hxxp://guy cuts off his balls

Analysis

max time kernel
107s
max time network
149s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
03/05/2024, 15:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://guy cuts off his balls

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2184	chrome.exe
2184	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2184 wrote to memory of 1700	2184	chrome.exe	28
PID 2184 wrote to memory of 1700	2184	chrome.exe	28
PID 2184 wrote to memory of 1700	2184	chrome.exe	28
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2676	2184	chrome.exe	30
PID 2184 wrote to memory of 2408	2184	chrome.exe	31
PID 2184 wrote to memory of 2408	2184	chrome.exe	31
PID 2184 wrote to memory of 2408	2184	chrome.exe	31
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32
PID 2184 wrote to memory of 2392	2184	chrome.exe	32

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://guy cuts off his balls
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6f39758,0x7fef6f39768,0x7fef6f39778
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:2
  2⤵
  PID:2676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:2408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:2392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2152 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2164 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1256 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:2
  2⤵
  PID:2856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1424 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2592 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2660 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3164 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3296 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3808 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:2148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3824 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2256 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1412 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3160 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3980 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3856 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:1404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4108 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:1712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4204 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:1560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=1352 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1756 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=2060 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3104 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3976 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=1568 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=2348 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=2712 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:1428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3848 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:2100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4204 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=2548 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=2644 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=3796 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1160 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:1436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=1408 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=1860 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=4012 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=3328 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=2632 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3808 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:1508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3276 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:8
  2⤵
  PID:1272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=4244 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=4252 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=3868 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:1240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=4140 --field-trial-handle=1236,i,11755318652809320521,8528186220413935617,131072 /prefetch:1
  2⤵
  PID:2716

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
58KB

MD5
bc8ec6d0e3f746a78c43cf4f98312a02

SHA1
22a3fdaf7f8e3176fbcd24c760214736e78ac8dd

SHA256
bfd346deaeb1162c3c5d895c452e104f3824cc8e4d737ca78a4800d0f1c74b21

SHA512
5598235c508347c310348c3fabed174c39f639e4ba3513f4419332aa5d4fa4e925945eeb0f4b56bed923b84504d3aed5d5f5d70e27406a194fdbdb3f5c10cfc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
40KB

MD5
5ce7bdeeea547dc5e395554f1de0b179

SHA1
3dba53fa4da7c828a468d17abc09b265b664078a

SHA256
675cd5fdfe3c14504b7af2d1012c921ab0b5af2ab93bf4dfbfe6505cae8b79a9

SHA512
0bf3e39c11cfefbd4de7ec60f2adaacfba14eac0a4bf8e4d2bc80c4cf1e9d173035c068d8488436c4cf9840ae5c7cfccbefddf9d184e60cab78d1043dc3b9c4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
68KB

MD5
f203d75a70ada036423e83070526987a

SHA1
06e072c8d3880fb8cab740f01308fc44cd211029

SHA256
9eba99bb152b450919ff7bddc78c09e5eb0c857659b4fd593c94087d289ab255

SHA512
aba05ffe088c648093719cf2d25fdf46a7055583aa496dc8ef6b15c2ccae8d82c91d102edeec3bca5d6556a90c6d9cb03d688f5ba83f7fa87e1745c06a6d5f04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
324KB

MD5
51fe563d2ab47bc2f1891fa1140f47a3

SHA1
4bbad2976379401aacdf3d82cea09e772469a527

SHA256
722268ad8d00f8978563839689ae779aa5f3316c932f394e2c55e82338a346c5

SHA512
f694684d6cb180c21fa4112d4122d15a20c7d41e12b49be0dd52a2ec73fd7965f22755a75a788825d70a7e162c78feaa985cb5e39ac1715e4a256bf7291ce8a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
139KB

MD5
bfa8e19bc54294bae767f2948a6cb690

SHA1
2ee6d4c1006dfcf49ba8d4543515747a1c46a4ff

SHA256
678459e68af7b7dc3586c493badbbbc86c89c3e03317fd732de663fc42a44597

SHA512
dfb48b29ca42f5aef196eee0c4c0d58884f3ab2cbdd3d5b33b85c7c325cfc891f537ded6640a0d2ed01d0261603c1724b25df570e3a307df8497553ea387529b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
99KB

MD5
14e5a0c451f71cd2352f6556ef17cddd

SHA1
49b3bbc4eef3bf05bf4a86e9d6771d8566e14ce5

SHA256
fab1e3d62dc152bade374828b1fc747503de70e66cd9e45754468055be90c181

SHA512
a3eb91d5f576b911e842b97cb67d8c5668d14c56ec7dcc95beb0b69001962b7fc9a35cf40940c6c2f9ce81c5ba0e4ed3d048f931cfbff0ae848da7766ff2de86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
30KB

MD5
7ea813307f788156ab5414d420bbd190

SHA1
bcfec225873f34ef89b497f8de6eee939a34d027

SHA256
98cb3f423e7ab897477a86f441fcd1d75f04fe23ee09b163aabc9037116f6249

SHA512
1f9d0058b1f268c053b23aafb1cecfbb1a9e555a7fe71385ac29463aecd29e471b0776d64f156d8920b70f2672526d200d0f8ed84247863caa4e4758d0c30ea7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
249KB

MD5
9a9f698dcf33b8da84226ac34b55c95a

SHA1
a88e41557fbefc8ad5bb5a6554dcbafe2ea2dacd

SHA256
eb0322832ddf38727ac73bf30337a47414ccfb7adcdcb818232f5275e23c3c50

SHA512
67885ab2d2532eae1243fe533f1a0441457f71d6b475d8a823b01a664cf8d462e55c156209da26926d4297261961793051e2104df42f7aa3e6bd4c50f2bc3b8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
160KB

MD5
c3c7f1de4cf4a98ff88ef10a65026fe5

SHA1
9e16470547443c179562a59e8050f1c1fb351598

SHA256
ec0608c5a8a86abf614acbd757436db4f150dde8090d7335271cf33098fafb53

SHA512
2d022d8fc8c70ffa91d65c38e4cc518e1c5f2399c3e56febc794432c22bde7d5a88dc994818ec3e79f723f4a8318659a1643c5824c0fb239d0863960490d0c20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
218KB

MD5
71a495ffe1026b9fd4a82ab66e2d9f00

SHA1
a432aad6c4042a41510addc3dc88fd0c576d741d

SHA256
c6e493deddd7c920826e170d8dd4c5fa9860258619d8d386f146f2bca70e48a2

SHA512
58927cced07208dfb97185430ab07c2312778d11e7c2f698c609fde3283823141e6ff5a03b30ceef09e6865e32f30e11760a319342b93709412a14e0e5175bff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
41KB

MD5
1054e78f17db6eb8fbe6734fffaf7d27

SHA1
e3f94c11a744325d5b780acfbd6cef4f234295cb

SHA256
58b2aebc09bee4ac7057eebe2f90693b66fb625f56c77d00b9ea70acb6c20c92

SHA512
446d5508d30c6e11728786b3144f3b634852de7dc925fd963b4646cae8e049cd3d884a0c374bc2dfcfc154e3ae92b4218bf7950a04506f3b5a285d619110857b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

Filesize
200KB

MD5
a484f2f3418f65b8214cbcd3e4a31057

SHA1
5c002c51b67db40f88b6895a5d5caa67608a65ce

SHA256
79cbe928773386d07f0127f256f383debed5ccea5ff230465bf46ec7c87319d6

SHA512
0be1bb8db08f6e6041a85cfee90cd36a5b595afbca34d52a125465454fc806b4bb7ae569eaf4c882922fb1b962b6060534e597791cd0ad23483be5981d9be85c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a

Filesize
175KB

MD5
57a3c21796254e957efa7a112328c107

SHA1
5efefbc4b19b21fd4774f1362c2e80cb6760f19c

SHA256
4bfb457e7929f67e201ad43736af7d25cd246cd075572bae1290dcb77d30362b

SHA512
707e6f3b237cffa6ea34e4514358e5ba96073e77266fb774ed5c111a2291c7fa108ce9bc9acfe8acaeb2a4c7de12864a99e74f2a1a122e1b4325f561cc52945e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\22821a2ad758f574_0

Filesize
3KB

MD5
5028371f3ef22a675b840fabd893791c

SHA1
173d52799db1fd6f75e1e26ce813827de5918faf

SHA256
c519e23558953b15708697f51dbda178080c21c8f1b70240a496c181cec26ca5

SHA512
322ab9daf3231ac152bf3d579c3ef61c01c50fab84e2a63f5d7f89f079339963b89b3f0ffebee4022fbe1664bd55c6fb6ab43bd10506638b7439f39ca3547046

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4ed6eb4245accfa0_0

Filesize
2KB

MD5
b2d1fdfc87ce72fecd15d5606be44d94

SHA1
8336d8426bac919c6720e4660920eaa61cdd5ce7

SHA256
0f8a1c03925f890da85ee0e60c6b36ccbf170b1aee9d0323b0ab2f6f63cedd5f

SHA512
f584a362f234092f561610e391cc07ae48a5f3ac5531c58dcaece13ab6fe1d2f73543c0a1cda6c1b32e6119e72af80f7f9364c1cf56250bd8a467b6202df5f48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4fd8d8435edbf13c_0

Filesize
1.5MB

MD5
45b69452877b1381d3b40444527fc8b3

SHA1
a48baef36d26f84c7c962a7cb625dfbf406847ef

SHA256
5e6cf6b44bd20ad6777e085690ca3ca4c24098df8b7fcd56489957a23963c5a4

SHA512
797d2b9ba9c86cf1faef54f05d692c6c81a1f9d7dcc90cb0f3bfddc97449e6b0355fcc9dd2ace5c24c4de35ab76465293e0247452c17dfb0ad19e1c1dff793ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\69cf6e5ed1878065_0

Filesize
102KB

MD5
aeefd0380143b1b1c72a883c6540ec78

SHA1
05c5fc05f2175f7684736b6be9f98eb5afb3a0a5

SHA256
6008cc08e33073dd3a74c0ccc781f62b6b1a37bcaabf181515ceffc4c40e432c

SHA512
455baa16b45ba32b99cb8fd97d05738d6d530721db7ea37b366f3ccb5d8ec56003176f396e46dd778fdffe6fe2826d7af1a2b6005388e10c722cff9f817da840

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\77f8721c0b79f4ff_0

Filesize
14KB

MD5
ea33d42247b36ea8d838d800ccf6be44

SHA1
6b5949b78dcc195307263263c132c5725c9d05df

SHA256
bb65a4f1e82b295b849117ac93bd88765edeea3cea2e0598110dc7dcbfae1dc0

SHA512
404e6b468adbf9bdcdc4c06375bc1f575c6b509fe76dfc30de6aa316b0c8616cad89e3f45c63a1983ec4ecacbaacc52279c508087bb803f99cd3a4a3747fde15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7b5456c67363dd66_0

Filesize
3KB

MD5
8bbd18bad73326ee982d0f217723265c

SHA1
f93326b58a85c4f921c87c864a6256480ec91c54

SHA256
ef86b4e12f6abffa3e3fe30c4e98050740036fc0d60509c04789d84de665a690

SHA512
cca742913c545710e0b449f6d163da0971bf5f4a352a3d28ac9819b31ef2f5a24e36c18246b18dcc38789f83dab2e8b44e3d4deb20ad30883249acf612b2523e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a83eafc185d91937_0

Filesize
226KB

MD5
4d497ee332ecb5a548a9adf8f1905eba

SHA1
af60e4aa46bb7b45deff3301f65a33641621fedf

SHA256
95df7ef1a24b286f28f3e518a9cdde10105d52449054db2cbc2a4a6e2dcad107

SHA512
8dc176c92f144793efe0600cf09a5a292d968eef323d271d7f39fd365f3de96c97ed605c2958a9b6ee4335d221d95dfd43bce015ea3b479f1f225a1f92da022b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a936fbfc122850d6_0

Filesize
670KB

MD5
e6311c119db6a2262b57ce7669f1b548

SHA1
ba4647d197aebb9fd90717cd822ba6be2ecb6fd7

SHA256
89e843b6c26920bcb5d4e916319f49dcdfc20b50dc17335416c83c6765e49127

SHA512
aa83e40d1ce073db42b18aa214b04183d7c0782ad3ed16dde02933c65be26a5ce1d41f092b15d79963130243a813042130fd2521c4b8d239450f30163e7ae1fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ac0823882d6a68f8_0

Filesize
12KB

MD5
8cf38d963ecdfbb01021571c4ff164a5

SHA1
1924738a742aa8bc6c14ce8d6dc27a95a0a2a57c

SHA256
d7a8ea61c291d4880fdc1cefa5ea3f5a3628780e2d9e6777b8b51b1424c71e96

SHA512
d51f7d60b640aaaf7a0a5121feca5af16299f4d5b8f3b258698ac9bf236511c00de5558d6d5ba9c5c90d1fb38fef985308d643e6e993a07ebc1fc9dd03568de5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e1a3b4f92a7dc06a_0

Filesize
1.3MB

MD5
32b3259974af7904efcaef4477c801b9

SHA1
31690f931d5a57fa08e929430dc3a7aa8a8f0d5c

SHA256
93c5c68d8a04478c717bdbc99dbbfa4742cfb3d023cc6688e799e7a91e1cf259

SHA512
bdaa578471dbcf95229fa548d3e55d07a11b146bb6d589496f65261752024fe27f868798db0ccbfee486bbb00cb018d58d01054b22e7fceb6f8b7061d23d1200

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4028435ec11a506_0

Filesize
347B

MD5
e08c37ce2767a8c48b8ba7a8600d5a32

SHA1
0509f44759d239dc089839cb94740e1db5ea09e2

SHA256
5184932d7cae9d9956e7308fd74f4f2e6c3c019650ba8f3e049ae177353de38e

SHA512
a61d51a0715e9e51b18dd2076775071262a577a11d8a03ddc9ff6fd576f4434cf125c228b2c67bbd032b8bdd2c52572c49dd4844c2b0167c1d68e5d3280205f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f8248d59a99c6a28_0

Filesize
3KB

MD5
acccb6fcf2502e6f6baabac65141c4a4

SHA1
e84205032e0eaf1e022bb33220347ff2d34be6de

SHA256
23b8b251d85df79ec013ba8edd37625df47bc02eba190549e9b1ddd85ace5e85

SHA512
2c0808e0f89a2701165aeb3f590e95b8cb6d7656e0391822babcdeb16a6f3730ab1f87c9ac7577f849dc89796d880d10b7b32b9b56c6fcaad281d098a10b88a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
c95ff53a5cc449f96af9f3b3e9aabb1c

SHA1
4d588754ab998c076713eea08ddaa7ebbb4002ec

SHA256
25dd6bb881788ab1a3ee025ecfa6b7a6cdc0a638ac7f3086f308e8a66e7ff038

SHA512
4af81389f4690158722cb8a4188893b662e89c77531eb1e2320c193b0c7ca249025d18961442fe71b40c8a62df06919ca9ff0c6cfd6515874baae914eb2b1f6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
840B

MD5
9be982ccc8825a1b1b9e26814555bb9c

SHA1
10258173f149006cd91dbe3319ad711f7bb848c0

SHA256
f3cbe322e462d3488aab3fd02e3646907f7a1717bf851f99bd79a30c33d959f5

SHA512
a1ce09c5c978e1d7bc8924c0bbfe8aef397503b7b53f8152becce6243f4e58553b55e8aa9e629cfe41d13896fef97e5d2c2747814d0a0ee57da829009c9c5a10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
5e05cdefe5d601097de76d6852828eb2

SHA1
0fbf5320c690af3f34cc27fc2b00972c71569c25

SHA256
bde3bd9f79743d6235e2de9b111feddcbab31bd45bbf1d72b5dd69665cf21af3

SHA512
d4bb0c98229213273c1d32a6aef532d97304a085858c956118f1bca59c99e60958827116cf0fa3c608b41a6f7180f465dc8b06ee74f2ce9028b5b000ac287347

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
685230e3490596a4fcd2785c4f2ac3f2

SHA1
7f5f717ddbe28567d436e530e10041df8aa940a5

SHA256
7dd063ee9bd7f03c4a0ec104434bbdd71a9252092e4eb442948a6fb3034a9761

SHA512
334e75120a7fd7a9e084313142f7d927d66f5128607c3bef329644f8fac66fddd70a8b71e593cda3790f561e751b47f3f65d54ead2bbe63cff78307e2b0308c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
e2a6c5417f0bd8af36c50961d4498790

SHA1
8632af2071b87f19269a8f70641772c84d452168

SHA256
8be5e0194407a81f6a392f99b58a538e29a30e34aa7f297a3484983c0a36e8c9

SHA512
f62ba459d57820f0523cae83a9df2957a94013cd0cb3ad2894ededc1cb1d2312ca4aacb9977b0c4ed434c8446d3e0af5e6b2b99a72bae345f36bbbdf65cf6d97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
41436cb676942221b92ccd1b97787b1b

SHA1
56d06c856ac75973ca36c5cfb16cac37fa9974af

SHA256
491c17d28a5d06b5a6a197fdc4675af054f483dc56051224d21f1cfb8de51d49

SHA512
f40f1b734d3910afaa432dc481d3cb15864cb4c9f3375f7698c3ba8e2078a0385f26e1cf7d3b505035d452742d1da997a00bb0afb12d6d86d2e2a2a2b8511c66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
687B

MD5
e6a8b7c223a5ef62375c765939df5c4b

SHA1
e39297c69cbb513d4c747cb0b00496af88e14656

SHA256
24a9f520710accf843558b94a34c5676b963401f1809d2a6b972d348aee95ef0

SHA512
b193416dedd44ad647deb72ff2e8767f8fb4ff7ff74ca75b83cf37f54f106d1a8ee3162221a7b482b489366e51411ab16af6db5a66b3d8d4db7daf2d55cf3b19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2b3d4ea5aabcb43da5df2741140bc867

SHA1
c5be2d2b296b2d2d0395e5e93f8c139c7099140f

SHA256
75534e4566aa05b45f34a11343d7f84088997060426323455d4def49839e8f26

SHA512
ffb920e444011daae9e17dd20aad5dcf2cea813ce6e32ff800efad0e3db93cb5c7646c1a75b70ade27a74a45b848a2b8b2b86af2afd9d8554893830cdd721874

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
29c666043d06412b2301d507025fdf42

SHA1
e2ba230621ffddef39820c956b840e4dd82805a2

SHA256
e2ea4a834644e2937fd4e46dc593831f06f59928d4666aa347c2be7c749d4ebd

SHA512
dbe9aa64abfec1a2f7fcc6cd8e7484b15e6a9d49c776287ad4cc04540cac2b27a423934f104cc255f525d62520954bcfd3b5537ddc0b10789b5641edf3016f51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
19ae21144ba41880dce717ec6b8267dc

SHA1
e82d36d1df07c535d48cbced5376d7f2ef628229

SHA256
51a680567c155ade9c099bb8e0571dd4e967ffd4251dec30c5c06fcc41b261b8

SHA512
6703055c6f6c77d21af1927eb6581293f3460e16ff015b2be51724771257713ddedf30ce9ab01ed28c7f473af0ea320750a7174717040f6d05a62271949439cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5bcd830e8b7e3f8a450221d89b490253

SHA1
b23edc1a80b2110f02a171e7ab0ae81e868aeef8

SHA256
ab5391994e744938fd6c7f1e18c012ab2b035f21e2c7a64e97c0eca67d2b1732

SHA512
00250f28ecd6cf04d0be543edb0abad88afde7069b4dd96b660128a0c2730db16125baefff3af4995f34c48f98eca3a3053516cc3ab73ed1a1a72158c9136b5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
45d90ee4d2e66b5670c350606f899ee4

SHA1
ec82bde1ca2b44ae528c4f7663dd91dbd1674d01

SHA256
96287eab75e7a28f03c55745dc8946e182aeae24189fa9a28bb0a2e3a22f0370

SHA512
cc14c3175c1f31195783ea69bc374967919e531f985121d8eae62a7caa653419c0ab0d4b5062371d4daeb0ee548dd3316a752dd1137379f5090f29173850e85c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0d1db0c6bb6c97cf77ae2d8d055cb3b7

SHA1
20dbde98ea95976fff9dd32ef76910ace9a45d03

SHA256
68b79e8fa4b1aab0d9af47c4b06e92b12da9a989adf1731eaee27d86e298d19f

SHA512
41dc2281af3c4ed9fc3f2480cb03de446794ca70b6e3dc5edbfff5acfc34294301c3f9dcc5a6eef68e7e5700c13b7f2fe4d4c2ef4dc315314b0e7e71cf43b299

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
ca028e99aa941cbd43615831a527b9fe

SHA1
db7d9f7238348a81139c61ddc20e2fed0567771d

SHA256
46847c4bbfe8c43eeb3349ea1e8131edd016e301f9c3d9f58b0c5e5feb7d729f

SHA512
0931a3daabade73a9b9bc0199d1a695aedee038c1c0b969276f2e6457da5795e9dc881b8fe6b639e6f71cdb912e9fbe7f6163219d0602347211a423be26b9146

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e1b00606da04047e26db91f1f28e634f

SHA1
ee043df1c571da13955e580139d7fec0e39096c3

SHA256
f21542739e0bc0da50288e948b4b3ae24a92a23e70768a47c00dafafa77f98f8

SHA512
bc0aa59d254453789797b2364b2c5c2c1ca06109c9318a4573e51d3666bc9e9b4097371083da57d0d015612120b2660e5976cb3e4b4e8d82e9df20c3b1564f64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
6bb32258b99c5366e750e4d46a818499

SHA1
d6608ec5586e0fe742f4f182aa588f9151b17053

SHA256
321c9599c5dccffd47a2f3fbc32b2810546c10b3e9fe8671f96cee5655a2b6b4

SHA512
11637551e69b021bf32dd616e4842573c8733f6b5d5e95b9e2b3fecb37ea7ce80b308cb0ab3fef2c45bb7690eb66efe041ade6f5005e0cc8255c3bffd2a3af8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4150705ae4f7f9bc19f1be3c19061983

SHA1
26ec71c2b047bbe91b680888c314762ca2fd7c55

SHA256
106bf2fcb5cac08a5b6d4c74e338b07a37c897cadff4bad7bb86a4e1f4948a98

SHA512
69ee971999ae6de67e851614e61a7b14d614a9a1e4ba8efba818421138b2bc37f2fb7ec0fa48b38a1a6fafcb6ca2b1d6f115ce8bb9a0f046bd32be6c72394720

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
f7d54bf935acc4a9ae89eab7e19c34b4

SHA1
4600633e6d5e48fc53906fe5557e8fd53bf512a6

SHA256
825c4d8dd9f06369c9096e9a6bc4d9a87b77901c696ec235728868a645549b1e

SHA512
637cc93a8e4697ce378d9d2ff20230add1c22aab01eb383dea5166d39b1112937a028fe4b423846e632319397f3c041f27956588218d51540baf7a7de3d7fb04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
48f59a46191caa4922a441e0c9ebf611

SHA1
30c2a9e2327613ff28c4b4ba7ef4effcc97a8ba0

SHA256
fe4c9911e099d452f61fdbcf86f16f858f571ea558df37e3215cecc682124113

SHA512
1cbaa6f097cff24c3fff6b22147a7cc80a051ec7234cb51ab55baa6c3eae3502aff5b344196d7526a53f499f754312b5595d31a30c6a31ce6ff76510c3e16140

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
07bfe4020971e45230f3de64b0c3d7e6

SHA1
db8203a24c2e7cba3e75b118ad14efff4c09b8ae

SHA256
70c643bcb6ffa392aa041e6465609d86184718a7bd5c5505092d3fe1c26aa90c

SHA512
67efa343b751181868a2e2199f89d76ac3d28448402549e2438d14feedd0034441d395a3c4778cff6955b581a5a3adde33314763251e98093db2cf17636cc67e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
627defba098f73c500286a4bf1c9e22e

SHA1
ed862c5e391606a65c8b0d420e3425a0d29af1c9

SHA256
9c98986cd559519da3b4c3589ae4d803312845df41d5494b89fdd41915e3a5b1

SHA512
0e0968a49e1aeca79141f719d257e24482ea3ce7aca5b2690c0a50363eaf2729c9fcb033adc2a4e5184f29e84d6fbda07d0b9d651971e140da7f99a357bf5c44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFf77d7aa.TMP

Filesize
73KB

MD5
48971a066c85fe1f74c6939c9b6b32d8

SHA1
b65473ef0fd0c5209c630c5790ed997f5e05a6fa

SHA256
917cdf70986cfa912f62a24e1a49e1924b74ece00ae4ef9e890eaf851787ba3a

SHA512
a3c3dce8f519feb5c2bede60a5f39f56c8bea31e295fcc0cd11455fd9fc3f930566b60512fa274190e12f869abec30037eb5431be03fe0a427f663971d4d3a19

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarADA4.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
10KB

MD5
85b68e3fd83d940baaee8c726af4763c

SHA1
bedc6630d238dcdc06c890e44de005c489cddd2d

SHA256
7d346fdf99a6d3afb630e7922b2bbd88457b937b5599deb57562fd7782a3f2f4

SHA512
37a68abba6350bf7c46acd4b975277c5c01c77e8fca7ac913ac1993b45ab9ed9332c6e447f0181b31a354861e3ba4280274106e5c57a0c4710e2f3b22b2093b7

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
14KB

MD5
7990fc40d4458f68a492dda872eab2f5

SHA1
2087481f8cbe39e451e59ca2963cfa55724a539f

SHA256
1137f7199b0faab22c187d144b887f3b7bea929b0b046bcfc642dd0379c1f199

SHA512
7dc6b225b2d261d1e061304fbb0c3992c066a1f4b799e27aead6f4867e2e0093ab4209a031d24d3744fa64e5689009f3e68ea3f4b58632609d333b3ebb78b57f

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
12KB

MD5
2277a0c45426b47fbee6f99ba30d1eff

SHA1
fb47937a9f2135ab8152aa0d6a7b044e24f4b2c1

SHA256
6b9363f84c257662ecdf1c9c8af09aaa6432957238ca1ec0cd9a3d3af9ec16d1

SHA512
62ea639bca423a1aec1aa7ff8c260a9c0301dcdaa288ed14e0f4d42fae5332ef59afb0c816662e30c1af89d0d737654c6f0ba23e1f525643d3701a6810f1dae3

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
12KB

MD5
3d97dc6a4131282ebf908c97c1c9cc4c

SHA1
48585a88ab7abddb6145535ba288647430594f3f

SHA256
a2692e4497e86a93da2e420def01d466d93ead972682c005bb7b72f76c21ccd7

SHA512
da9a0127011e95bea15b8a94063fc64b78ca45c7564d482349ebe28940edd03d9d253b727263830d8365eee3c968ed0cd2db64371bdabcf0f0ed01b243899e45

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms~RFf76af91.TMP

Filesize
6KB

MD5
4ba2bf5fab0f57b8ef20ab002323827b

SHA1
42752920c5356d083df4567fb874ec42b10a8ac6

SHA256
26fe38de5a7b4bd66e185ffb0b1d623f1c6133e75dbe311394c9a5cba0509000

SHA512
c184d7399632f4d5aef72fbe50ec2dba537193ab0e1ea8e8c9c06f458102e881f7fe375243c25829aacdfff6d1194452526a380daee4d40e141e6a74da824b67

Download Submit