Analysis
-
max time kernel
75s -
max time network
78s -
platform
windows11-21h2_x64 -
resource
win11-20240412-en -
resource tags
arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system -
submitted
15-04-2024 09:43
Static task
static1
Behavioral task
behavioral1
Sample
vitutal machine.txt
Resource
win11-20240412-en
General
-
Target
vitutal machine.txt
-
Size
97B
-
MD5
c2a2e4d1d0190d49c53480b02cab822c
-
SHA1
762faf6a49f4576084974ca863baa0fe1140fff0
-
SHA256
f2cbc0eb801c258d1edeb4ac4c18481994a82fd4a81794b5f11d223f95c1de07
-
SHA512
de51d4888dba6766cfa00643e0181a4e2d37c9db78aa1d659ce1e4828df5d2d742091c441846faa27d86c22b0d179578cfea29193059bc6c32a9bf8c00ba5499
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133576478165122506" chrome.exe -
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2516240262-2296879883-3965305654-1000_Classes\Local Settings cmd.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 4692 chrome.exe 4692 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
pid Process 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe Token: SeShutdownPrivilege 4692 chrome.exe Token: SeCreatePagefilePrivilege 4692 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe -
Suspicious use of SendNotifyMessage 12 IoCs
pid Process 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe 4692 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 536 wrote to memory of 4092 536 cmd.exe 81 PID 536 wrote to memory of 4092 536 cmd.exe 81 PID 4692 wrote to memory of 5000 4692 chrome.exe 86 PID 4692 wrote to memory of 5000 4692 chrome.exe 86 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 4952 4692 chrome.exe 87 PID 4692 wrote to memory of 3520 4692 chrome.exe 88 PID 4692 wrote to memory of 3520 4692 chrome.exe 88 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89 PID 4692 wrote to memory of 2000 4692 chrome.exe 89
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\vitutal machine.txt"1⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:536 -
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\vitutal machine.txt2⤵PID:4092
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4692 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffbd416ab58,0x7ffbd416ab68,0x7ffbd416ab782⤵PID:5000
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:22⤵PID:4952
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:3520
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2232 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:2000
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3088 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:12⤵PID:1244
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3208 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:12⤵PID:4372
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4260 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:3188
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4400 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:2404
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4532 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:12⤵PID:1968
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4672 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:2080
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4796 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:2508
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4832 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:12⤵PID:3344
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3280 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:12⤵PID:3388
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3428 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:772
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4764 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:12⤵PID:1944
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4280 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:1976
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4408 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:4668
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4996 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:4880
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:2868
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5052 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:2468
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5188 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:2492
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4880 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:12⤵PID:1528
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3892 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:12⤵PID:2540
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=2724 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:12⤵PID:2496
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4808 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:764
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3448 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:2868
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5552 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:12⤵PID:4564
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4440 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:4908
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5108 --field-trial-handle=1808,i,1235591169315151519,17023816682734534373,131072 /prefetch:82⤵PID:1508
-
-
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"1⤵PID:1588
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
240B
MD5f5385f3d46ebe4d6c297140470c8b7e6
SHA17db22ec5b79c34f76f34c27a90c66cdf5c1a66a7
SHA2566f1e5b6d3505de8104b4a25cb5bbe1ab1dfdc09a18cb6ec1d6e14fc85f8092cd
SHA5121bb7d64e842b6e3155489c7e3d3f9ebd2de031e6a5eb0e9faa3990e939029f2b5eb3fb821c7ca32c2df984abffda7daf6473e9e2ed88a1e60bfe0a8073f2d15d
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
850B
MD59034bf0f730ef748891f43d588354a38
SHA1fc1fd1ac46eaa2181d481f32c08e56bae5d013b5
SHA256184bdbef40b663f856b831276f01b43e5a3154066091bd8f4cd5c6d8f30f1c9d
SHA5128dc8092064ab873b9fd18b604c12e121155d3c9ad7fba4c997e27d5df50decb26f070c5093f4d6afde0881718db6f09d584877a474adcf908a4d7b9d1c512ce8
-
Filesize
1KB
MD5ac0732866f915d484e0ac87095b5aad5
SHA1a318717690edd7a9613d51764c2a958285a5ef72
SHA2565d480a8607dca0788974529f5c5dff3a31da1d8706b52085a1344b253758cba8
SHA512583b1a003d565be24eb1746afd4c3c2f034d22769ddc889f5129e411f5167a1fe6db928c9ffa5202d2b56bcd79a2c719dcda7866b02baf91c3ad09ea17c8bfbb
-
Filesize
850B
MD50703f6b1a241b4c7fa6056e733eb99e9
SHA150e6d7c5ef90b0d036dd6922ba1bd552bca02bcc
SHA25650145f6928733d8099ade6d97b2d01751c1e83fcb327593302acf801a6792682
SHA5127d15013cc7a46bc859d41e80551412e8b51200843f5c570c0b0b4185001b4aca17474033df6e3b0f0d6f53218eb975628e5302da9b07535b525d36c0f7cf831e
-
Filesize
7KB
MD5f49858d2707fb04af80979212bbd911d
SHA1812632c7a585207ed8245fa4efa8a8ce077d7296
SHA2568cfcb06961749a62880508326095f8a22b700d851398d58110b46918b26da5c3
SHA512426fd54cc1820b074f47ebed190061d1fec5e3366761587a7ea1d0cf55f80b484be01e97c78c06a9db9b4ee1cbe78262c04d3c3466d35b58cacbbdf836f4b948
-
Filesize
6KB
MD5fc7dfb7110e7b9c54460e247ac581b48
SHA11daf01c5df44c2446946b17d835122a8b07c679c
SHA256b726ce9e45e7f2e38db2d804652b5ec732bca12433e04fc163c86926544038e3
SHA5124b164ab026bb16f280fe87042e930d9dfd875d04c7d197fa7a70d41586bc44ffea2cdc5c708197f44b2c6513313f8face19aaba2ad2d81ce887f402663cb2330
-
Filesize
16KB
MD505cce1fd094feb78fe57db3f3b817cc5
SHA1d6d725e5210436cefcd8edfd4d3f44022febbc78
SHA2567d999f3b4cde200f6bef38284cc5ef5f37bf7b1bbfdd76e816a3ad3a92a3f4bb
SHA512e3734d2f4a56b2f9932c6f187667537742819da04bfffd59254d3695a68a2b03669a60e8305aa8b3dd89ba1f5e8d83db74244f1be9b7267de01e6476b8886186
-
Filesize
250KB
MD5e5a9d322ec32674fc924d17649c621f5
SHA17d253e8d4dd3f93e44599f8a531247887a7d6f87
SHA256111d0dc90a7a4f3cec6555d0c63f691eea19c01ae0f2356064db9e3a07d82708
SHA5126cf0bf40c0f14c29a0bf93a8206af218aba115076e33c8e8bfc907005c5fee172903f604ec49e415d42229d3c4567c198ee3bf0b76d1b8a04b6513cce04ab8a7
-
Filesize
250KB
MD5ce7c8d2f5b1eee1212512b11c9854a5e
SHA174bf647c4f1587e919d3198cd479900cabe2c7fd
SHA25614cb6dcc886ce01cf3e6a6f342f4b428287e5382c0a9dbdf3fb458181b2e30f7
SHA5120c3562a6250ef525dd8cb5bbd46f3b710d62157b74271397e51ef7ed812699c634e759986efd491858706121002c87b99b61978615bd9de534e385bd21dfcff1