Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
3Nurik/Crac...er.exe
windows10-2004-x64
5Nurik/clie...36.ps1
windows10-2004-x64
1Nurik/clie...4e.ps1
windows10-2004-x64
1Nurik/clie...28.jar
windows10-2004-x64
7Nurik/clie...17.jar
windows10-2004-x64
7Nurik/clie....0.jar
windows10-2004-x64
7Nurik/clie...10.jar
windows10-2004-x64
7Nurik/clie....1.jar
windows10-2004-x64
7Nurik/clie....5.jar
windows10-2004-x64
7Nurik/clie....5.jar
windows10-2004-x64
7Nurik/clie....3.jar
windows10-2004-x64
7Nurik/clie...26.jar
windows10-2004-x64
7Nurik/clie...pc.jar
windows10-2004-x64
7Nurik/clie....9.jar
windows10-2004-x64
7Nurik/clie....1.jar
windows10-2004-x64
7Nurik/clie....0.jar
windows10-2004-x64
7Nurik/clie....0.jar
windows10-2004-x64
7Nurik/clie....3.jar
windows10-2004-x64
7Nurik/clie....2.jar
windows10-2004-x64
7Nurik/clie....1.jar
windows10-2004-x64
7Nurik/clie...22.jar
windows10-2004-x64
7Nurik/jdk/...vm.dll
windows10-2004-x64
1Nurik/jdk/...en.dll
windows10-2004-x64
1Nurik/jdk/...ge.dll
windows10-2004-x64
1Nurik/jdk/...pi.dll
windows10-2004-x64
1Nurik/jdk/...se.dll
windows10-2004-x64
1Nurik/jdk/...40.dll
windows10-2004-x64
1Nurik/jdk/..._1.dll
windows10-2004-x64
1Nurik/jdk/...fy.dll
windows10-2004-x64
1Nurik/jdk/...th.dll
windows10-2004-x64
1Nurik/jdk/...64.dll
windows10-2004-x64
1Nurik/jdk/bin/zip.dll
windows10-2004-x64
1Analysis
-
max time kernel
600s -
max time network
664s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
17/04/2024, 15:08
Static task
static1
Behavioral task
behavioral1
Sample
Nurik/CrackLauncher.exe
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral2
Sample
Nurik/client_1_16_5/assets/objects/90/90046a9705756370acd9a00502aab5785a2c2136.ps1
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Nurik/client_1_16_5/assets/objects/c3/c3cd0db760c980287b26ef9c0894f66c4250724e.ps1
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral4
Sample
Nurik/client_1_16_5/libraries/authlib-2.1.28.jar
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Nurik/client_1_16_5/libraries/brigadier-1.0.17.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral6
Sample
Nurik/client_1_16_5/libraries/ca-fixer-1.0.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Nurik/client_1_16_5/libraries/commons-codec-1.10.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral8
Sample
Nurik/client_1_16_5/libraries/commons-compress-1.8.1.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Nurik/client_1_16_5/libraries/commons-io-2.5.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral10
Sample
Nurik/client_1_16_5/libraries/commons-lang3-3.5.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Nurik/client_1_16_5/libraries/commons-logging-1.1.3.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral12
Sample
Nurik/client_1_16_5/libraries/datafixerupper-4.0.26.jar
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Nurik/client_1_16_5/libraries/discord-rpc.jar
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral14
Sample
Nurik/client_1_16_5/libraries/fastutil-8.5.9.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Nurik/client_1_16_5/libraries/gson-2.10.1.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral16
Sample
Nurik/client_1_16_5/libraries/gson-2.8.0.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Nurik/client_1_16_5/libraries/guava-21.0.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral18
Sample
Nurik/client_1_16_5/libraries/httpclient-4.3.3.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Nurik/client_1_16_5/libraries/httpcore-4.3.2.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral20
Sample
Nurik/client_1_16_5/libraries/icu4j-66.1.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Nurik/client_1_16_5/libraries/javabridge-1.0.22.jar
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral22
Sample
Nurik/jdk/bin/server/jvm.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Nurik/jdk/bin/splashscreen.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral24
Sample
Nurik/jdk/bin/sspi_bridge.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Nurik/jdk/bin/sunmscapi.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral26
Sample
Nurik/jdk/bin/ucrtbase.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Nurik/jdk/bin/vcruntime140.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral28
Sample
Nurik/jdk/bin/vcruntime140_1.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Nurik/jdk/bin/verify.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral30
Sample
Nurik/jdk/bin/w2k_lsa_auth.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Nurik/jdk/bin/windowsaccessbridge-64.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral32
Sample
Nurik/jdk/bin/zip.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
General
-
Target
Nurik/client_1_16_5/libraries/commons-logging-1.1.3.jar
-
Size
60KB
-
MD5
92eb5aabc1b47287de53d45c086a435c
-
SHA1
f6f66e966c70a83ffbdb6f17a0919eaf7c8aca7f
-
SHA256
70903f6fc82e9908c8da9f20443f61d90f0870a312642991fe8462a0b9391784
-
SHA512
e5d1fc8ec4544e1fa0f7c4aae8dbcca466c4987bc92fbbc430b054b10d646b745add4a754b1be9d50edd64330c798c53173a97289db57a966312e16f934e9d1f
-
SSDEEP
768:Oirgim03eHcOSlWmuvjpNToHSQfWZy2VDfEXsHtprlPox2u+nA5q5ddrSxw3qKrg:Xtmjc+TbT4SKQ5VD7Zi2u+niSddrtvrg
Malware Config
Signatures
-
Modifies file permissions 1 TTPs 1 IoCs
pid Process 5048 icacls.exe -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133578414301398828" chrome.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 3704 chrome.exe 3704 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
pid Process 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe Token: SeShutdownPrivilege 3704 chrome.exe Token: SeCreatePagefilePrivilege 3704 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe 3704 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 432 wrote to memory of 5048 432 java.exe 85 PID 432 wrote to memory of 5048 432 java.exe 85 PID 3704 wrote to memory of 1732 3704 chrome.exe 92 PID 3704 wrote to memory of 1732 3704 chrome.exe 92 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 3512 3704 chrome.exe 93 PID 3704 wrote to memory of 2248 3704 chrome.exe 94 PID 3704 wrote to memory of 2248 3704 chrome.exe 94 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95 PID 3704 wrote to memory of 4344 3704 chrome.exe 95
Processes
-
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exejava -jar C:\Users\Admin\AppData\Local\Temp\Nurik\client_1_16_5\libraries\commons-logging-1.1.3.jar1⤵
- Suspicious use of WriteProcessMemory
PID:432 -
C:\Windows\system32\icacls.exeC:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M2⤵
- Modifies file permissions
PID:5048
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3704 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffbbffeab58,0x7ffbbffeab68,0x7ffbbffeab782⤵PID:1732
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:22⤵PID:3512
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:82⤵PID:2248
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2268 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:82⤵PID:4344
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3140 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:12⤵PID:3812
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3188 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:12⤵PID:412
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4320 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:12⤵PID:1864
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4400 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:82⤵PID:1688
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4660 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:82⤵PID:432
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4584 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:82⤵PID:4984
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4520 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:82⤵PID:2084
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4520 --field-trial-handle=2020,i,16255912396422767932,3632788659302513174,131072 /prefetch:82⤵PID:4780
-
-
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"1⤵PID:4020
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
46B
MD55fe7313b61ef0174aacd3e2474794176
SHA1c1858564a865d2651bbd3d5cbaba0e271f3d52b4
SHA256a3fd8dabe238048dc58fdc394bc3ad7302bdaada17a39a91044e75c0975df1e5
SHA512206a3c74d07d263d3c6c76d293d5416fa623675b691138a64e48a5409ef1f222254cbd13296cd175dc91c95fb5f770560f81a03344cae13378361ff8c3f59ae3
-
Filesize
1KB
MD5bcc19567741fab5484f9a395bd67d0da
SHA1d14fd35eb7246f26ed4e01399e4e1616dd6adef7
SHA256e692998e07e66b6230757b8410098741a40a05aee4d7020c810d011dd3829bf8
SHA512ef4f50b0bbbb4c406434cedca18b9106148e2e7b7f6b6f1e20209acbeb4f8c87d4dc1fe8c06c0a9544404372c0fabe37a3d948fe90d293377dcb3ee730f5b78f
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
354B
MD5cca797eedea17043909b608895b77f5c
SHA1dcc23f50e27ffaa9b1b3409b4d0f5c723218d6b7
SHA256d7cbfb26f631df4e74c855da29632a0f0857e0fc78f0531e77e601b7eae672a8
SHA51224e0c24e3f9bde6af900a2f9713372a57e3c909f385d9ccc3e1b64c8486e898598fd861bbe73c0c5f4f8b8078a1d1128747d8253869e9cdf5b53a3cacdc8461e
-
Filesize
6KB
MD50aa4c2ca97aa86026dc8bda2bd620906
SHA135ef036909734dba5133e1512d10dbd6287b4fe5
SHA2560c986ff13618c9cc4367412492ca56c97eb9b81feed12726d6034cb3abef6b64
SHA5120761fcb455e6a7323dfda6db148e05e56e9ff7ed3054f7e47ed30dc59a79df358ac599572834abf473c0e64eebe69b3e187a17456c54e13722165c658d524f41
-
Filesize
16KB
MD5d56025dc47439456a861b91fbb6564c1
SHA14cf01dbe49340fd664b3851dd69e7bb7d7545c4e
SHA256e56c270c3c991a9f4ec7a5812c74369ac646336241b0361252d92af4e2f651e6
SHA512be44661cf9d2e0f3bdb1f373cabd734d1831730172eafd53dae565adcd2d979af3e618df71853f1d309979df13d05b2e4a6e398e203eef99e93d0ab39e7363c3
-
Filesize
251KB
MD5f659386d6d0a23bd26e033de275960cc
SHA1f048a329dcd4f1d9d8f1f44aaab53a4bb79ea8b9
SHA256c1664645b4b3d201fca2def1a69ebf0980a1a331eb9029f449946feba3e14d37
SHA512f66c21604411f7409696df7719fd028fdeb211075ecae8c53b72420abc98db1d5efff77d4d1989cda49fa3ad44c940bc2944b8121aec85983dd11f2603658e0f