Analysis Overview
Threat Level: Known bad
The file https://github.com was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Executes dropped EXE
Suspicious use of SetThreadContext
Drops file in Program Files directory
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Modifies registry class
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-04 12:20
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-04 12:20
Reported
2024-05-04 12:22
Platform
win10v2004-20240426-en
Max time kernel
126s
Max time network
125s
Command Line
Signatures
Lumma Stealer
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\GitLauncher.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\GitLauncher.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 4996 set thread context of 1856 | N/A | C:\Users\Admin\Downloads\GitLauncher.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 3484 set thread context of 2168 | N/A | C:\Users\Admin\Downloads\GitLauncher.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\erode.exe | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File created | C:\Program Files (x86)\hello.bat | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File created | C:\Program Files (x86)\hello.jpg | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File created | C:\Program Files (x86)\ | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File opened for modification | C:\Program Files (x86)\ | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File created | C:\Program Files (x86)\date.txt | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File created | C:\Program Files (x86)\hello.reg | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File created | C:\Program Files (x86)\launch.exe | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File created | C:\Program Files (x86)\mover.exe | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File created | C:\Program Files (x86)\msg.exe | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File created | C:\Program Files (x86)\mypc.exe | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
| File created | C:\Program Files (x86)\shaking.exe | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133592988291498335" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\Fn cheats.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9af77ab58,0x7ff9af77ab68,0x7ff9af77ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1556 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4332 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4480 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4616 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4512 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4772 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3280 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap3998:86:7zEvent2399
C:\Users\Admin\Downloads\GitLauncher.exe
"C:\Users\Admin\Downloads\GitLauncher.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Users\Admin\Downloads\GitLauncher.exe
"C:\Users\Admin\Downloads\GitLauncher.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4304 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff99ebd46f8,0x7ff99ebd4708,0x7ff99ebd4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5560 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5560 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2648 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:2
C:\Users\Admin\Desktop\Fn cheats.exe
"C:\Users\Admin\Desktop\Fn cheats.exe"
C:\Windows\system32\wscript.exe
"C:\Windows\sysnative\wscript.exe" C:\Users\Admin\AppData\Local\Temp\FC5.tmp\FC6.tmp\FC7.vbs //Nologo
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | auctiongutollyjkui.shop | udp |
| US | 172.67.216.141:443 | auctiongutollyjkui.shop | tcp |
| US | 8.8.8.8:53 | acceptabledcooeprs.shop | udp |
| US | 172.67.180.137:443 | acceptabledcooeprs.shop | tcp |
| US | 8.8.8.8:53 | obsceneclassyjuwks.shop | udp |
| US | 104.21.20.88:443 | obsceneclassyjuwks.shop | tcp |
| US | 8.8.8.8:53 | zippyfinickysofwps.shop | udp |
| US | 172.67.148.231:443 | zippyfinickysofwps.shop | tcp |
| US | 8.8.8.8:53 | miniaturefinerninewjs.shop | udp |
| US | 172.67.173.139:443 | miniaturefinerninewjs.shop | tcp |
| US | 8.8.8.8:53 | 141.216.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.180.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.20.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.148.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | plaintediousidowsko.shop | udp |
| US | 104.21.53.146:443 | plaintediousidowsko.shop | tcp |
| US | 8.8.8.8:53 | sweetsquarediaslw.shop | udp |
| US | 104.21.44.201:443 | sweetsquarediaslw.shop | tcp |
| US | 8.8.8.8:53 | 139.173.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | holicisticscrarws.shop | udp |
| US | 104.21.40.92:443 | holicisticscrarws.shop | tcp |
| US | 8.8.8.8:53 | boredimperissvieos.shop | udp |
| US | 104.21.72.135:443 | boredimperissvieos.shop | tcp |
| US | 8.8.8.8:53 | 146.53.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.44.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.40.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.72.21.104.in-addr.arpa | udp |
| US | 172.67.216.141:443 | auctiongutollyjkui.shop | tcp |
| US | 172.67.180.137:443 | acceptabledcooeprs.shop | tcp |
| US | 104.21.20.88:443 | obsceneclassyjuwks.shop | tcp |
| US | 172.67.148.231:443 | zippyfinickysofwps.shop | tcp |
| US | 172.67.173.139:443 | miniaturefinerninewjs.shop | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 104.21.53.146:443 | plaintediousidowsko.shop | tcp |
| US | 104.21.44.201:443 | sweetsquarediaslw.shop | tcp |
| US | 104.21.40.92:443 | holicisticscrarws.shop | tcp |
| US | 104.21.72.135:443 | boredimperissvieos.shop | tcp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.242.123.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | virustotal.com | udp |
| US | 216.239.32.21:80 | virustotal.com | tcp |
| US | 216.239.32.21:443 | virustotal.com | tcp |
| US | 8.8.8.8:53 | www.virustotal.com | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| GB | 216.58.201.99:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 46.34.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | recaptcha.net | udp |
| GB | 142.250.187.227:443 | recaptcha.net | tcp |
| GB | 142.250.187.227:443 | recaptcha.net | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 13f5f4bd5a2f3e552e78d92932ad09b0 |
| SHA1 | 24d0818e6d6594017a5144f4de7f9e7a3bbe44e7 |
| SHA256 | eb022b215c1f071d5f3001002af661c1f2db6fed4f1970586dd94fd611a8ff51 |
| SHA512 | d2284fbb601d3512ea89ee3d52cc7cffbf435e37f205c06e5e5f89e64229ed31eb6dcfb17aaf10ff3e05451540c4e5aa1698b0cea1f7839c639f618175c74ecc |
\??\pipe\crashpad_3936_VKIMPLOAFTWLEQAN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8dfc5ce77c84cc4b6f09be3fa27fb4a5 |
| SHA1 | 9a60e51686adebbbdfc9be5f71872262adc5a554 |
| SHA256 | 39132304943b787796cff306112832825b386d2f7d740ca3b2e8c7dcca0384e3 |
| SHA512 | a51747acd9f751c053552f3b637315398787ee770dd99e8ff2df8b1c0c88926df754ba53c45a0fcc62cdca5f831408de773b58557d54ca77f7d4ec644420dde0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\12001aac-719b-472c-8435-96bc060a67b4.tmp
| MD5 | baae8dac01f6cf95956d7ef8f580e877 |
| SHA1 | 415496fa212aa84bdcfe5b4a025c1b7856d638c1 |
| SHA256 | 8c7022cb88284963b200a9587a46e4ac2a17f25b688e9897c101b76ee22fc409 |
| SHA512 | 4a9a5c726d0d319b043f83f34f06279bdfc363536618de7633fa3a76c4be7cb8e9d838efda263415e30f34940d9bf19c52b1eef989089d9381a8b068b4813558 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 284e060c87cc9e32681696b0841e19b9 |
| SHA1 | 82abdb7f55328b63cc1e310b1d6289b48a3f4b9c |
| SHA256 | 1d728b969b86fd57edfe1542091629b12332c92dde728f5f3448291adf95191d |
| SHA512 | 496093d21355762d3998e6439e8df72c3590854b71d8a1e077b4e74f3591e7db198b08277a913d202b4c7afe45a6f9424df207c6c8726082c5c717100087b5e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 0c2234caae44ab13c90c9d322d937077 |
| SHA1 | 94b497520fcfb38d9fc900cad88cd636e9476f87 |
| SHA256 | d8e6f62282e12c18c930a147325de25aef1633a034eaf7a3ce8de1fb8de09912 |
| SHA512 | 66709f74b19499df1e06700e1c257e14a82ca4287194e4b177b3f333748d927f413c8c459a35e7e5a2f92d28410b0129f106d94e3dd85bc0dd0b986add83b18f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | a4b04ba2b9a56f5911fee0c29629e53e |
| SHA1 | 939e8e65e22ae978a6b63dd1400fc6f58c5015eb |
| SHA256 | 523d8983d24e050e6e7e1f43d0caca6bd77bef38ec046d181b13bf32702fc025 |
| SHA512 | 1c3357e9ecd3ac0de53d14f5d4c8d8d0aeafd30cb2e0dd6cfd1be68cca4fd4e178e79938a5ffe9a17b43e4f60f6e8e08c1054fa44160377fea740da70761c80f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | e1831f8fadccd3ffa076214089522cea |
| SHA1 | 10acd26c218ff1bbbe6ac785eab5485045f61881 |
| SHA256 | 9b9a4a9191b023df1aa66258eb19fc64ae5356cfc97a9dda258c6cc8ba1059ac |
| SHA512 | 372c486ac381358cc301f32cd89b7a05da7380c03fa524147c2ddf3f5e23f9b57c17485aaedc85b413461a879afc42e729547b0c96c26c49bbdb7301cd064298 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | 80fe74d9f9ccae0733b9074b04abd7ee |
| SHA1 | 5eb360c59cad789cf729f385a24c8cfd6b92489f |
| SHA256 | d3e71213254bc6f3f889d63aa5c63439f267bd2a83d20b3a018a6b6c8a31741d |
| SHA512 | fc3ced25b1aa4f0d178238777b0a4831c59fe6655bfe3faa01a04b5ea68433608b0cefaf1550af5f2891a387db0f6550a6224c0117bcd02918389b3f5e2dd4e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1dc52e8da3672d1deea1c58f4b878637 |
| SHA1 | 03ae491a3365555c9fbcd1784084ff9a0fdb32df |
| SHA256 | b46a7eb5fe749ef0135b8427d28a80d78d4d90af4700f4c6385ae110c09fe014 |
| SHA512 | c567b2f81622a04ed34139e1c9120c711b0e8dca4f8c5791b5e996fcb7d0c69a20f25678b51f42d4a62f8608306acbab60c8f2af04e14897f3db235caaea0798 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a607d521a7fdb233d63501143e19def0 |
| SHA1 | f52b8f37ebf4b00b5356ec58696720c099d76db3 |
| SHA256 | 46d96a84e92ccb8108f7ae078307ca3544f9050b7fe98d21585c1a39a7819959 |
| SHA512 | f765888c668ea2647414faf9542604854683542ecc881181cc7f8cad737ccf9600ebba6839106334be12ea86df0d9f47b4a5e7ac43401e0bf6f519c1fd9f9e5d |
C:\Users\Admin\Downloads\GitX_Launcher.7z.crdownload
| MD5 | 069f13b64164834c3a828a0fd97e534b |
| SHA1 | 4bc89d1c4f5435336003d8ba2c481bc55acbe5a6 |
| SHA256 | 0c1f893bee868b0faa022118c63375416ab8911b11772e53bee222ad1eaa3965 |
| SHA512 | 95479f2cddaf33121c0efead417a367c8d108093bda95a57197586b66cb4ae56246cd9531cd4824997241bfefdad3c4e579aa6683c1c9528269745996edbe38e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a053ac5676a427f5dbcdc63a846fc62b |
| SHA1 | a95756944348207ea6acd1f092e5da23b8db31f8 |
| SHA256 | b1377f3b39f13ce0986880bb7a0821085178475a102efb7c0be6aae6cc3b96f7 |
| SHA512 | 6daef2d5d7a5e6419d277c387bc9ba16c05d05dc6e05e2632c586335928426b15d6820d4e04988207fe5d3faaf7fb64fe4726089a1ff065ad5fb52931dafdd2f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 45be7b4d96b75d8c33291d410035a704 |
| SHA1 | 1c0b8ec14fb0abc702a58e6de6eb064311730e1f |
| SHA256 | d137a4a51b65c7709bb535ab4ccaa78b1ae9a558e4aeadf3810362086c262369 |
| SHA512 | df6f1feef4ad3e80baeb85e6c02505bdff82018c54841138d3bf8092e731ef38b02a13e140accba5a88fc28203ad888b21778caa4679aff515dc262f3fd14dd1 |
C:\Users\Admin\Downloads\Packs\pv2.dll
| MD5 | be068132ece3f794f09c9d6b5ba20b91 |
| SHA1 | 859599fa72d128e33db6fe99ba95a8b63b15cc89 |
| SHA256 | 59dcecb111aa15159414819f4f522e7f90597939cab572b982beebee5dc0efdf |
| SHA512 | 13829ae9b7bd0cba95800075b24570f3c70a6c4b3d4b3c4da76b0077e37c75194e929d8d56a2db69e22a319ba5077d188a6f3baedd1f69f79979717d6f6d1b6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 36ddb7f36ff9f2b070decd94e3ccae9c |
| SHA1 | 2faae80292e9f6849d66ad89f4db2539e5e6ab6e |
| SHA256 | 11835abb54e21a72054a626f1211a1443811494306208afed1b0d2d0e566a88c |
| SHA512 | 682ac3b107ce6019b69f036dd95adb33602861e73440d902990310aa10c2803b57e67d66f598f57fd3880044ab94b28f27713e9df45e7c44c6b9a46c7eae5585 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57d66a.TMP
| MD5 | 8532b9ee325adebe87d60027d8f54d85 |
| SHA1 | bee246c97ae86feccece52d8c4a5766482ee7041 |
| SHA256 | 5ba9d7875fc7e2e23aaf56c2b9b76e3b1b788b9434f5a0913ff2836c1a22e981 |
| SHA512 | fda711b144aa3b786194c32edf92e70a5effb6a1c90243942bb1d7d14ad20ee2660948a81030ce40c1137a77b83183e8ff5956236af4ac1b66d794eb17e68b8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bef762b4d54c1c438e25e375b6a97ad2 |
| SHA1 | 166cce4f288b92b4cbd1755c8e5fdcab2e3081e9 |
| SHA256 | d5bec037177c1700e6294cdc3f887120ad22e275e2497341c3214de8a40cbf75 |
| SHA512 | 7703bbe49777a77eff4799161fec96a532cae5232064c271e001cf23506d54734ef497e19c48d3c040373a937914140de52bdd071497fce029694eb71c000d26 |
C:\Users\Admin\Downloads\GitLauncher.exe
| MD5 | 82d13b4eb079d6dbae0053678b6f30cb |
| SHA1 | 996ded004512c4719755ee19808297cf5df1e859 |
| SHA256 | 0d2f692015a50d9b3dd7ba2133963b68005041af69eccfb79eb9326167cf019a |
| SHA512 | d4f6ec199247d6b9139d201a0be5be83f31ccd0a34abadb0c18a3e398396c92ed6ed73369cf52c6983b15e1a0d5b14485e883cb307c46046d30038f7e30cc2d8 |
memory/4996-857-0x0000000000DCF000-0x0000000000DD1000-memory.dmp
memory/1856-858-0x0000000000400000-0x000000000045D000-memory.dmp
memory/4996-859-0x0000000000D50000-0x0000000000DD3FAE-memory.dmp
memory/1856-861-0x0000000000400000-0x000000000045D000-memory.dmp
memory/1856-862-0x0000000000400000-0x000000000045D000-memory.dmp
memory/1856-863-0x0000000000400000-0x000000000045D000-memory.dmp
memory/3484-866-0x0000000000D50000-0x0000000000DD3FAE-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cd295ef4ec5d8bfc3f179c0b248934fb |
| SHA1 | 7b39dbe778718f422774be141f3f418e2b764efc |
| SHA256 | c090bcfb73297d2267dadc4e4dbd51eac69b5583e7737dad8d4107c9848bef57 |
| SHA512 | de38b21eba324c29d2b98c100bf5c85b73e96e98a002207d1689ec6072205cae08e27fb18ca4fddfa9fa9e6d06db93adce76e403d14d374219048eac82189cb2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff1c2cdc18ed865a_0
| MD5 | 24c07caa5a1f248c778e666a33d7fd3e |
| SHA1 | 573415540725fe1d691f215a9d4c7242f3eca423 |
| SHA256 | 85c3761ee70bfc778aef71ebdcf1dfceee9a3583e62b36ed7c847b8b024af6a6 |
| SHA512 | 59391a635e78f14b3b1df23c2509668d20a48cdbfd13ab7febe6f60129749899a0a4f739ca2da1b407d96885317ea72ff6893b4d852ab8f174c74fb888189d88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | 279a08187fe6dd2fc9af819e4a104b4d |
| SHA1 | 9d3cd1b396cefa97cd2de96a327da6daa457950c |
| SHA256 | ea3b8ac34dd2156a5c83cc7d282db609ac01c87e45d129839630580e7cfefddc |
| SHA512 | 9c19e345474f6535253fa4c6ff1a230069752b7c34141924a90c1c54975c26759851cd618d10af601c3b169593b935364fce8b0662d3282ef4520e23c3b0fe37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
| MD5 | 4198d48c0b84377cd1f64674dc181d84 |
| SHA1 | 1cde0394063127fca963b4c1b417020723608641 |
| SHA256 | c168d99398ff7ef9cb0ae9d9060cc460c6ce2a798d2ecf85c41c91a8ab0179ff |
| SHA512 | 73d6093479c6e085104f423d6c115bceccf6d0c239182fb9052eeef1215c8cca8b3a7a2ede071ad4e6c8f381005cea02ec94d02baa076147bc39d901f4414d52 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e3cd7e04cb52e4211d0aaf9443be5833 |
| SHA1 | f22cc0ff39b7a1b38717e42ebabea533c622d327 |
| SHA256 | 94f1d23f7260bc9adc38ea8f3dcbfeebe2b1f9c66faf1f367934b525923a73b6 |
| SHA512 | b8932fac20f198078eb059317e2444f8dd9cd4dddb2d453a33817a7323eb828f6b239073ceeaf9e75377bfeadc52b290dc11672d41b6e639190a099210fdaf93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | fe89ee27e7f130e4806795596ca81d7a |
| SHA1 | 357056e5f47e714649f3e20a42175a786f103dd3 |
| SHA256 | 31ba7886f30480f005778719c582b8f5819a4041331e56514ec25e92cac9ac78 |
| SHA512 | c36956d7b46c2df076a10659c0b233543a28e6cf2f8677add7306bb7a29d56fa2b116a719c5b9ce13691b744ccc2535eb721fa24587cc16a73680c81e834f9f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 36324be5f26f8e2388374ca586ffa32e |
| SHA1 | 8dc454a0de80decb35389e53fb43ba6ab9a30f30 |
| SHA256 | 85ad65cd37af13e9ae54c2a185eba242155a667cccc9ee4f19c42c3e27b331c7 |
| SHA512 | dbcba9d3a53b4ee9a760da8547ec531f23fa868dc6c5fcf87c5c191706cf58a0dfe42653f79f416a0edcc9597bbb57219f90180f313c85575698345a0e8824b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 015809c7fedadbee9101f6f4e4b04922 |
| SHA1 | f2eae69818193ccebac7a13b7e497f3b1110a2c5 |
| SHA256 | 12147a4e7a3e964607b1e6c6350e39af8e46cb380b03259b7f6ff66da6b8ca30 |
| SHA512 | 2bddf1f8ff7e2786a74a689d7c542651ea97b497dc301db11f445b5a8ab631c015227c38aabc1109fcf5168a5c23be8894de567114f773c906adc6dc4ec4f944 |
C:\Users\Admin\Downloads\Fortnite-free-cheat-main.zip.crdownload
| MD5 | 7bd22ac23476a1faea5638d44b218584 |
| SHA1 | 9d1a10685775a4f213ab63a2eda60571d0d179c8 |
| SHA256 | 6268b944bc19b7d342f6864fad29227bf88319574417bb635e7f421aa6e0262b |
| SHA512 | c8979fe457a9dc6191d5297e5812ec4062c660e1242afe1b0f3a2717694c6013ff60a0348112ed995eed386ad9b974f779dd75200f07d4f5a932d811f1a615ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 091074dfaf748e189790cd3803223a1c |
| SHA1 | bd2a190d71b992b894c56b8d071a6598fad89af4 |
| SHA256 | 8efd5d84c907f4a67724333a8e8139cdfc0a375fa177b20fb0a976163d7ab21e |
| SHA512 | 58334d2c5e2c3f139bd1cdede32b8eeba08c6781b2093a2ba87c72a98aed8455e5a3fa423953d62740ea07b0d30188494b744c1e94e3d610bff8695154336ed8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1b7d88e6f0e2afe06229c0d6ce2871e |
| SHA1 | d5a1b6548113dd5e7b2cf9e25f9edac3d29866d8 |
| SHA256 | f2cff956a1dc47c3eb10a5e9c1a952121392b63b9dc637478ece31487b911bc2 |
| SHA512 | 5b9b746ecf47ac1c79bbc6a5467156842d49c998f727e8422e1162e0fef8731757dea18dcf0114cb4fdae5f74343030f19717d52a2d301a6066cfed224fa1f0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | df702d826f008320e42a9139bc80fd40 |
| SHA1 | 659011391c621d79ab15c19fc00b3418fd036e04 |
| SHA256 | c2b2c777534a87f48b068d0354c76acac18a2f0e386d1779cf7154f6937cc973 |
| SHA512 | 5b958bb2c3022cb828f2bb61d4e4319d7a18bed85f50aed87a13bd0a2ada097377071e55b4a9581a3cc5746c2f4c5d7a3d942d00f7dae2cd8608d84aa4d15c53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5ade9e22697109d2b19d33dad5ceedcb |
| SHA1 | 751ce0da794b82131dcba84eaf7a2ada8a6410fb |
| SHA256 | 30e3ea0633c79fb6014d4b6ff0c3d606bd5732f4ca953954a588d77fc3e0aa5f |
| SHA512 | 92e85c46941b0768655f9cc2a514d36dea18407cc19ecc4bb9413b52813f0fcb5eea4cbe49e5a19c08d30ebc4b8558ae4ae6a6e34d65dde8b02ebd8275edfebc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f53207a5ca2ef5c7e976cbb3cb26d870 |
| SHA1 | 49a8cc44f53da77bb3dfb36fc7676ed54675db43 |
| SHA256 | 19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23 |
| SHA512 | be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ae54e9db2e89f2c54da8cc0bfcbd26bd |
| SHA1 | a88af6c673609ecbc51a1a60dfbc8577830d2b5d |
| SHA256 | 5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af |
| SHA512 | e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 565fceae2f9903506c15ed5275f03805 |
| SHA1 | fcf055c2eb6124e750cb29cdc4f2474310b6353e |
| SHA256 | 6dfbba09a8b4b0342c65fc05a4ddd2cd00133dd2d5a310747d7aab2c4deccce6 |
| SHA512 | fd729d333a9c4f38edf3b5bc486750574228c145f72566b1d51dbb315eab7081b1cf661fc853fff453f43389e197dcb4c7b4c2ef9f89a9d510052825d3d45098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0457cda3e4f02858ee5230b888e22ae8 |
| SHA1 | 7d82bcd34e2ce8b5e6af78e61e64061c3fc1de01 |
| SHA256 | 60ef070d09982cf4d6b6027fec0612b5bfca7d5565c21cdfa147722b67e7d20f |
| SHA512 | 8279e330685fa686a0002b62713e0e3177fc2dfe29d952df929f6158172af954db0796c40b046efff23e343e87dc608b97ba72adb072a5f027771479318bf09d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e5a9b2ecee84db4c8e37d5f112671c79 |
| SHA1 | 2a9cd716aac7042e3ba683a002e9ae5b61a2dfe3 |
| SHA256 | 922c7719010210794348c0f0ee25275c0c9a78f51342042d81cde262704ccfd6 |
| SHA512 | 25ffa19dbf50a3c19e87a929e5c8ab5a8df40b0c1f1a5385d81317156cf63711b40fdffc4fe0ba49da56356f09896e8013e5b7f218dceafd71378124eb942a75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 27f0bc9ee2cdeb058f542ea758579d7f |
| SHA1 | 08ce0cbb66da43c61d9c2b66463d1d5848f11b48 |
| SHA256 | 9240899804642c81cf20d0412e00d6c5f8210aae67b28b750e538634457347ea |
| SHA512 | a4e06a2e1b37d0c54fa38ce912befc253b137f06e2c9702ac929c35e741cf7b744dd43581fba3ba090b10e5b59fd8d3e23b929841497b87590b7f850be22059d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d4ac20cd23ad6244a71763cee232aafe |
| SHA1 | 0153a4973c62b35fb568b3fa1cd92aa6732e5c59 |
| SHA256 | 2503671e4e05d64d3231d5ff016d0ace1d1beaa7820338da67f250d3663de387 |
| SHA512 | feacb0a6da2ab5d908f84749a0c8b2cb95870d3cec2f5136fc6b118cb432340d54985c90469c4144babc9125900aaec2e3056c4c0014ee7aa1d973580cb48dfe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 350b76dee1d00ddc783bc5fc0ccc42df |
| SHA1 | 6d68d30a629f029d946809bc9f8e7160663f092e |
| SHA256 | 5c61064543bc182e15e7351d338151f46d962a1117e8ddc3d6ac368d431bdee1 |
| SHA512 | c9ff78991ad9e5e684783540df65e1125d4dcdcfe2e092a8583b2f8fc24072ca2ad435bd3b4e1e92c742839f966b4179fb857ff4af58ed6e523e8a1c849899ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Temp\FC5.tmp\FC6.tmp\FC7.vbs
| MD5 | 67706bca9ceaba11530e05d351487003 |
| SHA1 | 3a5ed77f81b14093a5f18c4d46895bc7ea770fee |
| SHA256 | 190a0d994512ed000cf74bd40fb0502988c2ac48855b23a73fd905c0305fc30f |
| SHA512 | 902ac91678d85801a779acbc212c75beba72f8da996b0ed1b148a326c2dd635b88210f9a503fbbffa5271335483eae972e6a00acbc01ec013cf355c080444598 |