2e0a0e7e5d510f4274cd22ca2ed10f4bcca932a8cb2a756a47c13fb36a5fb58d

Analysis

max time kernel
150s
max time network
150s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
16/05/2024, 22:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Solara_Updater.exe
Size

240KB
MD5

b89051e8cf348e69c0943b540af3b99c
SHA1

50200e338cb5df75077c6144884bf0ff6bf7cc7a
SHA256

2e0a0e7e5d510f4274cd22ca2ed10f4bcca932a8cb2a756a47c13fb36a5fb58d
SHA512

ab1e75c6ccf80fdd29bb35ec802032a46cf642e444ba392a2224cc025d05d78148f60bf81d4405b25301ce86b83e03d9249378864afa575fa6a61f05dea21408
SSDEEP

6144:poKbfO8otzIJZiCgq1gQb4KgLqMIuLRTK83KrAqG:poKzO8otaZiCgSgQb4KgLqMIuLRTwrAq

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
4	raw.githubusercontent.com
3	raw.githubusercontent.com

Drops file in Windows directory 5 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\1601268389\715946058.pri	taskmgr.exe
File created	C:\Windows\rescache\_merged\4272278488\2581520266.pri	SecHealthUI.exe
File created	C:\Windows\rescache\_merged\4272278488\2581520266.pri	taskmgr.exe
File created	C:\Windows\rescache\_merged\4272278488\2581520266.pri	SecHealthUI.exe
File created	C:\Windows\rescache\_merged\4183903823\2290032291.pri	taskmgr.exe

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	taskmgr.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133603732900909824"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings	taskmgr.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2820	Solara_Updater.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
32	chrome.exe
32	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe
32	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	2820	Solara_Updater.exe
Token: SeDebugPrivilege	2240	taskmgr.exe
Token: SeSystemProfilePrivilege	2240	taskmgr.exe
Token: SeCreateGlobalPrivilege	2240	taskmgr.exe
Token: 33	2240	taskmgr.exe
Token: SeIncBasePriorityPrivilege	2240	taskmgr.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe
Token: SeShutdownPrivilege	32	chrome.exe
Token: SeCreatePagefilePrivilege	32	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe
2240	taskmgr.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4112	SecHealthUI.exe
3248	SecHealthUI.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 32 wrote to memory of 4892	32	chrome.exe	89
PID 32 wrote to memory of 4892	32	chrome.exe	89
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 4448	32	chrome.exe	91
PID 32 wrote to memory of 2704	32	chrome.exe	92
PID 32 wrote to memory of 2704	32	chrome.exe	92
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93
PID 32 wrote to memory of 2708	32	chrome.exe	93

C:\Users\Admin\AppData\Local\Temp\Solara_Updater.exe
"C:\Users\Admin\AppData\Local\Temp\Solara_Updater.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2820

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Checks processor information in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2240

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2464

C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
"C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe" -ServerName:SecHealthUI.AppXep4x2tbtjws1v9qqs0rmb3hxykvkpqtn.mca
1⤵
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
PID:4112

C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
"C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe" -ServerName:SecHealthUI.AppXep4x2tbtjws1v9qqs0rmb3hxykvkpqtn.mca
1⤵
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
PID:3248

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:32
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffd5f589758,0x7ffd5f589768,0x7ffd5f589778
  2⤵
  PID:4892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:2
  2⤵
  PID:4448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1848 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:8
  2⤵
  PID:2704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2128 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:8
  2⤵
  PID:2708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2900 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:1
  2⤵
  PID:3792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2908 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:1
  2⤵
  PID:3052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4472 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4412 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:8
  2⤵
  PID:440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4704 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:8
  2⤵
  PID:3692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5008 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:1
  2⤵
  PID:2392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:8
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:8
  2⤵
  PID:1336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5092 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:8
  2⤵
  PID:964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3780 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4520 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:1
  2⤵
  PID:4432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3576 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:8
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4700 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4792 --field-trial-handle=1868,i,271213542008798244,499219174332745915,131072 /prefetch:1
  2⤵
  PID:2104

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\50959907-197d-451f-b32a-1cfbec8f6b6c.tmp

Filesize
6KB

MD5
ffea9da91c4def444e9cbe28145fb301

SHA1
10b9b2f5389b43cec142675af267ff19ed8ec721

SHA256
4741a0719bbd6b6f2feb36e477fff1e7f002bf1e5ad1f77601feeaf05e8bbfaa

SHA512
58bddc39d2683e5eed5d8b2d3aeecb43ed620ddaa905106168372d20d165b03b75ab9c1acce754c81cc579d6587fac6b33e8b6cf0bc45f746887a024fb8e613c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
204KB

MD5
41785febb3bce5997812ab812909e7db

SHA1
c2dae6cfbf5e28bb34562db75601fadd1f67eacb

SHA256
696a298fa617f26115168d70442c29f2d854f595497ea2034124a7e27b036483

SHA512
b82cfd843b13487c79dc5c7f07c84a236cf2065d69c9e0a79d36ac1afc78fa04fba30c31903f48d1d2d44f17fb951002e90fb4e92b9eae7677dbb6f023e68919

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
26KB

MD5
69b550731f9a789a39d18eb917e43a4c

SHA1
20721285bcc8dfc47777e43b2d94a224469a0b50

SHA256
230bd4129d0d79dd196efcf6d9e8db962c5e750fa539dfb5b72ba43666485066

SHA512
0de48338b7108eb2b9206c57d382c69703f1424788f7c665f44e4ebf8fbc92da8f11d10416c03f37d62c0d72cf760b902ef52f8e41caeb89ec221f0fac76702b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
18KB

MD5
82b03f239b58044f1dc310a32f0f0cff

SHA1
58184e5e351719ec9b10bee1693260f4f34e37ee

SHA256
18a1e3a37e5cb38d38d452d2f0ea83b78b915a507ffa9860cac9c33575a3c105

SHA512
884d2835624980f8a8c4eab8da57f93f3b2de8dc4978070d48ce0df355db8a82c291cc8bb7c42703aa55fa11c7180ece5d5bd1877e77ac875fa6155e64576cd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
152KB

MD5
1ec0ba058c021acf7feaa18081445d63

SHA1
73e7eabf7a8ae9be149a85d196c9f3f26622925b

SHA256
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f

SHA512
16a1b8a067ad4a33dcf4483c8370ca42e32f1385e3c4e717f8d0ce9995ca1f8397b15a63c0cee044c4b0fca96c4b648c850f483eeb1188a20f8b6cbf11d2b208

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
33KB

MD5
aaefd1e1290c9bfaf9ebed7e9a229d2c

SHA1
bdc4093d8e1b6fe3b5e947232d0c2a73fee9244f

SHA256
7521da082d84701882b3a7f6b137dfcae3a5f42c36a6758d1b0fb5024936af0e

SHA512
797149df0f6a3329ae224df83b659160008ab63de394c3d4109a4065b962834b5bde76013e7435e28e7f68ccb8c4c060c8ba1c437aa8c5c74ddf49f1e85d49ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
019424d4215b56098b3657d758148172

SHA1
33dee9e6e490e1411bf5de301ff551b237745c75

SHA256
576256a67542b40b005afdd67ddb32137d0e7e5c292ffef59c95b29f6905651e

SHA512
5f928a685fd4d4c00cf3f97567fca80e5ecbe856ccce37d09b9cb880a47868c24cececcf31613fa83731ed9e51186c03744c70697be9ba072f563d38a519a322

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
a2f5f7af4de5e261256f0f0473da9478

SHA1
31454edb9449bd5091933342cd0386a95c76ccfa

SHA256
fd326bce77a7b1d89888d1c8dbc1588ba6c0920de77cc6a3f7c8ca73ae87c43f

SHA512
78cb4b3ee0bcb2e6dee330a263d431a2b0b5978586bf84e00f9d2d8020ed177573bb8c604312bc35b23557222f65f5af1ea10837e79df65058d09587725ca273

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
f5d76cf0d339ee2b3da448a5ce31fd4d

SHA1
04725c32614bbd89f1386583b2f226c04e0905da

SHA256
1788560d2ca282b910e0fe67018adad69e2fdd861806c466d33ab54fad32cbc8

SHA512
d25c4bb315e4b40e8a760fabe1853420d8f756542069a097bda6c99308ee08e2898c3442ab22825d96cdb9bc961ad21a6a6edf68fd211ae8aef3ef69ad1e043f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
6c73134cf2c7cc9b21828617bc52ca9e

SHA1
58365c14a8b514ae788e237eaba3f877a32e6b7f

SHA256
33d798f5657c1f245ba6898a56222e1889686eec8a8df33391186eb9575c8ab7

SHA512
92e47d7fae5bd03c14122cf5043e7ced9c09ce5d5f1584a9a469483c16ffabda9333ff372f260169738af51ad967a0d700044a6cd3b773bed8917de467913e9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c57c36773aaed2d81c4f748407266713

SHA1
30a1697040f820ac1b8206f98df7fd253a16fe71

SHA256
f8901cbb361c279c69ac1ad9b1a500e0931402904232f69e743b31e6725f9f37

SHA512
796d6a28e364be74d9bd270ba7d19e35b2804cd8b36d9bd104aefe9a9c0a4badefb054a79fd4177d9429e92da7a46455538def384961baafb1abd6882a7fd342

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
cae410d815633bd5124f7de9e40723a6

SHA1
c2b8a27355d9673c667140fcb38c57f82399214a

SHA256
9f92128829ef56f9dc22d114d45db3e68f216f0cbc7d17b0c55551a3e0cbbcb1

SHA512
608d4e3143656bf285d0db74757a4d2c0aa08cc6bb6976a15c3ed31a03b03013eb9dfce945e8a26da9279d71aeb0b8aebb27edf1a6562b60bcbcabf2360f79ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ca29e2a74a44a3d344d959b874159da5

SHA1
a973f8bee463153543a11651d1233414bef04703

SHA256
6ca9e9763d2edef9e3bb46273c275c7f6a6581e47f22d362cf912f89c572153b

SHA512
d5dea186609f1856ec24d6ffc11cc7c1ca9f549dc4edb22b73585ddaa79d5efa6120b05bd29b46810a20b60463af4097077f51e7e6bf7133ecac35910cd5fcb3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2b3f390dc5b588ee22f036f7632f156b

SHA1
aa82b0ce3d0142f4d3d14e805db08e3af80fe542

SHA256
eb7af6ddb4c1d1a4ce003d9a83a5f90a3272d1a42cbe215cf428113cfefee3ca

SHA512
bb8b37918401345c6aa9cabb180f003e91b21e1e308639b46ec2566e84505fdf6190ca9d47c77f3e3a7a552545d9b4536539fe91de3dff1f1efae44ad7b09af9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
4aec6d6fab42ca920ae2f9ca9c1c2e04

SHA1
a4a5851337489456037ac772208f4aa94de695fe

SHA256
114a40b4d348a9bc38698ea012210d742b3ef26335564fd364c5880878da5158

SHA512
ea41bc91e6dadab98af99d3071c3db9de403980012588e64e174e110cfa1f8b4b2be588b13fb3b8cad09ca8d8b71375e240081b7eae7d7a4a41d24c047207599

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
275KB

MD5
a23b5de655ab0442cf2f2a9243fd24d0

SHA1
2ca180718680d39a44ee53a5b9f9b637dd480b29

SHA256
9ba8747aaeb50d5aad925958378db2af89585474fc4a24b19c1e4a1ae9922b1d

SHA512
ea38aa2a61c26d53ef956207cd6dc45f75b431feecddaf1cc47c0328a755c4dc7a64024d861c9630219193e073b1eb278a630f4c095f49fd1abcf60d812eb261

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
97KB

MD5
3ddbdcdb913c1d6ada80cfb9f7fab21f

SHA1
c026e24653d71ed845488d9520f2db2e8e4cef1c

SHA256
fc8c1f12b08d3a93694b57c055f1244f6ec6615a2eba0b88534d44fba0cc5d90

SHA512
d056346ce04c2075ccb0f068376ecd3effdb9829f026e494a56eb1b59f341325204bfedd0853e1e405e60071e81956eca0d8a97d0f9d9e9d57299a6a26f2edfe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5972f4.TMP

Filesize
92KB

MD5
eb63418684554aae41d5c0083b5390f7

SHA1
30a16153e605121cfd834c8aae3fc0839cd318c0

SHA256
cb299fad41a6c2fc4f40e973d038c35c43fdbc6f697731aeaa867fa985bbe97a

SHA512
087863e87c4a9d425f62aad559c9744fc05f74649990fc9c78d91b1a5e05442685a766b2aebe88d6ca16b11c92740d67de7d841c0e2de2f2fb816385d0d27286

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.windows.sechealthui_cw5n1h2txyewy\AC\Microsoft\Windows\4272278488\2581520266.pri

Filesize
70KB

MD5
dc37deff2947a4ec8bf9b40a3dc25c49

SHA1
422bdce2dc21c634760c8b06a60c4ebf131cc592

SHA256
00dee1b03565baf7c105f1484f27a2e04d900538c153372482fbedd8cde61d85

SHA512
bbe9730344e0f648c53d2d5c518791ce8d92c1f04e1b9646bb4feca24d5f41fae255eff57ad7c36ff1d26869ad25eede25bbd4e98a59267d41ee71f3885d9dd4

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\Monaco\fileaccess\node_modules\get-intrinsic\.nycrc

Filesize
139B

MD5
d0104f79f0b4f03bbcd3b287fa04cf8c

SHA1
54f9d7adf8943cb07f821435bb269eb4ba40ccc2

SHA256
997785c50b0773e5e18bf15550fbf57823c634fefe623cd37b3c83696402ad0a

SHA512
daf9b5445cfc02397f398adfa0258f2489b70699dfec6ca7e5b85afe5671fdcabe59edee332f718f5e5778feb1e301778dffe93bb28c1c0914f669659bad39c6

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\Monaco\fileaccess\node_modules\has-proto\.eslintrc

Filesize
43B

MD5
c28b0fe9be6e306cc2ad30fe00e3db10

SHA1
af79c81bd61c9a937fca18425dd84cdf8317c8b9

SHA256
0694050195fc694c5846b0a2a66b437ac775da988f0a779c55fb892597f7f641

SHA512
e3eca17804522ffa4f41e836e76e397a310a20e8261a38115b67e8b644444153039d04198fb470f45be2997d2c7a72b15bd4771a02c741b3cbc072ea6ef432e9

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\Monaco\fileaccess\node_modules\hasown\.nycrc

Filesize
216B

MD5
c2ab942102236f987048d0d84d73d960

SHA1
95462172699187ac02eaec6074024b26e6d71cff

SHA256
948366fea3b423a46366326d0bb2e54b08abd1cf0b243678ba6625740c40da5a

SHA512
e36b20c16ceeb090750f3865efc8d7fd983ae4e8b41c30cc3865d2fd4925bf5902627e1f1ed46c0ff2453f076ef9de34be899ef57754b29cd158440071318479

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\Monaco\fileaccess\node_modules\vary\LICENSE

Filesize
1KB

MD5
13babc4f212ce635d68da544339c962b

SHA1
4881ad2ec8eb2470a7049421047c6d076f48f1de

SHA256
bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400

SHA512
40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\XcHvYYrNa.exe.WebView2\EBWebView\Default\Extension State\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\XcHvYYrNa.exe.WebView2\EBWebView\Default\Extension State\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\XcHvYYrNa.exe.WebView2\EBWebView\Default\Shared Dictionary\cache\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\XcHvYYrNa.exe.WebView2\EBWebView\GraphiteDawnCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\XcHvYYrNa.exe.WebView2\EBWebView\GraphiteDawnCache\data_1

Filesize
264KB

MD5
63896a0ca15699fbe5b19f47d77dd76f

SHA1
f80c87d5a4b11a7371a6e2e7a4439dbfb761c0e8

SHA256
43fd408cc3398a65bac829cfc344b98c83137d312434ec3b877bbf3fcd94d1e0

SHA512
6ae075862d3d2de51f87ca5d9ef3e14eab2c0817be5fafafe94c021d8e57ee890c4b998f1d3588acbf9c540a6f097742db116e1953dcd693cc051111cdd3fede

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\XcHvYYrNa.exe.WebView2\EBWebView\GraphiteDawnCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara\SolaraBETA3.1\XcHvYYrNa.exe.WebView2\EBWebView\GraphiteDawnCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
memory/2820-0-0x0000000073DEE000-0x0000000073DEF000-memory.dmp

Filesize
4KB

Download
memory/2820-20-0x0000000006710000-0x0000000006722000-memory.dmp

Filesize
72KB

Download
memory/2820-19-0x00000000066E0000-0x00000000066EA000-memory.dmp

Filesize
40KB

Download
memory/2820-11-0x0000000073DE0000-0x00000000744CE000-memory.dmp

Filesize
6.9MB

Download
memory/2820-10-0x0000000073DEE000-0x0000000073DEF000-memory.dmp

Filesize
4KB

Download
memory/2820-2-0x0000000073DE0000-0x00000000744CE000-memory.dmp

Filesize
6.9MB

Download
memory/2820-1-0x0000000000B20000-0x0000000000B62000-memory.dmp

Filesize
264KB

Download