Analysis

  • max time kernel
    26s
  • max time network
    85s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-05-2024 05:37

General

  • Target

    AdminMenu_BP.zip

  • Size

    6KB

  • MD5

    61211ef57d6ba766fc8bb61842faf0e1

  • SHA1

    b2bbc5b5e62037b8e3469ebc762e7f6f5a5fba1c

  • SHA256

    e78e743c21357e099190edde23d5e6fb8ffd33c36ea9602777d231a2b4dcc11d

  • SHA512

    afc39b276dc1955ab779d8bd175c8f2983df5169b4921379a0c1a3408955f2c999f746130770927d4e714c172d487f14d050257ab5316e1ebd76298bf21744f5

  • SSDEEP

    192:fJhA/9R7jnk5+INVNVT9SyEgFMNRYS1W1bPbMt5//UahVCjJG:kFRQVNJcyEtYwEPk/UaLCE

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTIzNjczNDg0ODUxMzczNjgyNw.GYx9r8.AvmyPnn0sb2NoZijUdM4ZGOUfHrS-MmxJNKUeg

  • server_id

    1214787742026702861

Signatures

  • Discord RAT

    A RAT written in C# using Discord as a C2.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 44 IoCs
  • Suspicious use of FindShellTrayWindow 34 IoCs
  • Suspicious use of SendNotifyMessage 32 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\AdminMenu_BP.zip
    1⤵
      PID:2032
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:1736
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6e79758,0x7fef6e79768,0x7fef6e79778
        2⤵
          PID:2536
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1160 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:2
          2⤵
            PID:2988
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
            2⤵
              PID:2616
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
              2⤵
                PID:2780
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2180 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:1
                2⤵
                  PID:292
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2196 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:1
                  2⤵
                    PID:1952
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1160 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:2
                    2⤵
                      PID:2076
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3336 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:1
                      2⤵
                        PID:2692
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3392 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                        2⤵
                          PID:688
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3492 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                          2⤵
                            PID:488
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3680 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                            2⤵
                              PID:404
                            • C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
                              "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
                              2⤵
                                PID:1552
                                • C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
                                  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13fe47688,0x13fe47698,0x13fe476a8
                                  3⤵
                                    PID:1572
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3708 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:1
                                  2⤵
                                    PID:720
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2324 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:1
                                    2⤵
                                      PID:2392
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3404 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                                      2⤵
                                        PID:1364
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3408 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:1
                                        2⤵
                                          PID:2880
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2800 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:1
                                          2⤵
                                            PID:2448
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1356 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                                            2⤵
                                              PID:1460
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1232 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                                              2⤵
                                                PID:2228
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4340 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                                                2⤵
                                                  PID:1216
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4360 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                                                  2⤵
                                                    PID:2628
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=584 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                                                    2⤵
                                                      PID:2256
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4364 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                                                      2⤵
                                                        PID:2272
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4492 --field-trial-handle=1240,i,11820542757870545092,6721861665452340222,131072 /prefetch:8
                                                        2⤵
                                                          PID:2452
                                                      • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                        "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                        1⤵
                                                          PID:1772
                                                        • C:\Windows\explorer.exe
                                                          "C:\Windows\explorer.exe"
                                                          1⤵
                                                            PID:3060
                                                          • C:\Users\Admin\Downloads\Client-built.exe
                                                            "C:\Users\Admin\Downloads\Client-built.exe"
                                                            1⤵
                                                              PID:1768

                                                            Network

                                                            MITRE ATT&CK Enterprise v15

                                                            Replay Monitor

                                                            Loading Replay Monitor...

                                                            Downloads

                                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

                                                              Filesize

                                                              68KB

                                                              MD5

                                                              29f65ba8e88c063813cc50a4ea544e93

                                                              SHA1

                                                              05a7040d5c127e68c25d81cc51271ffb8bef3568

                                                              SHA256

                                                              1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

                                                              SHA512

                                                              e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

                                                              Filesize

                                                              175KB

                                                              MD5

                                                              0f9c5a45423201497a3eba0a942de4c5

                                                              SHA1

                                                              16bd62b2e12fc27e8c8ab43bbe3634666fdeb749

                                                              SHA256

                                                              339b4d93145ddc72b2c13746aa9355b3c4a7caeabaf69d68568557ae6c819d6c

                                                              SHA512

                                                              388f52ac50f22a48d5d6de1cb3d7170f71358efdc084b233cf04171d3ff144e7a8f3e8b0bb4a48d8f32ce5971169d2294000468a8d22e16a509a2e4a0137ef99

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000001

                                                              Filesize

                                                              41B

                                                              MD5

                                                              5af87dfd673ba2115e2fcf5cfdb727ab

                                                              SHA1

                                                              d5b5bbf396dc291274584ef71f444f420b6056f1

                                                              SHA256

                                                              f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                              SHA512

                                                              de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

                                                              Filesize

                                                              16B

                                                              MD5

                                                              aefd77f47fb84fae5ea194496b44c67a

                                                              SHA1

                                                              dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                              SHA256

                                                              4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                              SHA512

                                                              b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

                                                              Filesize

                                                              264KB

                                                              MD5

                                                              f50f89a0a91564d0b8a211f8921aa7de

                                                              SHA1

                                                              112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                              SHA256

                                                              b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                              SHA512

                                                              bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\000002.dbtmp

                                                              Filesize

                                                              16B

                                                              MD5

                                                              206702161f94c5cd39fadd03f4014d98

                                                              SHA1

                                                              bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                              SHA256

                                                              1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                              SHA512

                                                              0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\CURRENT

                                                              Filesize

                                                              16B

                                                              MD5

                                                              6752a1d65b201c13b62ea44016eb221f

                                                              SHA1

                                                              58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                              SHA256

                                                              0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                              SHA512

                                                              9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                              Filesize

                                                              987B

                                                              MD5

                                                              cbcd07f0931ea8d7744fe8b5a81fb2e0

                                                              SHA1

                                                              cee5b91b4fc99dbcd5cc9d6b1e6c236630e2ec8a

                                                              SHA256

                                                              ca45e0b8c913eb1c23d06ca340e38883b01a1637ef6419dae68de9657a69cf61

                                                              SHA512

                                                              8cd4c60de6075d5705aa0d580b917e300ef779fdcaad125476631d198fc326fff979d3b74f1100ddbd14f625e7a0800f18f19a1fa5f61667a813601031443e5b

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                              Filesize

                                                              682B

                                                              MD5

                                                              dba8d94f30a562b013fa8b4c380c9288

                                                              SHA1

                                                              08c691fb6712d4bb811789f7620ff55d64733b1f

                                                              SHA256

                                                              c29e719868ab8499944bfa57fef261336069479e29a58cc7b599d6a7419e9058

                                                              SHA512

                                                              0d12a5d6b994bf9dd9b2c8c547ecaf0604c75aeefa9573ab6d87f978a51e5fd279be93ef6523275bfe93487cfc270ce22ce4b130ccbdee6436638b8fe363388f

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                              Filesize

                                                              361B

                                                              MD5

                                                              3b984dd2fa04c2850029b3e7b034ed98

                                                              SHA1

                                                              fe4035fde2e5b935e69d8d87f94cbcfcc6cb91d6

                                                              SHA256

                                                              b83e7f5c6587c195b175dbf17589260cd75e5e9a47d055fd4db17665d111d6f3

                                                              SHA512

                                                              731ee603d1e23169511834ce71dc7fa5ebb2b36a6a35b43fc25a2163f0287fefc9fb9c89d21724a8ea275e7c2facab120867cae1060c8e9240f450ea2ba10973

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                              Filesize

                                                              6KB

                                                              MD5

                                                              5c3b3c7699cba9d73fee3da1990ccdc2

                                                              SHA1

                                                              e1f2334420bbd1ef4f4a4c352ae2458bd404706a

                                                              SHA256

                                                              0bddeb38a79b5e347c4031a0d9068f07e7e27a5edb7affe3f684afa46011c2bf

                                                              SHA512

                                                              61c9dc8b26cd1b9c8733a8985d675fbe007eef84848e477539241a16d75ddf0932d6b8ec5fcde6d5204c0c6d4bff7ee137ab30c30eb8500dca55134f8290b9f8

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                              Filesize

                                                              6KB

                                                              MD5

                                                              fee3981648f48ad6891854b7a69a5f82

                                                              SHA1

                                                              2599e83812e7e810ae5bcc153f23a29f932c926d

                                                              SHA256

                                                              5219f1296286af3c495b889bf6f73b46658b6fa1a155172faff8eaa500706f55

                                                              SHA512

                                                              5ecc22dfe4f820ecd247b4ef7ca7fdc7d8128b4177c2a9b930adf92a5a5abb17ac8412e21a0bdec9567af4109881aeb3e68e2b6bfefdc978c6842a1df5cfe201

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                              Filesize

                                                              5KB

                                                              MD5

                                                              9a776ae81efa622ce4ecafad2be4c925

                                                              SHA1

                                                              1c4700e80d28799ac34d8f67eb11e3c5bdd4a31e

                                                              SHA256

                                                              a09c2a3508d54e1b0fee25ba08a0217548d78103a0417e843a669ffbb0a4eaaf

                                                              SHA512

                                                              7d714dad1035123e0ab99fe66a48f9698577313163b9d7b291ee42e09b4fd5897b3f57ee7f63eee725dcc403d0e38789e17f932d3b2f9077cfb5cd8af53b89a8

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                              Filesize

                                                              6KB

                                                              MD5

                                                              8226c3c6ed3415220417532426722258

                                                              SHA1

                                                              ab804970ff4f9e84791287ab9ce1bef5be87ef82

                                                              SHA256

                                                              1fcca693ee80d30eb560ce222c284beb9862ec03fd20acd3ca7aa7bc03406295

                                                              SHA512

                                                              fd1990bb5dcbc005f355f9d85add473dd1d91bfd8d725ed929cefa19107ad4e0200299e46a13c3467b60486446f92ec7860e7ead4cbb9c44d56328c7f5228292

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

                                                              Filesize

                                                              16B

                                                              MD5

                                                              46295cac801e5d4857d09837238a6394

                                                              SHA1

                                                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                              SHA256

                                                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                              SHA512

                                                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

                                                              Filesize

                                                              16B

                                                              MD5

                                                              18e723571b00fb1694a3bad6c78e4054

                                                              SHA1

                                                              afcc0ef32d46fe59e0483f9a3c891d3034d12f32

                                                              SHA256

                                                              8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

                                                              SHA512

                                                              43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                              Filesize

                                                              75KB

                                                              MD5

                                                              11234336551351586afd050e865cb428

                                                              SHA1

                                                              b3ec3a5d999a8b4a9b699d7f38d0ce244bfec1da

                                                              SHA256

                                                              c27e8e4d8789c3ca5a05343051b61eeb8a7759c16d0abe89aac8a11195121310

                                                              SHA512

                                                              e960797d67d1c648e18b26c198e9e7ed2baa1e63c0cc4ffb37086a072262521502905eb77a78d1cc595858d83cd6f1813e9abc03b343981e3fccbbb28d04fd99

                                                            • C:\Users\Admin\AppData\Local\Temp\Tar6050.tmp

                                                              Filesize

                                                              177KB

                                                              MD5

                                                              435a9ac180383f9fa094131b173a2f7b

                                                              SHA1

                                                              76944ea657a9db94f9a4bef38f88c46ed4166983

                                                              SHA256

                                                              67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

                                                              SHA512

                                                              1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

                                                            • \Users\Admin\Downloads\Client-built.exe

                                                              Filesize

                                                              78KB

                                                              MD5

                                                              bc36339d259715c4fb7c681506bdd215

                                                              SHA1

                                                              a5f892fa06e4a96ac5eb043f6f7a2d562aa54b94

                                                              SHA256

                                                              6138ff42dbc206690422ff11ba68758b52b6b12f49232b3aac20fac3176347d8

                                                              SHA512

                                                              5de9fcfbd4c55358e84a0808c083b6a9e00bb78c3159eb10af4d1640fb7b03cde2099b8a7a914a6a52a8fc9ecf9bc0a84a4662127772559d98877ae64bc32732

                                                            • memory/1768-793-0x000000013F150000-0x000000013F168000-memory.dmp

                                                              Filesize

                                                              96KB