Analysis Overview
SHA256
4ef44954ca1192d62c7305a7ba83986a3c98744a112ae7b4ea5a1afe635f5887
Threat Level: Likely benign
The file Judosa_Point.rar was found to be: Likely benign.
Malicious Activity Summary
Unsigned PE
Enumerates physical storage devices
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-07 22:23
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-07 22:21
Reported
2024-04-07 22:31
Platform
win10v2004-20240319-en
Max time kernel
357s
Max time network
364s
Command Line
Signatures
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133570025288179573" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-817259280-2658881748-983986378-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-817259280-2658881748-983986378-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-817259280-2658881748-983986378-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-817259280-2658881748-983986378-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Judosa_Point.rar
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5164 --field-trial-handle=2260,i,3739451884007376837,4900555371550671478,262144 --variations-seed-version /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0x104,0x128,0x7ffb03119758,0x7ffb03119768,0x7ffb03119778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2288 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2952 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2960 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4640 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4820 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4960 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5284 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4016 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2228 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5736 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6036 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2956 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5504 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3024 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2972 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4036 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1724 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2712 --field-trial-handle=1748,i,18146754477153557375,12288815390276163392,131072 /prefetch:8
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.114.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 13.107.246.64:443 | tcp | |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.118.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.201.86.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 11.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| DE | 142.250.186.42:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | 42.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 172.217.16.196:443 | www.google.com | udp |
| DE | 172.217.16.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 234.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| DE | 142.250.186.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 110.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| DE | 216.58.206.46:443 | clients2.google.com | udp |
| DE | 216.58.206.46:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 46.206.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | judosapoint.blogspot.com | udp |
| DE | 142.250.186.97:443 | judosapoint.blogspot.com | tcp |
| DE | 142.250.186.97:443 | judosapoint.blogspot.com | tcp |
| DE | 142.250.186.97:443 | judosapoint.blogspot.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| DE | 142.250.186.65:443 | themes.googleusercontent.com | udp |
| DE | 216.58.212.169:443 | www.blogger.com | tcp |
| DE | 216.58.212.169:443 | www.blogger.com | tcp |
| DE | 142.250.186.65:443 | themes.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 97.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.212.58.216.in-addr.arpa | udp |
| DE | 216.58.212.169:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | 227.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | img.itch.zone | udp |
| US | 8.8.8.8:53 | static.itch.io | udp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| BE | 23.14.90.75:443 | img.itch.zone | tcp |
| BE | 23.14.90.75:443 | img.itch.zone | tcp |
| BE | 23.14.90.75:443 | img.itch.zone | tcp |
| BE | 23.14.90.75:443 | img.itch.zone | tcp |
| BE | 23.14.90.75:443 | img.itch.zone | tcp |
| BE | 23.14.90.75:443 | img.itch.zone | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| BE | 23.14.90.91:80 | apps.identrust.com | tcp |
| BE | 23.14.90.91:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 198.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.181.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.blogblog.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| DE | 216.58.212.170:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 232.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.212.58.216.in-addr.arpa | udp |
| DE | 172.217.16.196:443 | www.google.com | udp |
| DE | 216.58.212.170:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| DE | 172.217.18.110:443 | play.google.com | tcp |
| DE | 172.217.18.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | 233.135.159.162.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 78bc639594f73538c090d9f6f483eace |
| SHA1 | 831597195a4b514373b0349c218d2c00f1743ddf |
| SHA256 | 1fb9572f20ecd093c6b18ac0628c61ecbd673575cdaf704ceced26c6db8bbb82 |
| SHA512 | d275fb49ec342c18bfd0cf3e00f93fda65bb6f304f6d22864bc2cab6ec46fb5dc771064cc6520bb8ac268d761349072791faf280ad09a35da85445af10098148 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8d829344d6329c26fbd9100845a2cd39 |
| SHA1 | 30c6f7545bf5370495bcbcefa9d706dcc040372d |
| SHA256 | 8abc922ffec13cce45e48d99ef62fba3fdeb90fd9d96672875e8e35bdda27863 |
| SHA512 | 925bf12f39d743d95979b1dfb95cb44ac577338ac22e81faeaa330b20857a64a6d0719306219f47fdea0d5d96468c03a703d829aaf4dfcd47547da8fa61310eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7b789b99a4acff5340ff2c0e028e63e0 |
| SHA1 | 5580e0237014a854561b976a44d664c356a06a03 |
| SHA256 | 0a61356d2fc4a216cc50121640a9a4327419ebd71b78e30ef7d81772a126c03a |
| SHA512 | d2a0cf8ff9307cbe8caceb1f0ad5770df143cd3d02062a57cbf06e580a10619cd2e59b3b23997e9f428eaa70e11495a0d432ceff41e562586f593a3fc4eef9ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8d9a93ad9e888f6cbbb6cd7d61f17ea7 |
| SHA1 | b744196f0268cd55c435f7c302ca6c61a6bbc0db |
| SHA256 | c8712e7a5a5810333a23b57b2975a3ed0c7e54f9728e44e2e82368dd28d2856d |
| SHA512 | 6945e6c9e81ef7c9b138e328bc97f7054d421f77fdb2f276f16488e5c5243299c713209a561312f3027c862437002d860d45224df8c51905854af26b90ce991c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 604c9494b66acfd3686a416aebf46dd7 |
| SHA1 | 840bae4663ae460f93335a3ce88090ddcf682f10 |
| SHA256 | 77c28b1d326d100213553c12e3a31f26a9c04aeff3ef8301f8a69a9d269e9e34 |
| SHA512 | 473f60a73fd1ad769709d6eafd02536534bf66a263d03bba354b481ac759de23c8057d66b1d636c7a59edd4571a5c0ba2bb58a2c99a0e55dd790dd483ef5c4db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 147af2718576ead394697ebc8258d99d |
| SHA1 | 18cc111c63d75ea87939101d824eec60df6a60d4 |
| SHA256 | badf265c78fb2b3764f82a1cee456b2f9182af91cdf8012e02356d029859387e |
| SHA512 | 30c9dc11124c3494088b2b9159ec7a9ccf7a73effa621a3d3ff2f41f8d5b8abd3c28c46c42da884c19c74b16bb21e7796118e10a149f215a98c9b30c05036b04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
| MD5 | 319e0c36436ee0bf24476acbcc83565c |
| SHA1 | fb2658d5791fe5b37424119557ab8cee30acdc54 |
| SHA256 | f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1 |
| SHA512 | ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a547a780d4febca57d56241863c214be |
| SHA1 | 55ac9856cd6e6fa45be064ea76786cd33d393b1c |
| SHA256 | 41040dabe5fb839e688f2536288aa90a5496baffca07a395b1ca840606c626e6 |
| SHA512 | 69bd96340dcfff1aeb4a47a2fd861eab629d2c331960e15963fe5276fd0c30d0bd753f629c0ca4d91fb4543c08836c181a017af6f65c7b536b7baa288241e378 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | acd0749e8689e27a6f0cbc6fe463c8cd |
| SHA1 | a11ecc1a8a7a6d9a2eb956d0ff4bbb1cfce26136 |
| SHA256 | e1638f7f8d6271f17c324ea9035258422aa7b6c145b4fbc5c506742fbcff5086 |
| SHA512 | d2265b21a7c67992cc3b916155829826dbda34942aa09048b3961ed4ea1500a996033e703e7283cbf6e91ed3db4224d5ddeb0266101c2f9564a7900b4f63433a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5b8c00.TMP
| MD5 | 1949333137ca9cb1a20ba64d0057a925 |
| SHA1 | b67d4a225991ec5184fa2535b92a14460be5d420 |
| SHA256 | 130481c1e053877705693129a640c9b4ce97499e05c4625e22162ab484fa2016 |
| SHA512 | 1762c33e79fdcd48cb37f05ddc9412ff9ab4d0eb4a5d150465fea717ef730259244f893cda62205832705e9e28446b728105869ba772d996f1293dd410cba792 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 69d59b96bb5560e031e4685f24022d0a |
| SHA1 | 3981488b84da06f284901e08f9c852daea5742d3 |
| SHA256 | 01bc87cf448f2e877dfcb1cf90d03340f026c82cd75ac86d10bf97806ee97196 |
| SHA512 | 37741cbe01f847f5089e53814ce3ce0fcb2bcf96316c8a63ec9f3266dddafe9b6350db9e35fefb6803346b4a4374a8c36affc0008662dd6f73f0b4acde762ca5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 28cb5fe40d29c3f1df3d089a694945a7 |
| SHA1 | d265a4f05feec37b74914a95f8bb3e78677342f7 |
| SHA256 | 8bc803b69933b60194f702c3ea23d336e02f8951e59149a5eba4f913c122c228 |
| SHA512 | c4ad642603320aa5c6d76faa64a07766c9d5472eed2d662f65fb5452968a89ff420ef0ca9e400dc968e7a05d77926e12a1353fbd8fce1f8c018f5e5149afdc34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0a7b50e1daa39c6cc8fe72470ad34cfe |
| SHA1 | 07e9cd79cff98ba96a2014d822c3b4a29ac32c30 |
| SHA256 | 985cf22c5968406098721b8ee17affb8573abf1eaeb583537a9ddf7bd189fd63 |
| SHA512 | 672d5b98654c42d4c42377636929e22e64d96519334a28a063c03de87d0e432217db4404e505feffaa1a9d2460fb3f5e3cb8998090e9acc03b7c7e84f91a2a1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 030bfdb19fa48bd53f55db3a9cf23126 |
| SHA1 | 232b628ef6ee9a3fbbe6be30c77c8a0426fd4836 |
| SHA256 | a1b03f907de46983d086bf33c432fb8855a889a0778f020a411aa863d432df26 |
| SHA512 | 0e3f841c9298a39d8407ed8965bded082b17eae68115b0eb3f49966feff4f6cf9f0b5ed8c33ef48d630b33ef33af5013a35c59ed05a52d8b3af95789ef1df6cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 42b221ca742a3a5a87a040ff0eb65fcd |
| SHA1 | bdaa3eb82f578a1a37584dfa156b9db007559b28 |
| SHA256 | 21a6ba139032ce45ebefe8071aa939a29a38915e80ee1ba8b696f4a92ca6a952 |
| SHA512 | 292c2fb7b8ff40182e0c6b0ab8f47995d6aaa92931e56c95dda57f04db060f660b36ca2e4d9a364fe7fe6ebae4fb4f8e3c623bab146eb35fccdda672cd205512 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a276304e82a59002c9da8b4958865a61 |
| SHA1 | a6c350bb76336699359a5bf784f6112807dd207f |
| SHA256 | 4c9e5fe7f41bd32b1553a050256d491d61081b5193957ba42cfa02c6f3a6299d |
| SHA512 | 517485cc3621a3716350c26a9616586b8a6b13a9949aa492cb29ba97f2ddf80dd156c4a7918c7a74d1aba5ad05f36efc5bbfef591c5f1a6218b032d5c96abdac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f69e556536951ea00a502d900fcea76 |
| SHA1 | 187ea001e3e6f75fe55032bd9f839591c83b1e34 |
| SHA256 | c0ffc347cd6645fa3b4e38d947cfd5ce2445896780dccaee3233fa8d863c2fd7 |
| SHA512 | c3d7a20f3fc8e5e5440b21dcc69e60a7f7d32cd1c3a405b2471f9f75171cd592d6bab1a4f338a3cfa05a369abab9701cf9ac23d8db3e3cfd5cee037b214be06e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 22f8d46222791b341606402bd56f0531 |
| SHA1 | 95914e8a062c8cd71fd7b2f7460049c3d0e86e7b |
| SHA256 | 13dbb9d6758b14667706a812c19775ec47276fe024115ce69568f35fcbb5a414 |
| SHA512 | 3ce1ee259f5a5a9b37025af28b184d134a3584dd51035044afd0f5c56a8233e4f56ec5de7dbe280f4183606c6bf33fde9812e409def30e90b79255320a88c595 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6b19fd7b67e37a64203686cd0b49a09b |
| SHA1 | bbfe2a3eb9d1c94ba17bc8e35200bee230bd3912 |
| SHA256 | 03c76b1714421a92acac61d1a88e13d66df2e1c24c1c12f20cdd720f5ef4a738 |
| SHA512 | 4110c85107c93f161bad450f1662a7f25c5ba423054431d8c14434c4db174004f842a7220009b1f8bc687857b4ed8f2c50ca2563ddb2d95f3ef99bed157622f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 1dcf1c59ec9052bd8b885a1838d26800 |
| SHA1 | 4c7876573101eb7a6fc790bf0acaf33896754929 |
| SHA256 | 2279fd9837120aa616d4bfae9fd1593b17fd24a6e87879799ee3b7d35c00a767 |
| SHA512 | b6937231671c507f7d1ad207f0ca9290acfc6b835ce742f00ef252be3a55b7a197b8da5ddf3d402333d7c4a63e917c85b197c453914661f349ff7b175fa09437 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6b3ebc9a5e4c419f5cd333dfb9c6f7f8 |
| SHA1 | 5be8d54584ab9073efdc7de806e503740259dd3a |
| SHA256 | cd20cdd3c5d2511d2adde742845d03fa9b7be43a982ddce1420f5e4db6782634 |
| SHA512 | d0d6969c507bdf42627d928e2962ce28f098819f98d495f57b651a11d823a972f4a9e4f5d210cb4b43f84fd67fbbe3d5dd55b1c04bf31396f2b08b2ef4af5a16 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4e0c1ad0829a8f6247136bc75dea291e |
| SHA1 | 2bbf6ca5bd6aec26cb552a6fbafd51d36a8c0ef3 |
| SHA256 | 8ee23acda2dd4c97bf582194646c786022627ea782dc0a21134e2335f9338c09 |
| SHA512 | 507a6aa40c644115449cff5d430d590d62606dba1ecad00dbd7e73d94d739933a39e38d8d735ea94327c3055109782dd120adfc2fd72dfb5047fa65517300c8b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7bfa6a51a7e6b38458f1230d43b89ad4 |
| SHA1 | 84ead966bdd1048b60b41a8afff7572cfd34afac |
| SHA256 | 2ac3faa387decb4e51748d1e408c1fe42c7969f90b8d6cad77774c153edaa1d0 |
| SHA512 | fb4979085080d819db06b3ce79bbe468496b80bb4dd5d4dcdc0a3ac96bc21dcbf78ac065082e31acd3a2d01c045f8108e0c49128c0176e37a86fdfbe34423539 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 503e2012b8d3f11cdfc0fd62331898a9 |
| SHA1 | 4c779465009b3802642003ac93a0918d5b77ea3b |
| SHA256 | 5864de8ea3a3e9cfa4eb776e62f7bfd256935743949cf550b98b940f13e5021c |
| SHA512 | 1cf3cb60693c1af23d0a05edd01701c3248a404229700fbf0609d59b534795c5b1ac497c0b84f68130ebdff3d649d04184d08425e8e15d9f6e61ccba4366da22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | ce0f881f3915ec09315fcbd92928bd2b |
| SHA1 | 981d8b3356f0f57c5623ddf295b4705eeda194c9 |
| SHA256 | 8ece70dd2c8f9131bec143cf27ece5eb861428d2b5d69b1b33b2fdb4e252b3ca |
| SHA512 | 6ba8d9a803a559e22a06b901c35fd8a9993e6ad3e7a1b17576652c3f5eaf9b0f9bf405edf1a4323671095d4698b0ae8626ecb3f0b3ff2e12cd8d3b3ab3a04754 |