Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10-05-2024 13:03

General

  • Target

    https://gofile.io/d/ijTJn1

Score
10/10

Malware Config

Signatures

  • BlackGuard

    Infostealer first seen in Late 2021.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 40 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://gofile.io/d/ijTJn1
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2428
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcca40ab58,0x7ffcca40ab68,0x7ffcca40ab78
      2⤵
        PID:3896
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:2
        2⤵
          PID:3236
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:8
          2⤵
            PID:2036
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2160 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:8
            2⤵
              PID:1264
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:1
              2⤵
                PID:4864
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:1
                2⤵
                  PID:3060
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4156 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:1
                  2⤵
                    PID:4504
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3984 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:1
                    2⤵
                      PID:3308
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4504 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:8
                      2⤵
                        PID:1284
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4652 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:8
                        2⤵
                          PID:4920
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4476 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:1
                          2⤵
                            PID:4592
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3312 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:8
                            2⤵
                              PID:4048
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:8
                              2⤵
                              • NTFS ADS
                              PID:244
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3224 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:8
                              2⤵
                                PID:1544
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3316 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:8
                                2⤵
                                  PID:3976
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4332 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:8
                                  2⤵
                                    PID:3060
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4992 --field-trial-handle=1772,i,9471122413574594816,5448364773028428963,131072 /prefetch:2
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:5068
                                • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                                  "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                                  1⤵
                                    PID:2976
                                  • C:\Windows\System32\rundll32.exe
                                    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                    1⤵
                                      PID:3128
                                    • C:\Windows\system32\NOTEPAD.EXE
                                      "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_Project Xvem (1).zip\Project Xvem (1)\Project Xvem (1)\Project Xvem\READ MEE!.txt
                                      1⤵
                                        PID:3220
                                      • C:\Users\Admin\Downloads\Project Xvem (1)\Project Xvem (1)\Project Xvem (1)\Project Xvem\Project Xvem2 loader.exe
                                        "C:\Users\Admin\Downloads\Project Xvem (1)\Project Xvem (1)\Project Xvem (1)\Project Xvem\Project Xvem2 loader.exe"
                                        1⤵
                                          PID:4508

                                        Network

                                        MITRE ATT&CK Enterprise v15

                                        Replay Monitor

                                        Loading Replay Monitor...

                                        Downloads

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                          Filesize

                                          288B

                                          MD5

                                          757ea404bc0fc7450972e5d9977a81b6

                                          SHA1

                                          e6a52c99d4131636fd03160ea564c95454a2d8db

                                          SHA256

                                          ee945efe5c1082265f2e00c4e8e88d0b6958d259117ed93d9820a96da6a24e66

                                          SHA512

                                          c73648e0faeaf78ea39a549f905df010f5b2abe42a4810051146212bbe4af40365c56f5ed1aea163b3942995479b73271b6f43491611817187134942dc4337ff

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                          Filesize

                                          312B

                                          MD5

                                          66b8e156959e83d6f1c5683eefeea66a

                                          SHA1

                                          1f06376018dc3a4c257ed2ca013cb134131e1280

                                          SHA256

                                          c4b039272985060752ceb049a3d5966b0729cef08c63b989b81d8d2ed347f91e

                                          SHA512

                                          77fee6fedf87ccb3aeebf5d6a02fcb0ac4aab746d7a2d4f4bd9c4f1b28baf5bad4d344272ae44a4a9bbf8defd7b3be6f78c0a698703bbbe9ca452ebe4c41f106

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                          Filesize

                                          2KB

                                          MD5

                                          0cff9d080fdcac935059513d00d2773c

                                          SHA1

                                          fbacae40bf668aa4c6c64e9829e1dbac9a0100fc

                                          SHA256

                                          886b0824a26062643f8ce20f9b6a3be2e711bdfdc34a40fcdea1f4de993ad25c

                                          SHA512

                                          fa8a90a83cfcc6dc9321b1b209c7bfda6459d6ceedc7f380c6ebcf6670718721bcb5dbedcc98ed5c2acbb0eda5bcc66840a16e2f1ea340525fe6fe3230ea4835

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                          Filesize

                                          2KB

                                          MD5

                                          2e67c1e0f12eb66ffd52484f334af2e5

                                          SHA1

                                          9922627aece9c29459897a0f4f3c92208a58b23e

                                          SHA256

                                          3ce9d25e8b6a2b907c50de3151f31dc4ddef5bbce60681d9e821269196d88651

                                          SHA512

                                          7e000ed3a8850c9b8accf1956f69e0804e03543f5fe80cedf8b75db39347df5e592e31bf7912b4dca23163c045eb7377a734c23abc7904895538d9574f647a10

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                          Filesize

                                          2B

                                          MD5

                                          d751713988987e9331980363e24189ce

                                          SHA1

                                          97d170e1550eee4afc0af065b78cda302a97674c

                                          SHA256

                                          4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                          SHA512

                                          b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                          Filesize

                                          854B

                                          MD5

                                          dc3b70f4f485a7dcefb70cd86db67609

                                          SHA1

                                          1d94a658e0f4bf52fdb7a32f42173cad0a2f722d

                                          SHA256

                                          2e8235b04e9a61f1092d99d1fe0091f6c43f5be57f7184a53bf737feeb40f65c

                                          SHA512

                                          1a7ee5eedfa2b347611d2f2846765f6be1b54dd0a5d5f0e26b81dccccb9d14acd1b2237cf821f0a2f411a871b00f1de9ade2b350d498e1557a8a3ed022716564

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                          Filesize

                                          852B

                                          MD5

                                          a3652ab77b7a8bd994548ca031517c09

                                          SHA1

                                          ef4721cd8b5d77bd1a0f0c112b246b0e4e5270c8

                                          SHA256

                                          c4e9cd93eed645de0d9d15f3a5393d98e6c8d9303bf4fc3735b368841d9c123e

                                          SHA512

                                          05f8b3d159f695dc163f4cfd99822167864c1a58e2665236fee6aa5895bc3515390b664421bd27642a65a42280bbcc5ba18a247b3b34e8c18eeb0e3f7c4c5604

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          7KB

                                          MD5

                                          bf4c57928ed04438fad43c1791955c2c

                                          SHA1

                                          f843236a1384f14094e4442500fb2c109671679b

                                          SHA256

                                          7acaa58c25a808f5b9481db28c60c1a6a641c8e71acb4519da6b8a91e77c09db

                                          SHA512

                                          c7b940f051a92a311ac948ad81dbcaff62fa20a3cb03a595253b2bd98b36bc32afd06dc96efe187f73d1e8e7b81c088b9332cdcb7a51e284be871f2b10e0f261

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          7KB

                                          MD5

                                          44d5bc0194ed9ba73f1950e702d601e2

                                          SHA1

                                          419af0bf0ba0768eb2f562600f803c9a4d2e9ea1

                                          SHA256

                                          f5904dae92a9bf24738e51b3445a4d0b4ec751531ab0a157c8bef67811aa3d76

                                          SHA512

                                          fb03bfca1aef2f3f385166f91096848e75efa3b6cc33779daddae7f71c4692edf49ce2294928c3fe65ba05e94fa6447597f410501cd864d5c44fee4435a34717

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          7KB

                                          MD5

                                          da25600b8d5008038580df7a62953994

                                          SHA1

                                          7a1e3629b2e1e3556bcad876f8a7cfdabae6f723

                                          SHA256

                                          65ff4ff75fa8c0c27b31999262b90eeca0b9af22048bce383893a16c0ae107ba

                                          SHA512

                                          96fbde1dbb25e0a66c10255f9203f2a4d943c7bb9bba5f5823424211b83f2ce1444d251dfa605ae5fec1f6ca886ec941c1a0da1eaaef254da4d1228e29e436b8

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                          Filesize

                                          258KB

                                          MD5

                                          b318b6c811555fa33b2b6d4d88862bf8

                                          SHA1

                                          82daecca140dc8162ebebb3fd9cbef143bf23ee6

                                          SHA256

                                          5d5fca4a74d0727a55e188ae39863ea9adf03d72da3d55a93684ca30428c2992

                                          SHA512

                                          9303e96e5931ab16df3ce7e3e577a3941321b131909b5cd0ed4eb9773c8ff3f197120573548cb61109544aadc6f54b05a2ee655671c422c6ab4011ac91a15e40

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                          Filesize

                                          257KB

                                          MD5

                                          2f0fcfb634d2253559d41f9cc7e6da0c

                                          SHA1

                                          a04453f7100f23203977a50b13ea9da07c7f268f

                                          SHA256

                                          7dab2258695c0ec1e7ff1a907d2f3b17da455f2ded01a24b053327867e4442b6

                                          SHA512

                                          9a8e538e4a4851e1360634800cc5ee26229aa57f0482a0417179b0710d3f8b7d99c5340e7889aeba761772bc8d0985dce6ae379db7e67f1d867539591f9f6c21

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                          Filesize

                                          270KB

                                          MD5

                                          f81b0551f00d69d008e31ea8b8831099

                                          SHA1

                                          6321c694f04d149af443b9019d9694348fd42698

                                          SHA256

                                          1bb1019c29f2eeb7e7dbedea28e849e063f685c75bd89a81660dea827b7b52cc

                                          SHA512

                                          60ebb42302e1f6e0e526174c2d166a9e9da4bb18db92cdb2d588ec59ecb5335852a934bbca892070a40d523c0115fe8c1c1fa30a8f2a7902d2da19337c8003ad

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                          Filesize

                                          257KB

                                          MD5

                                          d89340267414ceb5e4da381b051d85af

                                          SHA1

                                          c5b09b207ae216c77015540720b380d023d10084

                                          SHA256

                                          c674fedc02c54d1511daff4303cf45049c34aa8858d5c74a9d54387cfb94cc20

                                          SHA512

                                          cd201c6ac0803fd5420bd77f56674274bc7f7afef8edcc4192afdf74d4ab53dd4daaaaf57e55be51db25be2cebdfe517784f7710136909e3bd7651e98a49208d

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                          Filesize

                                          257KB

                                          MD5

                                          5164ff5305adc4f99c841087907c7af6

                                          SHA1

                                          5abea72beddc7265c9fa336fb91e0bcd0fc7d18c

                                          SHA256

                                          ca6da031ff6707ed20964ce374249942f35e3df21a428707a19d1f84a0e33b13

                                          SHA512

                                          bae9549b275f650e92f0366cf24d0127004f6c0e50066f9d7f5888d22c76d7ae4871cad909defd0c82e9299b24e0b624751b1e6c3f083fde9931899546ee455e

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                          Filesize

                                          97KB

                                          MD5

                                          9d21e65a7f9001e358b99adbc43beacd

                                          SHA1

                                          7c6feba50f6625dbaca5e4aeb7b2694ed47972f6

                                          SHA256

                                          9c8fd76d74e980e66d130d26e35e86883686b35cd85e9d1c3bf91acdac25c649

                                          SHA512

                                          9d32d4d0352b5704c33f1fbb6845bdddc31f4dd7db3d00fbc74330d9c144d7617f755c295aa0235abd0988a558d5fde887dbe5875e544aa24d6dc4d800430c2f

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                          Filesize

                                          94KB

                                          MD5

                                          8fb4ddf46bd7572147b16019b56de32a

                                          SHA1

                                          bdd266ced1c8c7445db5997a047bc995362a2a68

                                          SHA256

                                          22c7e014758d2edf93fbef6e833a1fb7d498ba6c52115cb5d33e39056af6114c

                                          SHA512

                                          f202c53fef107a0111772dd6930e118815d5adc1d3f8383e6f7978a20fe59d2e8aac0d5b488020b32d32c6f453a70765b46ef6afb5c90d97a80d8edcf4797e53

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57b006.TMP

                                          Filesize

                                          82KB

                                          MD5

                                          05b1e8a3ba517f70e3de677b4a54ded8

                                          SHA1

                                          fede4b9f490b7426294faf01fb426daf0401de94

                                          SHA256

                                          0b1b42e5070db412344329387386f0675ee7a03a5aa1ec5efa311a8365b849e2

                                          SHA512

                                          c2ed96ad6e8e58a2c7e6bf59bf5ac814720a24ac94b973d0527052db6b0547040b0de27b7b2887069792e63daadcd3548f1a61f786e468b85ce0e68cc16c9df8

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

                                          Filesize

                                          264KB

                                          MD5

                                          97a21a2b68c1a9b84b8d82d9e1bd4449

                                          SHA1

                                          26f0e5c11a6ff88789683150f31b40637ce8e9c4

                                          SHA256

                                          c6f579566e6d6bd73a96705687a129d670d926a5349ee29ff427be756e217be9

                                          SHA512

                                          ef84ff362d9d1c8d0e12f72c56a4f2c3f910340788f94035ab0d116bd56b4fa309d6904d106996c729b83059d2b080863d09358722d3b777a177231f93d2e968

                                        • C:\Users\Admin\Downloads\Project Xvem (1).zip

                                          Filesize

                                          27.8MB

                                          MD5

                                          0ea8df149f58fd6135afad2f704f2699

                                          SHA1

                                          0d21df98f991bd15d9a48c29bf0b5d7940edb9a7

                                          SHA256

                                          b9b933e2d3a36d24101e432897d942bb883923b4a6e54dac79c42670862b95df

                                          SHA512

                                          f68e7e4c22109568b825ed84e6d36037a24a064baa142b98630c1168cde613953a53d9dadb1c1e2fcf1a825de82034d6ef8bbe6a3fabca2e054b2c10956f38ba

                                        • C:\Users\Admin\Downloads\Project Xvem (1).zip:Zone.Identifier

                                          Filesize

                                          26B

                                          MD5

                                          fbccf14d504b7b2dbcb5a5bda75bd93b

                                          SHA1

                                          d59fc84cdd5217c6cf74785703655f78da6b582b

                                          SHA256

                                          eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                                          SHA512

                                          aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

                                        • memory/4508-182-0x0000000007040000-0x0000000007122000-memory.dmp

                                          Filesize

                                          904KB

                                        • memory/4508-189-0x0000000007DE0000-0x0000000007DE8000-memory.dmp

                                          Filesize

                                          32KB

                                        • memory/4508-190-0x00000000089F0000-0x0000000008A12000-memory.dmp

                                          Filesize

                                          136KB

                                        • memory/4508-191-0x0000000008A20000-0x0000000008D77000-memory.dmp

                                          Filesize

                                          3.3MB

                                        • memory/4508-192-0x0000000009CB0000-0x000000000A256000-memory.dmp

                                          Filesize

                                          5.6MB

                                        • memory/4508-186-0x0000000007460000-0x000000000746A000-memory.dmp

                                          Filesize

                                          40KB

                                        • memory/4508-187-0x0000000007470000-0x00000000074A4000-memory.dmp

                                          Filesize

                                          208KB

                                        • memory/4508-188-0x00000000074C0000-0x0000000007572000-memory.dmp

                                          Filesize

                                          712KB

                                        • memory/4508-185-0x0000000006FA0000-0x0000000006FAA000-memory.dmp

                                          Filesize

                                          40KB

                                        • memory/4508-184-0x0000000007390000-0x000000000745C000-memory.dmp

                                          Filesize

                                          816KB

                                        • memory/4508-183-0x0000000007220000-0x000000000738C000-memory.dmp

                                          Filesize

                                          1.4MB

                                        • memory/4508-181-0x00000000008B0000-0x000000000256A000-memory.dmp

                                          Filesize

                                          28.7MB