 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:8
  2⤵
  PID:3992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5520 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5016 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5564 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5736 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5904 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:4304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5876 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6284 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:8
  2⤵
  PID:2928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6296 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6016 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:8
  2⤵
  PID:3040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5668 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5872 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3380 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6464 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6092 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5972 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6420 --field-trial-handle=1864,i,7750495900890109268,869893778778246019,131072 /prefetch:8
  2⤵
  PID:2504

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
3ef93fde3dde385a0dbb738eb34c7375

SHA1
42d4a485a6358c5298e9036a73614091c6f8339d

SHA256
22969ea220edc13c53b248b22c9c7cee2d5ca17ae819e44f55c1595e7ccf3a17

SHA512
5da744d9ef2b3f7718237816f552eaa85a754f0efecfcb741ae48337b3b40d9de61212538b0745d9482ab7d7705737523d045cd08b7c3435baef35a86de5f0eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ec95c576f58632a18e3910d8344c2987

SHA1
7d703ea6a0a4fa475ee270a53d50c0088744d149

SHA256
732303c17c8a7383d8fa9ab86b3d4384c12a3e9b1e39be80bb155770f08da784

SHA512
d8ea376cdb2cfd62504429e52e3725b75cb9e1a961732087b771a068cc642206610ad2d435dafbbf3de03278f15d835e6614a649326951d2d50214a828fe92c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_artio.faucet.berachain.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_artio.faucet.berachain.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
edc6ec341d925cd3f43818277185f289

SHA1
48bf861d6c5ab7147cb72e9f237a3b5a53a2921f

SHA256
52be3a0d5f830d6b6355a90d81c21d9b88779dcc565e4a5c8c30e295bb445b75

SHA512
cf6aae210e76f9d55322bb562dbe4c1ca1037ec2ccbd972b4cc778b73b6b53ae9a0a53192e3b0b8b47776537617499534d490dda8a9c335537e3c599b2fe3db3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f66794d89deb378a960d82825047dc94

SHA1
affa475e0e621540995c2dcf63c3d428ac75e154

SHA256
4df026438579917b486e7f7a17b98965877ea1ef6f68458655bfd713fea363e1

SHA512
f13e0feed206ae2e176455ca85e09e84c8a182e748f6135016ae0974ffa3dde8bbf55f4045e55436a3ffb63f5886bae357c25f9a1ad90670593bb35c5566d3e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
9830e0cf90aeaf182ec9575672e1d6f3

SHA1
0c1ac3ce0a89b147796033310782ea9b66b06455

SHA256
d4130286d01f701750e82d4aa0274de0114a84758a081c45d0c5c629ee692315

SHA512
dac069af273a7482b3fc6dcb47fd48126f66ace1426df797f6f035e6919e021c6dd6f8e53de907f3d9d41ca27ed9c62a9d7f46b4595db7f10c6d30865c637f6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3dd07451606113335eed4c7d1d189fe6

SHA1
419c6773e4a3d5d11b91a79f750a2dfe48dc7fca

SHA256
39bc480af97b84dc4f958bb744d9bd6c159a1a0e8888ce1b2c1cc5ddc56b628b

SHA512
a6628399c5410c73d88bf170eeb61647841cdd2c6a37c34756aba81c4bbe5e01261063c6d337063e59b10d718a46c886c7d44c7c3f6caa1b886b4b7853d2a6e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
6862aac45e29df2b0f433acf90a8e350

SHA1
c03319765e2a5e1b3caa0229400585c5a05cd543

SHA256
967e79eea735d1f61d870c044c5dddcc9706f446fd555e336ae5fd2e5c4d6477

SHA512
77636c27f8cc701f705bcff50f24a3a0560873069c1e410a50379ea06722bfbf744aff7364e10686a7c259eaf4f00af36d7673645d3a912f0408536e8d9a0dd6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9534ba4e6df2d39ba0dd5773dc8ee213

SHA1
f2c52c1d2777414bd7225f2efa7061a9d9be65b2

SHA256
bd44898d07db6c2880b6e353f8aa9fed2e11d310a21abde3cc23db561d793fc9

SHA512
35c287916aa748879f12c6e7bad02bbc367736b660a9638d0f1cbfdabcf3378cda1b052f3684e930a195af64581ec02ca5919c30c40c66afbf0f5bb9893d412a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
01728804cb28407101a064850cedf262

SHA1
0703d0d541c093440a154921d0b82807d4717390

SHA256
8ac4560aa6a9882013df8ef8e19cd30ff32a2fb38504d6e8ef60b5ba79af866c

SHA512
55f1a29def9116b244523b42d6f282cd58ad76a79c7ca8209c9f77a61711046a8736c6b9469e663619c190f8d0594a7a546baf9e0a4e5ff17a588ff0bcd2f8db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
aa780b1248a2e546ef541ce86cdf9202

SHA1
42a0e6b56ba98d43c2e3aedb303a53319e94ffe2

SHA256
5b5ab7f39755d5540200a305cc8cac10dc6a06796884692d003b2bb9f052306b

SHA512
66a18b84650bdd574e52cfe28ed4c301ef154f6f84ee44b5973df62673c71161e5e34fa31f5a2efa262d84946311fd323a47744793789af13e8a3856e74c3de7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
30e2ebb6a329985e4811ff5dfd2f169b

SHA1
67e77a706a3372b64327fb67e7bf6d2c8e7cd35d

SHA256
ab8dc2fb1467aa2232f9790f997a245adca40936dcd7e972858a8abb89d8e154

SHA512
0b51a7037b8162285209bdfa51ab5ae7241ccf2c6d31b3fa638ea18a59551188f21b88a3bf3bc0f4c0fcb81230c9758dc142300cc2d7cfb39913ac6e7629fb32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
908630bf8765d5ddf6e6e50b6a29e948

SHA1
9c032bc5321c5179a442df8763517f0675751169

SHA256
164c521cc84379b4d278ad4607f387fdae4f850a3a793cc0e8ff7540017d7f49

SHA512
2e22ac67e112440c86444c752056ea29908dfb9cafce54669e98ce41cc927d20aff37e50c5865bb0cee2c1601fef0a87e7af59ec47bee6e9f121c55aa1766d16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
2b5eb62391d8411324c8645aeb09a7c3

SHA1
93f18b67b5c13a401ec6789ac78cc4228c5df530

SHA256
deccc1d83eb7694d2e8d9913728fd5ce18f61d1bd36e1e7d019f81035d8ac2d2

SHA512
9e6cb189669e95a5b5189229df7bc15fe49efdf8d6acc08807e7cdb667bfac37831c96dbe50f1df28776b5a11837fbaf735bc7fc52056b81bf82d3597416f63f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57aa4a.TMP

Filesize
120B

MD5
46d921dc5b75cef55d6010b971aad5bb

SHA1
81a967044a859d7b360b4e0b61e5e941f2efba81

SHA256
c858f0ed70fad9ae150eec4453208651c8b40241eb2deb5cfa14eb7448d43151

SHA512
daae2331a3877e89361dd57a430fb5c6cc4a351a59a827a5e9e8291d4cf5d6c4a5f3063ed0f71dfa68acda57fc315a7ba0e8db80456223b24095b3585bbd2f5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
ead97e640e81285e2ff976a1cad7c801

SHA1
75c2a60a524ded58d0428a34d5198792f5a4734b

SHA256
a9f60245b12b927059f1d754d879a88cb28ea86900d865909c8da54afc468636

SHA512
e1c78df169b2378c08252f3d40a8f0ae5393d19e7e8158a3f6a0d1ec12b1133f2e6ec6a171ba9d7f2afc65f75cc19a0d306e1af59184a81daa539459defbe238

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
85115dd20b4a77e9d2895ac593c772c8

SHA1
27be7645b370d3c11785bdb8ff8220f6299b841b

SHA256
f31cce415b7b31165cc2e357adcc3b2bc77046a55191a22124b8092d8f7a6746

SHA512
050ddc818d20c995dbc4f837370b6b53d83a7d6fb60dabb5428cae5ef3819f193e19cf9d11287cf86d1a2d6e56461c48ade5d87af56a12e22a877cf8654cf8bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
47a165f4db1bd6db4e5dee13977840fd

SHA1
7238592842b55e41162aab84635a21a719d581f2

SHA256
47d4f03d48458a12878058aef8f5624c786976f1b53bea9ab45a313efd508397

SHA512
a31c42c95bee7647c90c5273c3a6bcdb1aa29441ab8bf7bd55bb0a8522b3ad98ab2532c02c3c71bf982986d4328d4f5a799e223b4fc876e9896b5690cf743450

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
01b7e21ca579ae077c5797abc47ab350

SHA1
c3ac470af3a35cb3a82ab801b397b14040f48ed6

SHA256
fec6d40206c7a929dc417164d313fcdd3458984c2c0e0649a567841b7265da63

SHA512
f7dc589ee313d2a697d7d088461e15df3b5dc3f468b4098d6ff8eb52d4feacef640ae248d56ba14ec6fd7394764c86f62c2df7d687bc40b768fc1582389b1991

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
111KB

MD5
48e8f195844c1c50ebe7692a0c198c97

SHA1
a3a86f50be444f804c1beb77319f7d29d495bb70

SHA256
38a9f9ce61e4ade3c440c38e486e4f48c631dd65f1df4e98dbe41de9926f8a5a

SHA512
7c86c16567d12e01a08ea6227ec086fe7536bc050344926d4bd95607156d8715e3110193d753a46a73affa8b0351fe9927dea76c8189529da49e2db29154b6ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57e00f.TMP

Filesize
104KB

MD5
e46fead08f63c2c299806831072e982c

SHA1
7010000423bfa4a20fdea9c3fd75ae6f735f0d8a

SHA256
340ed0a9a1a3c30ab94582d8ee26d34a3c6f1d48a58b605a96deb8b32f321c4b

SHA512
37c40d14dbf081f9df549cec296575e4986b1132a085a3efcdad09577807535d8fa9f40753306f589ae84e0678fa2fb411a33ebed4e3fe33cc776391bbd603ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit