hxxp://www[.]psnzone[.]net

Analysis

max time kernel
142s
max time network
146s
platform
windows11-21h2_x64
resource
win11-20240412-en
resource tags

arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
submitted
18-04-2024 12:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.psnzone.net

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133579152640806886"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2284	chrome.exe
2284	chrome.exe
336	chrome.exe
336	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe
Token: SeShutdownPrivilege	2284	chrome.exe
Token: SeCreatePagefilePrivilege	2284	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe
2284	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2284 wrote to memory of 3504	2284	chrome.exe	80
PID 2284 wrote to memory of 3504	2284	chrome.exe	80
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4092	2284	chrome.exe	81
PID 2284 wrote to memory of 4988	2284	chrome.exe	82
PID 2284 wrote to memory of 4988	2284	chrome.exe	82
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83
PID 2284 wrote to memory of 4760	2284	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.psnzone.net
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb2606ab58,0x7ffb2606ab68,0x7ffb2606ab78
  2⤵
  PID:3504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1496 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:2
  2⤵
  PID:4092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:8
  2⤵
  PID:4988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2144 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:8
  2⤵
  PID:4760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2888 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2900 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:2572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4092 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:3588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3116 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1484 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4436 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:1512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:8
  2⤵
  PID:2760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:8
  2⤵
  PID:3624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5004 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:1812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4016 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4144 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:3880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4388 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4700 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:2428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5068 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:1740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3232 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5440 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5688 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:1
  2⤵
  PID:1268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5880 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:8
  2⤵
  PID:4472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5576 --field-trial-handle=1808,i,2062694940724266463,8612701817735392354,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:336

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1592

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
66KB

MD5
11a646fe5c819a0c38fc7e1e4d5d0606

SHA1
c90d40c7f323b82bfb62532c4fe076a1250e03f9

SHA256
7e79cab96b93d3d6058b1883d3e00b4c367bc984affc0049ef414cb22c04b953

SHA512
553f2f070722c789e43d97ed335f793338db28016c813d7494f85f3304d772e673f8bbdfb5c9ca32f2362e13f41d033fd54d6216ea878102674a67cdfa8cbab2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
50KB

MD5
61eccd28b8258d642f9b0ae61fd7a079

SHA1
98ae1b09da568d28632d6227cc8ab2acfd993fc9

SHA256
eaa2bee4105f40fcd803ad6aeee6b3f839c803a2d1c274af263a46a8534b79f4

SHA512
1c80da769b5234a88fe77bb9685d82928cb0487b810d9fe85882062374fdd596b6991b02f1489f32c7103c7fca73fb78cccce5ae41be786e29e37f635406b4c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
71KB

MD5
a22ddb96fd6b95bebd51ffa028745909

SHA1
d9c1debea56091107b57481d4fa788594e0e3f02

SHA256
94295329a7627caeafebccf5073e6291950e73b76fa7be0a60384784e7c0ad15

SHA512
fe4037e54c542020dbe0b551f4c2d079d840f92e78d54e9c9cc3ba5b510017ef43f50919293d81fcc2475b5e3cccd12e5629884ec1e4727a0798bd50a8b258d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
17KB

MD5
f4aa2d622725f1af4e132e2bbaeb47ae

SHA1
20594962b8a024c0cec8d3b3fe8614bea75d5388

SHA256
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f

SHA512
8017b4742d649e4119f8530c5729cfc51356c6044a61f0fed374457120e1a54bf29823cd7e0ca6e83c40d6e312872611344a7857d04a01d3016664d9e76f7da3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
840B

MD5
0f8233ea7c22bbca94b194df74d837de

SHA1
061bc3ffbda11733dcde16ccb9ba12a3de216650

SHA256
79e53a35ec66112baa17b05627941fdfb23edc5195507f95d61f3e0244cc6e41

SHA512
4790547e9e4d623e7e072682133f585bd6dc8684918d6bf78a42d5247f07bf871939d400750c7eec5755d6612318eed682baf2a61bb071691d1c114124471098

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
601568f13af7bb4920679fac202a480b

SHA1
f0076d953031f7023a2241ce40a397bbd6a3bcbe

SHA256
4186d7a6934a85cd7376680f6ba51936463c613b5a34027b7a2072861c12e699

SHA512
42936696267708f367fb8f49b38ca274eef1d506991f3424b97c4d00e6f08b994909fb254da4696d32b97d77078d9e5601056a88bf1abe74f37770a71345e341

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c569dfd7a80fed901009c8ae2c8ab42b

SHA1
ad1a13b349a70df2e8322b756cfa16a4581ebfc8

SHA256
ac54911b6f621a982a225cc01bda97ed64781903efc620e934690385b705bd0e

SHA512
3d4b241d8f37d27558c7a6beae721c1b72e2b19d30fb5c987075b08a4c0da01f673282a539e4a51101a015ed9b12a44a17b840f4f4d0256a73956ff372be2de6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\735836e2-3386-439d-b548-2736e3e3a880.tmp

Filesize
2KB

MD5
32d5c5f2e5931f648eb5b8c54d9a2c32

SHA1
7fb61c75ade6fbc102b83fc7de4786b8a0df12c2

SHA256
c44b71916c2af03367707652bd1ca37f370465f538026950b2512ce5452cbe8c

SHA512
a53f9e5305d5b382fb86ce2c6c420ce25de383554dc499ba76c3eb18f283580d99574d2114c9f54d62a657e2acb5a5a210d01075cb60046b621004a2a67f7f25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
dbb328c43d19b84cb86d8e7608683109

SHA1
f105b058522783a6645b0e62abe3c148623674be

SHA256
7512939ec35540d14684b64ef96a57d304643e0a5161c968774e59596e018792

SHA512
708989f686994007cce87376ed8aec304452b85638aef8249084ab4df63c4c794fe4e251367608ec010c1cdcf9d8a3fb5e2f92eac1495ea5adfd5b3ba79edff8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
efc932576c7de125d0733c9b255d18f6

SHA1
edce2c409c47d40b78ffc92bed5c60b82d9d86df

SHA256
433a51ba0459eb5e65b62ab4334b292555581306265566f22b4cb0d3d001fa95

SHA512
e8c6fa36c7f665b99e9ed7426dd7cbe05dd6e6d8812a7565419757a082f08ae833f0cd4484f50115a08fa07685a06a8e7b3afc3a55227bd682fe617b4010f238

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
5ada9a618b10313b964863fd80ed4647

SHA1
d839293200d1569bdb7fbef0a95e9a3ce10eaf2d

SHA256
f9d2e2a06cafa143910f65c4e834fdb8e9c2b4e34e1c486f7ce1f42105228b13

SHA512
727ad8df6c64923a1bb719faf24cc076e33454294a83e0f223b33b832e102210e616e98f23ffb65bb2ae0543ffcd6447de2b494d97b5e214a9d4ecb2eb39ab6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
5fb1fba89d5e00435043672f06abaadb

SHA1
cba97fdd64f6b9be2be42ea064176a154b253c9a

SHA256
56db830b6adaa421d2ad0724afb3fbbb23f859bfa044757cd8116367da2eb4a7

SHA512
ab0465032eef88fe770b0e39664bd5e7509e68e40fd0d78705b04300b3ac62562da3ded932883a31fc6a2f1ff991c386c6df6949b9bef38025caff4374e9af82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
276ee812f019ea7328f3c132721808c6

SHA1
effbdeb65c670982ab30db542b9f9bf505168bfd

SHA256
32c7e192e1891aa96105aa7268b579029efd8cf57b7a3941f9fb8f9846462517

SHA512
ed8c4410c6064059b1bbe15462c67dd8036c0f6578c663c44a1db3aca26849af4d8428055c6250200c84fb45535cd1fc42850b22f802a32eaaf783bbc198f84f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
985856d6d3a8876491f6a3d27b6064b6

SHA1
56ff3085c1ff111683aad914c7fb572dd4d1800e

SHA256
6e315e92aee5a8d8f7b24c24756b5bb0a2caf0ae5ce2f6b3c950400fe5b8486f

SHA512
adc800f302c9d5467b7ad09481faca818b241a37aad66bd2beceb0b6b9b0bf929ed2cc68fe5e03b892fd7c626573b01cb798396c3f6142cc9fd14f429d6cfd3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
1f674840cf76fe67895ef3d6fe38c9b8

SHA1
8eb65b5eb183e9c7aff92069c9d4ac1b2b91ac15

SHA256
9ed11b5eff9c99713872464c8e01f420ed732bb6c62b878805b3506004cb250f

SHA512
6b0fed19b4f5fe9e34fe81bbe11ae5c89db77436876932f93a6d02f12cfec3a692b93633985c69bfbaec30d18faba0ff7efc516dbc184ac67c2f08553c801338

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
9e4fc550e1cb5f22324d650fb4260c14

SHA1
d66b33b4ffd863ff581d1e620f2ddb64bf6190fb

SHA256
6c7f0ec50c46a29993e56dbec5d0606bec7dad81c93974286543bc459892d6d9

SHA512
94e6b7ac16469150ff040840f677223d580ccfb08eee6ab0f23f266a2c45f9d0ed45d79b02a9dc924d1d95d177a4f271b5c6be0275ce5cbd5f7e6fc062b3abf1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c59d365cdb76874e24e398141982ddaa

SHA1
549b96311fc470c20495415eae053bc74b3ce394

SHA256
fc71cdb073671968b41b523e36aaaac24f0cb3e8019964e81f9d6df48985b91d

SHA512
6df561198567892df3f3477de5466a4a765861d6af45116c3d493cd36426eb97c387eefe0d2573177ed69b43797b5c9c61946aab5589c9f95a35dae1163107e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
127KB

MD5
c0f3586e311b77dbab5940d439b965a9

SHA1
992b77075326b52da689786a10ace3f0ecec9f47

SHA256
4c363accf03d8ef0320ffa363641de5f6f70e02ab167f3f50e4285d2f3295257

SHA512
625e435650ae98ea38732aaf9a5e4a651d819de5f3db8eb7eed0525eb22c624c1363e9bf2cae3a4ee634d0cbbcbc373d8a0475629697d6916ebf747c98c78865

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
127KB

MD5
dff938314576bab2c735087cae4db3aa

SHA1
679e595e4a7f84d864c5cf557d906d06b78f5d4a

SHA256
cb0e2a211741f085d2e7f79830be9d64f4b42692e9d7f3b08c9ef1b7a024f314

SHA512
a70b352001d9b56d8ae7ff225ab18c8d508cb1cdbaa3685b7b79088b6814494c9af634064ee1066e1cef518c13df1470169559534c434c86d90a056d598cf3e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
127KB

MD5
2002ac18cb3cf03132f62bd27ea0a25c

SHA1
a73e2630f78e53a3a02abe48bc4f82a330fdf868

SHA256
616ec2f5bb9375f6fdca67c3d035bd3f836e692ee3dadf740f3dc3c8ec2422fe

SHA512
737b1bcb70eb2450106bb64aedcdf1ca3d290c6744fc0d00593ff46cd8276e9697d930e52f13221978e677944a4ee0bada5973435bc49afb17eb679ae2a915cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
85KB

MD5
03cbb264d2dffe78cd9ec06aa18fa9f7

SHA1
6b42537552713fd20d0ad7ed5fc5308c8eb4c1a1

SHA256
42a2762bf6f1988d58d318fa747e0af0f727c42ad8d9f3580878d2ce616f51dc

SHA512
a88def1b1d442bc91bf9f978a4374906327937874706137e340e21a532063ae8669f521841f53dbd8da88e37a529ddf2126b133fa579fc57b4aeff97690cd824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5951a1.TMP

Filesize
83KB

MD5
dab75cab26a248f93b1cb938160ba2f0

SHA1
c45e55762bf6f19f577170ed8eed458996ed18d1

SHA256
4cc7b5eb2764b7c83b62b8321c644a3dd3e570bf31f8619d5726c12ae833968a

SHA512
56a4e1ab1061ab30e6e0c2900175b2ebfc82a6b9c63f59dd680a2ce61f955bf9b19c8ebb627304b7abe51f116278bad59558b16970704a7ce1532c1a045ae68d

Download Submit