Analysis Overview
SHA256
59a5632736ce0a74810969b57eedc5b27d24b7867393cb92c37d1b1591b6be81
Threat Level: Shows suspicious behavior
The file poster copy.jpg was found to be: Shows suspicious behavior.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Enumerates physical storage devices
One or more HTTP URLs in qr code identified
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-23 11:16
Signatures
One or more HTTP URLs in qr code identified
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-23 11:16
Reported
2024-04-23 11:46
Platform
win11-20240412-en
Max time kernel
1487s
Max time network
1498s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | drive.google.com | N/A | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133583445883150005" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\BUG32.rar:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\BUG32 (1).rar:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\poster copy.jpg"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb99ddab58,0x7ffb99ddab68,0x7ffb99ddab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1508 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2176 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3028 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3148 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4168 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4172 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4460 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4532 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4708 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4752 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4720 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4836 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3500 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4720 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4828 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5232 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5408 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=2764 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5772 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5860 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5988 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=4212 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=1200 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4468 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5088 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:2
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.213.4:443 | www.google.com | udp |
| GB | 216.58.213.4:443 | www.google.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 4.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| GB | 172.217.16.246:443 | i.ytimg.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 142.250.200.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.10:443 | content.googleapis.com | tcp |
| GB | 142.250.200.10:443 | content.googleapis.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 142.250.178.1:443 | drive.usercontent.google.com | tcp |
| US | 157.245.113.153:443 | tiny.cc | tcp |
| US | 157.245.113.153:443 | tiny.cc | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| GB | 172.217.16.234:443 | content.googleapis.com | tcp |
| GB | 172.217.16.234:443 | content.googleapis.com | udp |
| GB | 142.250.187.202:443 | content.googleapis.com | udp |
| GB | 142.250.178.14:443 | play.google.com | udp |
| GB | 216.58.204.74:443 | content.googleapis.com | tcp |
| GB | 216.58.204.74:443 | content.googleapis.com | tcp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | udp |
| GB | 216.58.204.74:443 | content.googleapis.com | udp |
| GB | 142.250.187.206:443 | docs.google.com | tcp |
| GB | 142.250.178.14:443 | play.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| GB | 172.217.16.234:443 | content.googleapis.com | udp |
| GB | 216.58.204.74:443 | content.googleapis.com | udp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| ID | 142.251.221.131:443 | beacons2.gvt2.com | tcp |
| ID | 142.251.221.131:443 | beacons2.gvt2.com | tcp |
| ID | 142.251.221.131:443 | beacons2.gvt2.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | udp |
| GB | 142.250.179.238:443 | google.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 34.161.115.43:443 | e2c65.gcp.gvt2.com | tcp |
| BE | 35.240.1.200:443 | e2c14.gcp.gvt2.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 142.250.178.1:443 | drive.usercontent.google.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 192.178.48.227:443 | beacons.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gvt2.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 142.250.178.14:443 | play.google.com | udp |
| NL | 23.62.61.88:443 | www.bing.com | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.120.234.20.in-addr.arpa | udp |
Files
\??\pipe\crashpad_3132_ERVGDAIFOEGHXICM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 26d2f7c0d6ba4f1b118e036c74208578 |
| SHA1 | bab7346036c08e5fe994463ecc63cd55275a8150 |
| SHA256 | 4e0c14a16a08f8cad745d26daab8c0864d0c1040ce19dc0c631c99b4e4d9c1cb |
| SHA512 | bc2d2a418a3f64cc8b5006637f281a7ca39a7264aea18e65b68dc0abf9014d2422c66b73b9830fbc8157751b8dfa8222013bd4f2efc52adc6073412ff51b6305 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3c724e232eb601ef9802e49b26983bda |
| SHA1 | 6e6647b1c834e16d1dc6fc84183fcc92cf202448 |
| SHA256 | 6638041f0efeb1dd58c18973b953ab4e19e6f7fbb0953789d5818ea1299d9155 |
| SHA512 | 994ca5106d38aaa492a732a448a6ab8584f1909348cc04d090c62a90b0a4ce22ba1b3bc26954834b50028336555c552a9365bcadbd087ca19c0698eb1bb921ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a076eee502514d8782c3b8162c802e23 |
| SHA1 | 431c15009f7eb1d8050f2cd5b7f23a8ed46891c1 |
| SHA256 | 02297a199d1b4183f216efe62a59a2473992615a668e90d6036a69b4df941807 |
| SHA512 | b09296fe9fdfab1d98784826cd0088714ef98c1cc07fc84ea45d967d17c66fed9f93657f34f9390bf87600d53d3700f11a4cd5acba3067ed623c31c0b1be52f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | ba7c13c16e47d6e899be94582cc73ee9 |
| SHA1 | 9482856a3c320c18379189ee685c6fbbd22662e6 |
| SHA256 | 590581dc1e32e6f324d15bfd02544737b46c297aba6db1e545934da197e63652 |
| SHA512 | 539bba869e16552ce0eaf77a28456394a34be6d7b509e4a21e5bcb4c47dec80ea661e622f978729733b6af12eb6819ad7e5aec1adc3d2cd99eca5a34ec92b7a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ae1bccd6831ebfe5ad03b482ee266e4f |
| SHA1 | 01f4179f48f1af383b275d7ee338dd160b6f558a |
| SHA256 | 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649 |
| SHA512 | baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57a9fb.TMP
| MD5 | 307567e084a54a67d95874a5a5f7a946 |
| SHA1 | 1ee6871b730967daebd785f2919c6d370c4a72a9 |
| SHA256 | 326fccdc9cce54a404bddb04155dbeba06d0981dbe09c0a631fd7ac67c9e2a3e |
| SHA512 | ac8a635e81907ed4a17834565720b9be69654a3ab6ec43725003ad6f50c0302811f073f22cc0eccc5bc2c330f59fd90aad598bb2492b90e83e7b6a5b36a63caf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a7a14b8f1269149ac7b34c76147f9d5b |
| SHA1 | 3e13012e52ed8c678c72c73ce66a356bf2feda93 |
| SHA256 | 2179f677bbd3366d608be20bbf0522cbf67d3f3dc8ca42dc694b5da9a5f9c21d |
| SHA512 | 773a15a01b3fcf0babde67046de4d88f2060d3a803a867ab063466ae5e41e6fba38797b8b659de127060992013d537611079bca808e82eca8d923a2ebfed790c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3ed2e8b24df905da070a3efb44434d87 |
| SHA1 | deba3f28171951ebdbcb99797b6c764fb4eece48 |
| SHA256 | b308dd41ebc8812a654f3e0f438092dcfb2bde952ecea426779ad0bbb4e072af |
| SHA512 | d9fe3337f8e1f9930f823cbfb86753f0e2cced018f04ea003dd1987c8047358168d0113370365ffc3d63d6660b47a8c61fab1e9717d1ed6492c43f0dbba0d943 |
C:\Users\Admin\Downloads\BUG32.rar.crdownload
| MD5 | bb3451472e92540643074f3046a58288 |
| SHA1 | 709f6cf0c6504dd2052ab7fc7f67e0230f77a203 |
| SHA256 | 0b1d32d337881347c6451823ac5469568e8ed4f46692f50b52d70391ebfb672e |
| SHA512 | a4a3035c21bb1eabc71ace4b67b015d15f839168fb8bca1b9528a35b2effc0c95b78b31edc2c54ceb52a3a3d8cf3797280c556ebe6912b7805d77dcf1eb8592c |
C:\Users\Admin\Downloads\BUG32.rar:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031
| MD5 | 4b419751b95602190e663dcfb4397186 |
| SHA1 | 584625bb902af71e0d551a72995cce18736bf738 |
| SHA256 | 566e5021669d6f9d13f9af0fc133ffdb0d2f7b5ad5698aecbbfe1de1c9751ba2 |
| SHA512 | 60d3976779651bf7652fe6e5e9bf2ed251439ee04a891d3dd5112cac2b7ae6b70cd7cc7a49cf2b71931a3308ebdf945a5254d60a6789ebbbcc749ea2742d0eeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f433.TMP
| MD5 | 373f6044a2c5bee805145a7642506c58 |
| SHA1 | dcdbccefc581b6d34a01544c3a9b7efe46c895ec |
| SHA256 | 0ff82acd85cedb6c6a978e0e02e9386e97773209fb9d48d4b3452e91885c93a6 |
| SHA512 | a674ed0845a6e05903093445f4260eee259304d94e62bea5ff392e88ac8c0fb7ec3cc115714972ad69bf85d2a317a4081a79c076769080fba1b5f79280f1f331 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 1e0ef8365186543207e64b6765480287 |
| SHA1 | 70da4f1406cd066c19a210977759d05d680a62f6 |
| SHA256 | b8cbd47e2a33b685182696f0af823d1b6292395017ae27bc25531ab9a01da5a9 |
| SHA512 | 9d0c14feb9424f547d83029b6eb2b87d93ab912f5a798a000d852b84fc67d31ebc18d514b1288f819e7f967d36de882d505ed5e74ab157f50f8e12a9859e05eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a5726baedf0829e4d30f860c3d4a6b46 |
| SHA1 | 8c205a811b4667c8eda88f09d4c67d1d0353c4c4 |
| SHA256 | 1826277506ae487f1a4f23bc580a694fa8e915ed5616f4572fa79825a3187ba4 |
| SHA512 | 670e79899cb05187c9be826907ed1d6c3f0c688afdc83a68cbe8c728b4ddbce392c98460afbcdc0e22bd59da521186d17cd1e999d82462a51b62b25e1260dcd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f4aa21b7d181decd56670966e9cda336 |
| SHA1 | 14bb950de825845457649b91a6111f372c7bf2eb |
| SHA256 | c30fcd996ecc6f9a2db1b46566b9744c43ceb602d7871a40f88220d18296da24 |
| SHA512 | 3caea9e79e276ab9113a5413c0baed49626423c1c06740b2ceffaf17a75639571aceba36911743303746bae3ba2c17dc8dedf650b4592bba3301575b6e95f0d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e6768400062b0976a730d17c38d413cb |
| SHA1 | 6261c48c848e72fe39cb46944017f3618b3095bf |
| SHA256 | b031a6caffe59716037c2a5c7243b1c6ea902f27e403735c8076776123355835 |
| SHA512 | aec92d29c88cd259d04ff52adb50f3d7868ddbacfa53d24fb2e83141cea754a2ab47eb8841bfe75fca256f610e5491c5f9333282a2701fc270afff939d8cf449 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 86d3bc380e0d9beb9a74b82cdafa7118 |
| SHA1 | 9efe02d9fc4a9c8495cbafaf1ed5256abdb90b09 |
| SHA256 | d2726e25a3c9159f3e7d15bbb73c75459e06f42c252518233fdf55e5c67a4677 |
| SHA512 | eadfc592462086a2056055d58e66d749eb05b5103138df946d6e113ebcad761920f3d592592fa6cbdbdf976c6c1a051834021c60b93b023b187aefe3b24d4e6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1b7f0cd307f0a74820920bbe7426a1cb |
| SHA1 | 79907640eb2272574c93a3d25dd1232540d582b8 |
| SHA256 | 482a04d47346fe796bd26c888098666484252f115453fef970349efe5f3c3510 |
| SHA512 | 0b5aa655de4142359343d05adea372e0f9dd6c314a3e37c2525727254e3ae19b41e50815d7f73a22eec346c3a98fb0ba3821f711855db19f361eaff6e8cb5096 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 040d4e1c8c66e7c58d8417153871fef5 |
| SHA1 | f2f913e589bf864277b7547a1389981e9b13a202 |
| SHA256 | 597e347cba9c1f4639362e230820688638557efc9549190efed1ee7cf5bde8d2 |
| SHA512 | 562d4dd103dab3666900c079c87ac69012e5229b7d9614bb8b0c52e9249575f5458bee846856b47f0157c81a146fd16c3c09c20c2989f3cb066bb05091d0d347 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 320b69fb09ddef7dc4b23e06f6af59b6 |
| SHA1 | a2cd05681699243eee6eaec1baca8f71148a358c |
| SHA256 | 451dfad8682f9b782c15abff0c7e4cc96d5d261906a8e71dc07f32dab15f8126 |
| SHA512 | 063d385122700de7c9e43d4c68135dd7dca27dd543b516967bc0d79bf6cc892eef0266453e18b914ae6226782b397d76d68294177ebc8409e5ddd02c89ef1d5a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c54e8aab54d1f403fd2aeefe1df7dd39 |
| SHA1 | a68a6d7ae0b369b2c5277436ac55b1c1ca991521 |
| SHA256 | aa158b35efabb3936ff4c2c217bf5b16d070a0ebe4c7299f359ed3c0a0169721 |
| SHA512 | 16164f07d68dd607edf92b1e4638f3264dd5f52992d3673b97df6647e94035307416c53b63732805cb8b4b45b805ba66d743719970c2b79c83dd59a0c2c9e8f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ac7cac3fb0fc6d34cea6a78ff04b23f0 |
| SHA1 | 9f21b5792eb27a2eecafaeb65306b49c66cb90e6 |
| SHA256 | 12e8c569bf1ded81f16f489542ecdf7717308c72c66ca0a05d34bb1204485406 |
| SHA512 | 741e520845a1bfb7803a41da2484a9cb3a25ade4d1fa1e7993be4f33c17bc4e59a55bdbb5f6ba4330d463b56a2dfe3f1189f5462f828c3143eced690645e356e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 391c98788572acae0235e90618795d8c |
| SHA1 | d60fe013da94f1db934f19d903f63ab3e7d10a50 |
| SHA256 | 5fbd3e2d4fc2e85b8bbd3080c837e01b69d548ccc1dc48f255ac652a9a54c233 |
| SHA512 | dd3475349b37fab9b3cd4b9c71a558962629a493a31db67c19c2b093fc85d9bcd9efa2ef17fdcf19389642c11f7dc50e74212692fd99f89ceb65e45c63aff97a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d2698c0fd14e14814f8a57f8d9ef4ea9 |
| SHA1 | fc25c2d0213c7d393fff2943e8c47758a5f6a3e0 |
| SHA256 | 8a20eed02cdea240e8b7d76eab681171a05dbfb18e171ef8a193a8bddcccdaf2 |
| SHA512 | 253bb68f50fa350af847cc35ca78bde6ef702aa38a2cd1a157b32fc4e0bf462426593958b44973191a5aa485c396c6e34f13a04b0faec3690f7962f50493b73b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 62d7010d540e9cdad6bb8d5c32288b05 |
| SHA1 | 74889d550569bd1bcd8808a7534f8782b63fd476 |
| SHA256 | ff60e396b7f025c47ce3d30ea44ebf1026e68062de09231ac4c1841b0533326d |
| SHA512 | 4f114da9336b2da6721a735903d1ee0b1d24d1549ff7b09bb6b0c1670824cb1e88cfc40804e8cc21136cfbb8b0c4ac972cd45215d76f1ebeb1597f252bc76432 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 6b4aa61332dfb097b81afcca20a5790c |
| SHA1 | 817793ece1f828f021b544b7b040dd3b81aae057 |
| SHA256 | 7d0dc335dd1897dfcea97afedabae13c7bda9d12c9e1cd73a3b1b41eeff0c4d4 |
| SHA512 | 9542d05d3a8e7b3d09c7f56e1df716ba7d843253e532c3ba28041b00de58ac3934475d07448be1074b2ab9889ada84c28d4c29397b71b529245946bd9ac68564 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0ce3f80bef2f09331a83fd742034aa3a |
| SHA1 | 61056b8cc00996605ed2fbd2fcb40fb7cb30f6e3 |
| SHA256 | de158a5953461703e7dd5e749c94bfbf493c8c6a8243f8223966dbc35e50bdc7 |
| SHA512 | 90f42bbdb6a6643d866d1aad7eae6fe96c985e5c8a6c1ed2206eae9d1704abbe0ef315848be9456fdc6462aa3a1a04321ab0eee07c8db9ad0bd3b4156650cd3f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 82be417f74f2dd45f5a737a41b604faa |
| SHA1 | e366efa515b22ddd6d591432e5d00aa0691002e7 |
| SHA256 | 61872e10ac79552ee466eb13ca45dcf2b47a8cffd73b3be6e868af1e3a2c3fd5 |
| SHA512 | 89d9c2af31cfa1a5b0bac19a0e10fd46097cbe7650175d95a3e9fc8859356794156f99e49f57083e60961d915bf678609f08f8bf4ae7787e323d983c3511b9de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5c35de05a5dd71f580aaadbfe2ec35e0 |
| SHA1 | 277744c88a6e5607fd8471830f6a8f95ae1c58e8 |
| SHA256 | d86a95e7e7f0b1e0767553ebf37f3ec3258c4d59f00bf76206e0c9c994f03407 |
| SHA512 | a5cd2935ba26371604c7f9d9a5edd70eb3803e4512fbbc58a5795b98e1bfb1d4154b0fe93451f768a0d5b0dcf376f1bf42a6a8db15329583ddb49c450c57eec0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | fde21ea0e515dd192796c7cb97095033 |
| SHA1 | 577cb49ebad2f98dd99d3abb1bd2bbc10aa49bcf |
| SHA256 | 374abb38e0fa78c3cef588a9f8cf80bcd52adab3ddfec20f51c8df7c1df71e98 |
| SHA512 | 33a56c4d42d5169d41ec8090aaf3d0e8c4729bd628bad95cc5e1ca95f7ddd794d302d951a849857f1b676c8d24bc4ff78c22f98194c8dc3914e7c1c3cba8ba0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | 04e09d86ae8f903c42bf2aca0ef6f22f |
| SHA1 | 91201b620de548ba1774e19fadf232f1b1e1bf77 |
| SHA256 | cb8b4e6414b08c35ea869014f86df0b63a7bdcce11b3171ba9ec74b5bb792d0d |
| SHA512 | c4b05f3fbdfc7e90fa940256a34366dd843db75e17f8eb6510edb3f8441ec9785750906c85c6f9ce5ccbd7c1f7aa193e660897a30a3bac635929a763aa0b2bbb |