Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
23-04-2024 21:23
General
-
Target
https://steamcommuuty.com/gift/activation/feor37569hF1hdr
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: EnumeratesProcesses 10 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
-
Suspicious use of FindShellTrayWindow 26 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommuuty.com/gift/activation/feor37569hF1hdr1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8ae5b46f8,0x7ff8ae5b4708,0x7ff8ae5b47182⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:22⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5416 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5416 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1912 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,16328963705295064088,11661681523138872651,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1612 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD5120a75f233314ba1fe34e9d6c09f30b9
SHA1a9f92f2d3f111eaadd9bcf8fceb3c9553753539c
SHA256e04101215c3534dbc77c0b5df2e1d1ff74c277d2946f391f939c9a7948a22dd0
SHA5123c4eb93e425b50e8bcc1712f4cc2be11888a0273c3a619fc6bf72ccab876a427158f661bfc80d0c1e47ef4116febf76a3aaa31a60ec662eae0e51c7f1d3d89b3
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD5bc2edd0741d97ae237e9f00bf3244144
SHA17c1e5d324f5c7137a3c4ec85146659f026c11782
SHA256dbce3287c7ae69ccbd1d780c39f3ffa3c98bd4609a939fff8ee9c99f14265041
SHA51200f505a0b4ea0df626175bf9d39a205f18f9754b62e4dba6fbb5b4a716b3539e7809723e1596bcfe1ba3041e22342e3a9cbaad88e84ce9c8c6531331bbc25093
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033Filesize
119KB
MD557613e143ff3dae10f282e84a066de28
SHA188756cc8c6db645b5f20aa17b14feefb4411c25f
SHA25619b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
SHA51294f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034Filesize
121KB
MD52d64caa5ecbf5e42cbb766ca4d85e90e
SHA1147420abceb4a7fd7e486dddcfe68cda7ebb3a18
SHA256045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
SHA512c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039Filesize
32KB
MD5e13edde4a25e96e573f37bdd11e020aa
SHA184a0c3cc6cd74b149cc27de2b0fe48bc2acb70d2
SHA25645b526e6aa5356b278aa37e67593a25d09c9653e8a0e71fb8e155111d3b7a515
SHA5129ba4cce47994f949731e594538f56f423ee46a8e602fe922ab6e1d173b87831ae5a80d967d695fc45a08b25aef5c494518b43cde6b4709db690e904b2cc1c053
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003fFilesize
119KB
MD5d45f521dba72b19a4096691a165b1990
SHA12a08728fbb9229acccbf907efdf4091f9b9a232f
SHA2566b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc
SHA5129262847972a50f0cf8fc4225c6e9a72dbf2c55ccbcc2a098b7f1a5bd9ea87502f3c495a0431373a3c20961439d2dae4af1b1da5b9fade670d7fcaed486831d8c
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040Filesize
115KB
MD5ce6bda6643b662a41b9fb570bdf72f83
SHA187bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8
SHA2560adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
SHA5128023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
1KB
MD5a8a5a06b541cfcbb0aea038736937c5d
SHA18487bd06354df71ce1486dcb1ea00a15d0af5e29
SHA2565a5e6b82bed9539fad9e11e31a7ca6d038807f7461d17d41a2f2984b4a1970c2
SHA5123dbfae891ae8893fb7c7ef6ec85a2b2a80a926c2e28b1a189ca8530cefce1f62223cf4930eb0feb5bf28836af393b102906983951c31f6a3fa3976adf7bf23e8
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
1KB
MD52c058b17efb635aede54667c1710e4f2
SHA1bf1cbdcffa4aea87f6496e93624f0e5eeee48edc
SHA25604ceb5c4997a655673562293169755c4d2985e572a1a4c84cee5225bb72a59ee
SHA512dde415208b0c01aa7644b2e5b96027b28df90578ead7a1dc4fb99ced9e12511588c6132cba8897e6093450ee9ecf762b79d9b8c3d82e2751e5c96e6eba17489a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
928B
MD51e80ba67c85df30489c85b51ed8d8767
SHA1b2f26c85035c969e090b58336f9967f3fe3705fa
SHA2561d2d670fa3f41d78c666903fa114f16aec95154701d4e7d13fa681e9a1f5fda2
SHA512e5300519ac336c36d261cb201cc5af790a2760fc90c0d2e011e06b950901c963c9d12f152245ca4af75617638ea8b68b9e5acc5ac68e8d31a6145d853e7882b4
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD5e7af55e77773617f7c698059723b1365
SHA135c03679d62acf8c222ed35eb61f946f873f68e9
SHA2561a5da602a39e3ef7abd01cc89a02c060fe524019308a612b6ab5a669e8cf4b03
SHA5122352c360b69f0a69ab7c0ad864b4ed425f437ae7f68d1441385654e0647f4ec644e21e697cbd70167ec4d236d89936ef05d97af06068c64bddb5de6bc5113eb4
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD524de4ac4dea6658e73b8341ef787790a
SHA160739908d77c5a32fd2774fb3740e52526954146
SHA2563b720a2f126fdaffc43eb18803ca5b4b9847e107448e3649482907188fbcf6e0
SHA51279c106e6e592b7543537493d60d44c918cc70973c2f87443a8fd3e4dceb18a774a26f2c70c627d839888ad33ad039754bd0847f2abaafd09fe5caecdaccab782
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD5bcde6f4a5f791090bcd693ae2cf36c5c
SHA1fa698bcde9b0574d64ad1eeb8c3a4c6450bcd942
SHA25679a0335c0504bd803b134e308fd4f702810203628e50ee5dfeef687c13487cae
SHA512010fab05217504f665135a39bd06c4779028d5eeee9c6cee7c29a1f8879c282b851288f314d1d568cff38216687b24fc906e65fe0bda65fa59de6360887158a2
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD51dc7a72db6a6ab9659d68d01ad6a489a
SHA1bdd315ea39434d38a108268b8008224c263bccaf
SHA2569dc2f3f220938cb3eeb7aaceabec16b70c8da9f9e85a9305bacae5466b0eff01
SHA512edfd09fcc1333e823f55df773a7d2f46ab51b837fb5bc008f71448933b6121d1674b3ad9e36bc0334facbf6cf9420b4ff35838f1a980b7220e7f63779c554c45
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
7KB
MD51157ca4522769ab4dd2281691f171697
SHA155aac0332a17da967459c858e9897b78a61a029c
SHA256d75c50623ef23413043f2ece4e87c93a8ef48b97284a90b2b7db0fdf7e5c9672
SHA5122b509258b812bb7b4e1bf89b203f8d240110565d03a17dfd3abbb66127d30be6cff3e8572eefcaa85f223e16d35317ed34b4c6b48631fffe78da83a1f20820c8
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
7KB
MD5c1aeb5cf3e0749e171ce477db66f9550
SHA11b19d3a9487df7f8d1bc93aa47f3bdf3296eca19
SHA256411cbb7a4ea72ab6c0208b4b28abbd89a184411b4109e808c359b4f7c762f66d
SHA512c66a97c850bc9183225ec105f97d4d7b605e5cbc2832cdc3edc7f4254b87b27a5b4ca084ed9ba9b6ef0ff664580f1b52c6b564012e9cb9ba886f31e596bf11a5
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
539B
MD5bb45157d8acdee1b8744680fb0f1112f
SHA120d2a7e3fc046b917d5988dc390591423da845c7
SHA25634adb24ca6f917a5148d153e3aa2f8cd7825a6851a43cb68f33b420693dc6dc8
SHA512710af3e9b9a40bb6be314e0a2bf9b83c96be505ee0319fbb232770a6a52594114bc41ae9835fe29b7e42cb2a4d27f3dfbddff5295a7cd1f046dda119cccbd695
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
706B
MD51212f26eec57067ab1deb5b344782b49
SHA15ebbf8760317e8fea744138c5941a3e9709ac454
SHA2565f2ed2027f83ac6419f5c51c3d4732e72c55ee02deb46cd1b60262c6f4326801
SHA512eb6b217815a692c9d6d56f12aec25ffe6375bf9baf8d72ec682d92f3e84fc75c5e7b5391fc45a635c3e87b10b81dfd99bc2aeb5829c32770ac35deb190b976c7
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5799a0.TMPFilesize
539B
MD5d2f5b9543f27d979000d86d5b7dca59b
SHA1844b873b64215288963529dae45b97974ca95088
SHA25632dace7d5bf19e31f851fa282cd5aeb9cfa94bafcbb98c857d49409737979b1b
SHA5120ae7a2863638763a8e580357c2179d386606ddfecb1cca79d0d08f1ae89abc727ea74466416294c2754da42dfba49ea72b0171bcc2bd9cddc896a6b29257c39a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENTFilesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
11KB
MD5f8eebc4d640761e405a907fa8e2fb5fe
SHA164c5b0a976e7802d3040fe9f6dbfcfbdc07d640b
SHA256c4dadc9e3ccab4b1c2ad2f005e4f76a1c40de9d5739c9905cb9d9735379593ab
SHA512d78b2c0203d766c357803c9ae585b3955c80740c4e30db29f70d3cc22ea437aa6fd2edd5075272c6f18c966c20062d212eb21ee8db3002a35dde8daab889f470
-
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dicFilesize
2B
MD5f3b25701fe362ec84616a93a45ce9998
SHA1d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA51298c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84
-
\??\pipe\LOCAL\crashpad_3816_GKUISUPTMCGJPCXHMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e