Analysis Overview
Threat Level: Known bad
The file https://steamcommunivy.com/gift/126340239536 was found to be: Known bad.
Malicious Activity Summary
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-05 20:31
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-05 20:31
Reported
2024-04-05 20:36
Platform
win7-20231129-en
Max time kernel
88s
Max time network
265s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcommunivy.com/gift/126340239536
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6e99758,0x7fef6e99768,0x7fef6e99778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1136 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1496 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1592 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2252 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2264 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1460 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3576 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3520 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3428 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=1112 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2580 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=680 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2356 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2372 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4136 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3216 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3544 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3512 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=2732 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=2708 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4104 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4236 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4280 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3428 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=1208 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=2300 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3376 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4036 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=3240 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=3548 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=1048 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4272 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4456 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=4524 --field-trial-handle=1356,i,4033368207557072964,14385381067151850838,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | steamcommunivy.com | udp |
| US | 104.21.83.253:443 | steamcommunivy.com | tcp |
| US | 104.21.83.253:443 | steamcommunivy.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 104.21.83.253:443 | steamcommunivy.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | store.cloudflare.steamstatic.com | udp |
| US | 8.8.8.8:53 | s12.gifyu.com | udp |
| GB | 96.17.178.166:443 | community.akamai.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| FI | 65.108.226.197:443 | s12.gifyu.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | community.cloudflare.steamstatic.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 104.18.42.105:443 | community.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | community.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | community.cloudflare.steamstatic.com | tcp |
| DE | 172.217.16.138:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| DE | 142.250.186.142:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1---sn-aigl6nsr.gvt1.com | udp |
| GB | 74.125.105.134:443 | r1---sn-aigl6nsr.gvt1.com | udp |
| US | 104.21.83.253:443 | steamcommunivy.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 172.217.16.196:443 | www.google.com | tcp |
| DE | 172.217.16.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| DE | 142.250.186.110:443 | apis.google.com | tcp |
| US | 104.21.83.253:443 | steamcommunivy.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| GB | 23.214.143.155:443 | help.steampowered.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 104.21.83.253:443 | steamcommunivy.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 172.217.16.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 104.21.83.253:443 | steamcommunivy.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| DE | 172.217.16.196:443 | www.google.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 104.18.42.105:443 | community.cloudflare.steamstatic.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
\??\pipe\crashpad_2364_FFTFXGUKYUAODLPG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Temp\Tar1154.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1356ba2cd711b4c15ced6cb37c298efc |
| SHA1 | d9eb5971458362e9e268a6d69b984e8583edb621 |
| SHA256 | 485a14ba2ba87217fbb59d1fb1f2733bccd52cec635feb01f244f981ebb1bab5 |
| SHA512 | da99625b4cf7279bd25658f93afd401763cff39f2dd57fec96b132819b6a84453d67048eb1b90abc0ef64d51cd90525d850bef957135a5bc270de2732d002fab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b7cdd6fb2055c8cbe35ee265d976b628 |
| SHA1 | c04cb9da779ff79b69a9af8d407dba73b68b166f |
| SHA256 | 404fcad93d250663a6f335c95bc078891897b608174b62e55eae3a0957b3048c |
| SHA512 | 9378418e1bdb376fb513fd4c59b2b55f562d93c7212a0c9fbfcd58c4de3eaed2d8c8961aaf4742e1bc1b90ff06f68512617ae52e33236e06d38c04764100fe1e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | be04b0caca8ed7cdf38abcb2fb520ffa |
| SHA1 | 2f50f022cca8ef64e3cddee775b5cf6465144e6a |
| SHA256 | 766d7b7a37be11076d62e6cde8446fe21419ebfaf4a22207d46abe4ef8d819ee |
| SHA512 | 6d6e78e30fffda51aaf4c329334b594632e34816280f79fed4b28c01c4582ec1d356c806201b1a38865ad1b472dfbe0b454ece04a902a509c01564efb17bdb9e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4c96283988f7c0a5a25054cfb6844102 |
| SHA1 | 75776824b9a03045fc4d6f41413720f04464a9fb |
| SHA256 | 349e84c2381979dbfd295baf238141e28bffed4749c98d8053d4d89a6ffad5d3 |
| SHA512 | 1b24456daf8a8ebc101e1f624b20abfae27b86860363c860260c5da289b5fa968997577b663d69a43a2b482b00fb4fad14ea892119f8f4ce29e197471d422560 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a26bd879fe16ddcc408aaba150ed8f17 |
| SHA1 | a03f7e8180d43644761277ee29ec3bebd5ad913f |
| SHA256 | 5875dc611c837c6abba334f5503c8b1fb030d985cb189deac11569b6153c7b5c |
| SHA512 | 22125f804b8ff72d9fae78ea514ae19c8127c162a9177af956d4374f5b8d20601dee5fe0af50b5d35af6d385395734b8a0b95da211869c519b6fbb84230d8dda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | cc224701d3988dd5549f5d4adbf10fe4 |
| SHA1 | bf7837f102c82b785f087208d907c86f3de96bb4 |
| SHA256 | ab4b477c15da3d33fd048de6a07bc97f38cb55f647a7cbb9c39ccbe56e18cb21 |
| SHA512 | da48b8a59c7a8434d277f18dff52557066aea503d889b4c06a840e0412afc0732ad8958a95f5d14d92b7cbf503ae0d1a32c5da87027c5df69591e85a973724d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c680656c1adf17be18e1586531448ab2 |
| SHA1 | 2c1b0dad8f5ff06af1d4f19614537145745dc991 |
| SHA256 | b91979c1942955674a52608d8c704202baa242e6db357771579daa6014affea4 |
| SHA512 | 4276512882343d444cdca52db2943e6069fc8f3b3c026b03831e50aeb6d1bcee351803b65290b27bcbdca008a2f1bc78a061bddbebe617b427d3356b5c676937 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a6775626c1c260daf5df3a7f13d1e31b |
| SHA1 | 43c20ca2906a7176d3976dabe77938f30413ef4c |
| SHA256 | 6bf728cca4a3c38c60ebb4508c18b563e47f324fbc63605ddb0a609294489043 |
| SHA512 | aa487d3aa308a100bcb0f73012be322b0efe0be84fcb1baea3905473246186a4bcb96142078718c20730d03ec8e7cb0c347ba37d8b5d817889e8ff57dabe6278 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c6a2921cfb7ec8bb42718501f6d4cb3 |
| SHA1 | adf7dd5192552b5adaad1790760c1d1e675cc338 |
| SHA256 | 6ab84bf5619e5757890594a879dfcd6c37ddb50ed5c1a6c16a3ec2c0e3f00bdd |
| SHA512 | 6d8aeac44be80e22c02825d002d0bc16670612011511aa94484413c99c6b755b8819f70c33c082200630968d77f7e8e76ca4142c9c2e5e3a36766007871ad06f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\afa4e553-8f6c-4457-9687-18dd3e6b43a8.tmp
| MD5 | 95106ec217a923c0e0577e3259cf42ab |
| SHA1 | 3857050e3fde200311ce5f26a250353bbd13d2fc |
| SHA256 | 1efbee746b3d727f80004ac5895b267fb3c3fd7fa7c341d2772256cb643a3fa8 |
| SHA512 | 133a5bd072b3210314671399dfaef28e00609c8775a959901d3761793f377608d19c6f6a37408b27c4e1357db814cee6c0ecf447f58516a774ee226343d740b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | baa592ecb4edb8dcaddb832dc2f83ac8 |
| SHA1 | db098217746db1945f95cf570cb097bf7bc156b4 |
| SHA256 | 2ef7725d8ada0750e4ab7a5c21a1f859d1fafa730bd10c7c9368b6c7abf8ef2d |
| SHA512 | 7cdbbe1c12063de1ec764dca27ad8114fbb4728318e781230135556deb04d26774ff8bec5ac177cb355edbfc7d1b0e17df43696b443e2926533ddefe3bfc2097 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fbe6440c7174f01281363956d576472f |
| SHA1 | a750877d96b513d5f73e1b823be8aae2992c93ba |
| SHA256 | 016d6940ef5b81fee5a012e8c1baf855aadd4f8c9f94440b427f6c8ad37e92b1 |
| SHA512 | 2924b3b92da2d6e9e683fe942402868f1d27c55e1b4c18ebd2c82584ab1bfb0cb734a8127279213d33eac4fb8443f177de0bcd2ed99b79e45527d5d9f03cfd44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a4962eb6740e44f9623a666d8ae47ce1 |
| SHA1 | dcf2cea2aaf9c2b94a31638e2bbab875ab074c0c |
| SHA256 | 64fecfe53731be8838800c9ed54266433638bce9f836563f5dd4df9e68dd9552 |
| SHA512 | 5f19b296ef85c679f9049748f5027b3e25ee1d74b185aadfe15cdd6a4123320587bdbca0a7f3fb5775c77a169ca67098dc0fb1cd16323dfe801875aeb8d25904 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | df181b52f54c783082350b0c93f5dd6d |
| SHA1 | aa1366969862af228cd16e9a2fde894fc7e011a3 |
| SHA256 | 5ff12a04143ca4640c39c8f7472a08abdcbebd40212076df5e12674dc4aae422 |
| SHA512 | 3100e00eda0fa909d629870da72b2e969b3f2d4f1426d434e843c558404e30d0084d6c473ffd8e019d97e6f613e542039e9064ab8b9c94e5d6ff168c1eb9db9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\6933b6dd-5e35-4265-a933-cdfc7e31045a.tmp
| MD5 | 0ee1d236897e3e4b0b21d18eb07141dd |
| SHA1 | 7ddf074a81846bff8cce2921098d8030bad09d10 |
| SHA256 | d79bb00c079ab5f1cc0697edcfd8aa6b807d5f2432d11facaefa986d326cf691 |
| SHA512 | a88e7691e98c57a3aa1969f5110b9dfd90d249fbd30655215f3e502613e0b5a8ce9fe830707281e80768883d0ff7a7cbc01225d94b3bfc67c22a65179d843fce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3ac27d489f1c2e7e276251fed14a617a |
| SHA1 | 80588e85405cf99c34d209bc932c3d422b51d17c |
| SHA256 | 3ec32e7151befdc0a19c23815137efe40450df7684874b6cf2d4631c2796596b |
| SHA512 | 3435f919836fbdb5c952b801392404cc5459d030d9410e284949a626334e02c177c6bc9b4f86d79f72d109114beae05d45f3d70848b0f8aa999d8d90493fd72a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\56003851-6de2-469c-8eb8-575162d02c7a.tmp
| MD5 | 72d39118bf81d41736daec83824cd6e5 |
| SHA1 | fad4204dd42305cb7b38e663e9c0221ab2396b03 |
| SHA256 | 2e59c8b2ce31a35c29baa3d36063d7563fff7708df80b8d222a7585a27e63db8 |
| SHA512 | 49310c1f00339746a00acf8d5001ab500d89b5ffdc448063be66745583c98c00b122fd6eb5fdbe22cfb42adda19af62cfabc80e8b6c8eb478608e8a9a7321a31 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | 13a6d74ad6b98b7194ac1e2bb91ebf9c |
| SHA1 | f4e125f62cdfdcb8774a8479ce7ab070c88815e8 |
| SHA256 | 57f0940477fc9fec40f298c5dd6135c961d947d63375f0303b445d22346c8930 |
| SHA512 | 155e22e639e7eb54ead79ac114e5bcbcd1169359742decb7a62d1172cfe6e8a81002fa28c1a68ad80d9a6dcb1da77de4030207ce3b756ed7f2ea7f5cbf95ca51 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7b6e7305fd68e369e0c9eacd5e5818b9 |
| SHA1 | 4a450fd910fcbd6f645d2b04b6f8b9601f9f5051 |
| SHA256 | c6feb9946b21b21ff85e0ddd4ebd1383eae198e2ad70a4689f6c298630b2f786 |
| SHA512 | 98e92f84ad101014e3b1cdb1167b13ed3045bebf05a626d96a1c2fe2527a7260562a9955f7284f0029e34c863fa7a3227b23b266682c251c7a2f12db7e3da691 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3ed8e2d7cb400dee867029bb0485c106 |
| SHA1 | 68bfcbdc9577348df302d58ece1f5d6c05d16bf1 |
| SHA256 | 7220caa36d86a41d7499bf05f2ad0ffab851db22485d21f80334babcef6361db |
| SHA512 | e6b898763fd897e2a2e841cd80e2f88c081cee21138cb4d61c13021504e6fe43598b92acb4bf3151e7987f299cf95f66c06bb52256097a287f12d1165335f00b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 12cdc160b168a51475facafac46edf59 |
| SHA1 | e42c7fd224ae5fbb1a50219ab6a6fae974a05c15 |
| SHA256 | 888daf1bebe4fe8adedbd952aebf381cf8c95de9731b687432f50bffbf41312e |
| SHA512 | cd684101c45a02eac63d1aa5f025425ab3fbf600494ccfb8f1255f80a82c900ce0d6b2ad8a118346f4abc1f3a8c6e2808808aa0ef8ec61a0366918b354ae43b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7eac82c214a93ca72e9f2b5e70bd2a22 |
| SHA1 | dd63f11c2be5a0bfafebb29ad1cded84f1bc2b1a |
| SHA256 | c24d98116dceca35bbebd4cd9526dd76a32ea0aa6cfe71c7d3e7e5c60d483f7a |
| SHA512 | 2a28d7e0399105ace91cae989a39080548edc1183260fa500147b659da67cacdd1ba151c5ddc89d5405c0cb9694f0ab3d1ce0946a8555f931dd44412e12197be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f18f2e4521e62d2d6ee4855a95d616c8 |
| SHA1 | 1797f558ad8d688c2d3014ef8e869bd6d1b8f625 |
| SHA256 | a309527da9a5be35bd652452da6a88abe6bc7f03014ad39b37284eca21a7f802 |
| SHA512 | f519e0b3e2e5a23734e6ac0c698283b53e0d5e3a14a2a22f5a77b8b7a7558981958f9600acf8d33ffeeb29645b6fdc0dfe2718c2ce77a565970412f8f15d6a25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 110eeb0d9b15c511513a7d29bf4b8804 |
| SHA1 | ec0b430b0a260d8c5a0ae7a8f33d6674747e7b61 |
| SHA256 | 9c23938baee6ed38a0e8d1eb2e81a23abb0f2047b8045aa89f71f345730b3e5b |
| SHA512 | 9d2440c58cbd4a6155d438f604630854b797744cadc136c8be5377813ec739958e138fb7d4a6ce22fc01a7826f15a57c0529a4be1b2bbdbc29357ebe2b072b03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1521503b10b6635fc92ebc24b2ab7c1c |
| SHA1 | d1e5270e4c45cec26b26efebecd5ec3c22e3d6c8 |
| SHA256 | 5221e70c6bf6e12dd36f8cc5720d2cd177a5f60072bdb9704a0b82d0bf39ba26 |
| SHA512 | 482ec448c5e0b9c9919e9828d4dfa3008636dbff7e0c1a4cb5390984d8a348a25c70d0e998825e8386e5fccc0ad1580d443d78d40434b72700ad1709adf247ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 508324c635542e522ceb5193c77d378d |
| SHA1 | ecff9b545e5d1e1be5e6f0bdbfcdd5b62b882c5e |
| SHA256 | f093949fb381acd2f775dd97bfde5dde6f10b4200954a0ef5c699050cf260b03 |
| SHA512 | 0be9cb536ca4aeceb39db19c85bd308ae43d0bd042f638b4b70e8dd478fe47162c1d3bf8317f8ea1853e384f3270de6469f3751b1aed82cf90e122a350004407 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 40253bc50a5982b1803927664dac3282 |
| SHA1 | 4a6d59b18974161363673785ad2a8991308c3071 |
| SHA256 | 52d461961b109a8c2741978a317d892dbe907880f0797a0cb08bd2a5b8aaafac |
| SHA512 | e39c6ffd288e738a596532cbd8e1735253d6031b6ca6635ffa0cccff7756e2c833195799094e7f5c3f8afb5e502e5aa104697a68695453664c2b6b3f3ec54600 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3d6096dd48b380668bc238552de75190 |
| SHA1 | dc37842887dd5d7ca629bffdf19f17df41f3f26b |
| SHA256 | f09485f05cf1507de52ef2c043c3d003d61e1f0b05c01cadb51c328150e17772 |
| SHA512 | fba91b24b3d7bba7f5521b143d1ea9a6b15daeffbf6eb4d4c807432a3831654897a2e15510a29121a2fa8803ea17cff4b2a70ed903376ecc3f42cf76241b91b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 12a9b59c31f705220f44a362dd78ae95 |
| SHA1 | d1c267364c06c75d60ef922ba2607613caa77349 |
| SHA256 | be5241562b6019f96c909705fbdea12a283c5b45f626000c58963f85590bd58a |
| SHA512 | 0034585e051782cd18ec1f4f78e655c0785a44ebcc984b8000b3db54ad83d5c56f837c2dccd13637fc00942dacec19f557684211b7f934e88a3e9f4d4f7d8dc9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | e3b7c1f55a368984a5ba8cba843ed6b7 |
| SHA1 | 3362755d9f77b6eb0801ea9b3301a24ee63fb22d |
| SHA256 | 7bd1a844aaf30cf44b61e3e9266a2db03f61dad8c851d78b170df9034ceecce5 |
| SHA512 | 64b0d6689a59da5bf40762169b925eb0dc0d47d0f60c8a83c3cb3696af2c036eba4fb7336e77b99509d9c80ec3b942649c62950c179185ebcbaa132804bb133c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ef106765fce7e613fb71b25ca26ac56d |
| SHA1 | c44b815ccdb0f22450dee74b382e3df14ab22f40 |
| SHA256 | bee7d6da81dca813e9fb46d810cf01c18c181b9516e8e3a53ff59e974624b10a |
| SHA512 | b9910d56846733aa8fcac784699e415151fbf153096f10d78bd7513d34dc6e2772381279942a1e26ca1138af1588c6736ed1e267cd2038243ee350c6d5898c85 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ccf7d02cc5f6bf4d0146f104b35e3fc7 |
| SHA1 | 5669fba5323a2e0c676cf387a1c75ce79512eac0 |
| SHA256 | 781970673ac35bc3a3130c123480fc0267c8b822689b2eef0f446f5cca71fdd9 |
| SHA512 | e6b4029f7f978178cb00fcb5bffb03a3968e3f053328925b1eea572a3c69e56915cd1107e7413318025f075fde4d34cd2b2cf2116827b214a90d44c7016e45d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 520ba6033988726edcb995fa7e84e0cf |
| SHA1 | b5ccd1280f5bd507c3cded2ba8cad8d1f66dc4c0 |
| SHA256 | e713c6d0200ce76b90715bd5fe5dd176c9a33050dac07405601116e62e00fa8e |
| SHA512 | 369215376a1ec524a9b99acbdbc47fc5afdc454a02d1af50e67040e3ced4ee63e860551c6168117aaf964284445d808b980cbac7d0049082fa4cbc63d2de09d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\c2ed3e27-0efa-4132-b165-2469904837be.tmp
| MD5 | 07fb0551200fc2ec1729348789039813 |
| SHA1 | 57555c5812eb1befca59670e247f0717234a02e9 |
| SHA256 | 1073fdb1aabfa6e14b21c47140e9b91390d6aefbcfe56e89b912055961882342 |
| SHA512 | 35ceaf12bbda89036339052f4e00baa2c3b11274f301683384421d0bddb599b2346d29558891b948b94f17c486d8b07ef145d29783f3e6e9a93eafba52da820f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a53aea2fbf591adbc093fce3f060e082 |
| SHA1 | 58b3249870a5537ff955b2645a08e125407b2dc8 |
| SHA256 | 49cc5e917d02d3171181f752e659bca1faef67641cdbc676aa9062074f62e4cb |
| SHA512 | ae58e9995dd38c904684e4e4ee389eecc3da98b23505900328443518ccd0a6dacc9a814e1c9e9aeb67f72ef785a5be0e0323f2b174e1b08bf85bf4b3cc89a933 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 18c15bdb84ba4a5ad234a9df6bdcc392 |
| SHA1 | 3c89ab633f4c339a515d89d91669b088bfd70275 |
| SHA256 | edb6633a2f65477713679843b21135781d85c174ac454101374fa67b2ab57665 |
| SHA512 | 45860743341a5772850b8c9f312c439dbbc35aa040e3503d8bf9ecad900393cc0bb196f83985f945472d63a16fa1a06be7cdb84309bbf466dd442d906e264b47 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 50f4872628c7062e36f8f1127500c60c |
| SHA1 | ba0ec39037d4c70c699c4717e25071699970d93e |
| SHA256 | 72c25a1def7bfd32c5f26e934eb4945850aabcfd0cbfdff6daf07cb1acf08236 |
| SHA512 | b744d0ecdcfc1cad4505b741a3fb31308b6982bea48dddefc4a0f53a04a10c9f6a4d356656113f08d6b180c658233d3920c5f2ff8269ef1ea36d03c55d9406b7 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-04-05 20:31
Reported
2024-04-05 20:36
Platform
win10-20240404-en
Max time kernel
296s
Max time network
274s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133568226991710583" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcommunivy.com/gift/126340239536
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffe7cc49758,0x7ffe7cc49768,0x7ffe7cc49778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1516 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2056 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2844 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2864 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4576 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4500 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=964 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4952 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5028 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4396 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4888 --field-trial-handle=1820,i,8097341574776793262,8637545241911515964,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | steamcommunivy.com | udp |
| US | 104.21.83.253:443 | steamcommunivy.com | tcp |
| US | 104.21.83.253:443 | steamcommunivy.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.6.0.0.0.0.0.0.0.1.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.83.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | store.cloudflare.steamstatic.com | udp |
| GB | 96.17.178.166:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | s12.gifyu.com | udp |
| US | 104.18.42.105:443 | store.cloudflare.steamstatic.com | tcp |
| FI | 65.108.226.197:443 | s12.gifyu.com | tcp |
| US | 8.8.8.8:53 | 166.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.42.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.226.108.65.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 172.217.16.196:443 | www.google.com | udp |
| DE | 172.217.16.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| DE | 142.250.186.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 67.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.117.19.2.in-addr.arpa | udp |
Files
\??\pipe\crashpad_2544_WIBKAXUQUUVDZAPE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ef988f6e02745708367a9516986ecb08 |
| SHA1 | 1fed0514cbfcbc0ae8b54c30ce09be0fc79005f6 |
| SHA256 | 212e1f268b41e6db9af79e418439274d1affd42cfef6c76997048a7687f9758a |
| SHA512 | da8ce0522c41ec6cd699ad5b26897c77155068f60e836ba0d189e76c09ebbefd974926d86fd560000efcde82666f4ce000dbaf7de55ef2abe5a8c6d71e758709 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1c82c864913639ff040c01e4a7c0d267 |
| SHA1 | 58cecbf40a193b05c06fbed41856e1cbc91439b4 |
| SHA256 | a651bcd8e77dadce2ecb738d621fef329807cc1a2f7c80deb145a1f3aa7a0574 |
| SHA512 | 36c219244546e9ae6e6d8e2cc36d174c9193ad0c6bc69bd3e8db82166e8f3871ca647b8bff2eacec649dc4c86f3f4ab05d597f2df44c2a8d19c7e584785d5a5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 278434048adab42a37f47068e4f25aa1 |
| SHA1 | 810d55f98ff489fe886c8877a0e3601e20bb34cf |
| SHA256 | 774bc53451d028032e088c393a90b7cf86fc2ad8b7efbfa7adf7c007de365e67 |
| SHA512 | f136d03327e83346e60a3f22ea3273b3d39d587c3a5001e660cc3f734bd4dab33eab2b2632c77a31bf514f935520cff6adfd432ed2d4190bf539715494c67319 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5e630f1e9ac7543f676276496d822852 |
| SHA1 | f54f18c6fdd9b4946d7dfd06d4553ed8f1163f2f |
| SHA256 | a4105824f3f44938ced9074215907a3d8be3dfc9e6b0e14c98fd1a42726f7f02 |
| SHA512 | 814cd60b0ffbad41b18d616dee146dfb6850fdc641fc377b9c7eb655e5c55bc8ed86f9f2e3a014b19bef7326b2d7c04fa3c6831c9c100af74feb9ba036634456 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 157133fb9c90e407c436c117c7f59d1c |
| SHA1 | 10f3e2e20119fe84009e144f8d3a56384e177992 |
| SHA256 | 77740413a7efb1811f5e3471c001e88360d5e9aec371cdd0c9929e2bde2d961a |
| SHA512 | 12497a796bffbb6282d50512e4093ca630806c9b7095362f15c65741b8deaa8d5b6b0ab7bd7ccdfbb63db0bb70c595ba86e041563b6141de25b785b325b293df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0eb042ba8ecd97d4b4fa26064b0a5365 |
| SHA1 | 67be35d876f81f813c150dc1b2d0ac456cc183c8 |
| SHA256 | 8efed17d870068a6e220635e3c3ba8da91245cc86853f30a6e09baeab95688a2 |
| SHA512 | ea3176a38501389a0226784a0de7292d04be9c2b822b7cef12945a191cee18d85fa25db50e1a0d7c45d2d324c0b646867fafd5e70ef856f32d79499cb696e866 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 1a99e879e7bee12626cf8d47d6284938 |
| SHA1 | 5f07e67650e90e768881fa779254a24c621b1018 |
| SHA256 | 6d6beb8e3ea44bdd07a31e89794cf193ef1a208f39159b41901bdb4c5b7dfc25 |
| SHA512 | 325353ccac6028ea3dbe6c89edb110dd351e02123e48a0ae0770b90fee6af8545201874d5517d4392073cfb6addca1fada304a6cb80d7af91f6674ab19666370 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c0bcc864b599fe36f7eb5193ec0d6b58 |
| SHA1 | 1a21993a7425ec5f900e7c889781f206847dc113 |
| SHA256 | 1b5e082d4304c3588638e42ed3620a8e37e6d1c6b988cf30ee71fba168cb095e |
| SHA512 | 33f0e4641c5eb55224731cf42770550dffb684f9331ce04a4bc634607aa4bc68c6be578e5e21a0ce77d4332cbe1ea2063edb0602358ba0469c4e44d9c87166eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8cc5e5b99ddc1494d69a2f947e6b0cd0 |
| SHA1 | e85e597491e58d536e8c1c5e5a2092fddce800bb |
| SHA256 | feeb52cf132214e94ad5363cb2289a103c70247280f317da4187409be3c6faa4 |
| SHA512 | 733bd3155a52e06cc7217e8354362648010a3e5566121ad54afd1828897db8a54048de7b12c13cfa7387d0764cf46e6da1b429bffce05def8ed7b200de652f9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b6f6ce4963cc6d2bb94bb23301351d96 |
| SHA1 | 9f153c8213b84477c7eb2b5702942c1b3c69d30d |
| SHA256 | 199bf9f77fdf91f888cb54a64302126c9de8e09cff8c11b62d431e822148c2db |
| SHA512 | 3f37a52cfc1320fc8e5c2c0040c85a454fa2a32a1164cdaba3fb8670d74aaa24c40cbebd75291d6dd9c954902f5b25c3044f87424b8c4501f0ed2e5375126627 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7dc31c26b50f7818a9c0274e67bce736 |
| SHA1 | 47cab1edf741482f3f831a31e42de1821d22b7cb |
| SHA256 | ba64e8e2c890deaeead36f8abf24bc487f9aa91d49d6d2addc768b250de82a39 |
| SHA512 | 11070c01ab5f6b64919434d3a861bd1bf44be2a131e799e4f822ca2b4ff0488c19b419a5aa7c553fc52440a925680b83713169a73a13cbc80ea81dcb88c0eea0 |