Analysis Overview
SHA256
9695fb5db4b7703d0dbdc2d09de622f256a2320b33bf4ad585e93a88da1b0353
Threat Level: Known bad
The file reverse.exe was found to be: Known bad.
Malicious Activity Summary
Metasploit family
MetaSploit
Legitimate hosting services abused for malware hosting/C2
Unsigned PE
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Modifies data under HKEY_USERS
Enumerates system info in registry
Modifies registry class
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-20 22:47
Signatures
Metasploit family
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-20 22:47
Reported
2024-05-20 22:58
Platform
win10v2004-20240508-en
Max time kernel
629s
Max time network
611s
Command Line
Signatures
MetaSploit
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133607188603894749" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2804150937-2146708401-419095071-1000\{571BA546-CC55-4351-AE80-09FD363F8876} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\reverse.exe
"C:\Users\Admin\AppData\Local\Temp\reverse.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff4a71ab58,0x7fff4a71ab68,0x7fff4a71ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2212 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3076 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3572 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4400 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4552 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4588 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4752 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4824 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3140 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3432 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4292 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4284 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=1664 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4920 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=1904 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4752 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4028 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4300 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x508 0x504
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3024 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| CA | 51.222.245.69:8083 | tcp | |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| BE | 2.17.107.105:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 8.8.8.8:53 | assets-global.website-files.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | global.localizecdn.com | udp |
| GB | 216.58.213.10:443 | ajax.googleapis.com | tcp |
| GB | 216.58.213.10:443 | ajax.googleapis.com | tcp |
| GB | 18.245.162.113:443 | assets-global.website-files.com | tcp |
| US | 104.18.4.175:443 | global.localizecdn.com | tcp |
| US | 8.8.8.8:53 | 233.128.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| GB | 18.245.246.114:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | uploads-ssl.webflow.com | udp |
| GB | 18.245.218.96:443 | uploads-ssl.webflow.com | tcp |
| GB | 18.245.218.96:443 | uploads-ssl.webflow.com | tcp |
| GB | 18.245.218.96:443 | uploads-ssl.webflow.com | tcp |
| GB | 18.245.218.96:443 | uploads-ssl.webflow.com | tcp |
| GB | 18.245.218.96:443 | uploads-ssl.webflow.com | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.162.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.4.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.246.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | remote-auth-gateway.discord.gg | udp |
| US | 162.159.135.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 234.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.230.21:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 104.19.229.21:443 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 21.230.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.229.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | imgs3.hcaptcha.com | udp |
| US | 104.19.229.21:443 | imgs3.hcaptcha.com | tcp |
| US | 104.19.229.21:443 | imgs3.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api2.hcaptcha.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 104.19.229.21:443 | api2.hcaptcha.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 192.178.49.163:443 | beacons.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 192.178.49.163:443 | beacons.gvt2.com | udp |
| US | 104.19.229.21:443 | api2.hcaptcha.com | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| US | 162.159.135.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 104.19.229.21:443 | api2.hcaptcha.com | udp |
| US | 104.19.229.21:443 | api2.hcaptcha.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 93.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.130.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | status.discord.com | udp |
| US | 162.159.137.232:443 | status.discord.com | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | 234.130.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.137.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.129.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | media.discordapp.net | udp |
| US | 162.159.130.232:443 | media.discordapp.net | tcp |
| US | 162.159.130.232:443 | media.discordapp.net | tcp |
| US | 162.159.130.232:443 | media.discordapp.net | tcp |
| US | 162.159.130.232:443 | media.discordapp.net | tcp |
| US | 8.8.8.8:53 | 232.130.159.162.in-addr.arpa | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
Files
memory/880-0-0x00000000004A0000-0x00000000004A1000-memory.dmp
\??\pipe\crashpad_3108_KFIZRLGGBGGOWUDL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b389112eb39566c3f1aec50d9c4aa195 |
| SHA1 | 3553f669f455e4ef2f37cc8d2813ad8b453a674d |
| SHA256 | 19991f78698c01f462c42dd3765a23d5e104dc9a76f5a7a4f57886734f3584f4 |
| SHA512 | df7f21e5567dd150fe3485a1cbe392379a99518d01aa545cb05725e9d18bb5619ecda36ec8b6f87bfe1cf1fc7d32d2154033d149ef5e52b86aacb1cc103c709c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | acf03b569c561cbd2ae3b9beb262ce0f |
| SHA1 | 686ecac1d9aefb92eadd5bb66d1fa0ae747bc257 |
| SHA256 | d8c832cfe8fba2a57d71937f6b65a6097889391d52ca824aca687a52692d9aae |
| SHA512 | 8dc24335d3b5c0a182b04760a36a155d20681b45b90de36534570f2d352e2cac8d41d7177b498cc5555388514bfed76a622a2066dd677cc541482286b1a6d770 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b7084d5d7ea6a0bd027a18739c617e38 |
| SHA1 | 92d6e991fc0d74c7425b64c26bd8e2612e525251 |
| SHA256 | 3e278056bb9d7cac9f7ebe76534841c2dd3f3785a832cc8eae79c69a157ad1a3 |
| SHA512 | 980142e840481e65dcdbf6d2443ce151e7c37bf033cd68f762cb34a91fdb8f9c36581ef29c7cdbde7713685c5311f9d2f0d341244c9b2a595c2b05c8ef5a78b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 40139ab2a4991643dee857db1ec2fd0e |
| SHA1 | 7d13b2c612355957badbbb20b2c73518287950c7 |
| SHA256 | b717013dced3ae000f471619725e376cd05876b70ecd00eea9a4946702aa67e7 |
| SHA512 | 5cd0c8e4660b226d01387348be2aec8ec2a3d2eb4ca0913d877d1132d6381738a11d0ec01d53b5f9078547f41de0e76810514b4d01acd3a8b658c98a6b82490e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 48e7ace4881edc7b11709002a7c0fd3e |
| SHA1 | e2ec29e8b9ce0122d240c39688aa4a0cc17c74fc |
| SHA256 | a71f0f89d6b117a4ad029b3a5e2986ae8c5a586a77db0f35b47adf7a34279fe9 |
| SHA512 | 445822c37900b06692b92aa0a68de2fb39fed6e935b306d9a3c9888b23f816bd8e41588286affcc5a04902e7da5219f8d80c2a1cd77cc0407b3e906817bb7d71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 676544f751291503738b834d1eef761e |
| SHA1 | afd9cb449fbe1286a755bc3a6497333718e2ea05 |
| SHA256 | a3cb3a30a7121e38b4d3df73e81d497b7c64c865cdf4ad22931b90cb37e7abbd |
| SHA512 | aa9d1f9ffec76ac0a1282932a2c8d19b4378e71c7d014b529c4d2b83282908e018cc3328737ec6ba68480780d701993b286eb8090ee6203e30f08ab55db07788 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | b09368571722ed3e912c4f4904523caf |
| SHA1 | 3ba1c27f4d958920a0fb014434814135db2ca11c |
| SHA256 | 1d7ccc60a0f056fc77c00b192926b3fbaff33db5d4bbf01c844aa5c356ba33a6 |
| SHA512 | 84a826de720c9238f9ac3d20b0cb301cc031c83d16eb48d6ab2b95159c6a0516f3c70a861275ec0fd69b4fcd55bf3249b314c86ec05726de3d1d91eaa3dcfe84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57ba67.TMP
| MD5 | 7b1b6a139329fabfa290382d3c38914b |
| SHA1 | 2e1c5ce508a5c9e54c0d75a841aa84020f9c1e5a |
| SHA256 | a5455128c822e189139736ad0decb2bc6283c4759d7fa47d2da83b515326a88e |
| SHA512 | 8187335755f81174ffeab90c9316387294734bd070f82df87a504d3df86537baf32d08721200034e7c9ba8bb90ed30268390b00a04f62c66cf92ac4d2a3b223b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a4d508de0ac0d86fab5e6ced16d71cff |
| SHA1 | ab615d5ce59f5d2a2d2d72d507eb820e93161ed3 |
| SHA256 | aeeceb48d02c5a662833c50ad7a24dc82f0c5a52d659288d34666bcf4775bede |
| SHA512 | 19e0f4303a4a7589eff1055bf88e458fba1b6f4936df49d21ce976e1222e050056041bd5fc10f7fbed6ff63eb6b0b62252b4c0bd78bd1a13d2fe1fb81473ab99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 59d9fa1963a268a901a21fc93985c62a |
| SHA1 | 8c688db288390373a69a0fe3a17d2570564af3ad |
| SHA256 | 200f607cad449ddca4a535df8c81c7065e3cff2231cb137cb5f6596a53b5a93a |
| SHA512 | be1f551eaf711cba84e9bf4d66907d15ac00e3819dc5aa21195af47c88f0839a0504bd79a6139b8f9f5e6b24844ea9c682358c344bf26f3bf8c6839c6d989f1b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 90d547fba71206f5604acf28f2a172f0 |
| SHA1 | c30fec4cc7f7b2d79e511f2691166b6d63492d78 |
| SHA256 | b52b738c5a5d4271501eed1df8b7844cde88265daa154c7b7e5d54323682475e |
| SHA512 | 5a42d79707976fa16a50fb22fb982b2e0e26fbf85bd035c173fade0f123cc80a3008879bb0b4aedfefc8b94022a777f9349285b7a13b8aa6f47c251fd421d447 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 074a4f4d2f4b71c50ecbbf9e8f2a32e4 |
| SHA1 | fcb4a27aa81fad64656b5091bb307a28822a1227 |
| SHA256 | 786d2cf52a587597c035b055da78ea67345fba9b319d489f8bb9d3f96e2f041a |
| SHA512 | 3e4384ca447f8507c102c3069d9d4e7ec8682e269b598d19f4c92a0419b14234edab06366b925750ccdd8f3a591ba0715d70d600f9b34c9c56633993c49667b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034
| MD5 | 01058818c64fc3884e94090fa4e8ae93 |
| SHA1 | 6a2dc2673f27453bac46b5a53ec3bab8436e799e |
| SHA256 | b06c6393e8487cd92759158de72fe59034b15c0aaffe4ccc7fbd5b86d5daea70 |
| SHA512 | 891bac612ce21ea56ba573bcbc1c52d060d0217cfc4daec89cc273881702fd09bed1570fc541caf23094235f73a907bba22125f791977badf3785614b3953550 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b40e878d59f856a33641cd3fe36af35b |
| SHA1 | cabad2518a4d1defc56594c5ab4afb2d1a06a4ac |
| SHA256 | 50f9daa2d07c755a4322b047d73f66509185ff67861d327b68b18090e3ec3edc |
| SHA512 | f5f52b11e2845f2fdc53d3c2ed6989a9aa58a99f1616f0470c3b130a7dcb5e65d9a309d85fa6f8483cc1c755811fa4cfa93dabe99b2205ff9f44bf8559243786 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7611829590257d3392c49332f7259935 |
| SHA1 | cafa95190364099bc2271a64eddda2d9a3cbd20e |
| SHA256 | 3cbb104a996cb68a90bd7937d73b9cc694a9e4dde99395841a532249d19bb19a |
| SHA512 | 876595a5ddee22d3725ead762bff6aafc9d09992ecacae0b96b23531b4ac5eebec2f4b267e02949d02dab723d9ed9642c77352efcc479762937ffdae4f339560 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6bccda67546570944d58086c18609cb0 |
| SHA1 | fe586c48c9bda9ac2aab23b4dee8223a8bc9cb61 |
| SHA256 | 1b2e87e29cb831be7f97bec15c586de2359c43165970f5e58f5083a5e8488ba2 |
| SHA512 | e18c3511a7df1b086c0848c8a281ea232fb9926b4388b0661a84cd6d47352f4cfc76a178ce3553a8320f3f81cc6ecbae1e1f3091508cd0150bceb86fe6a4b053 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1d3ce0b80b7a7a6a5a999ae2492fd2b0 |
| SHA1 | 336725a56fd4a15097e5d72ae8772dede92f8fb7 |
| SHA256 | 0c4387623ecc077859dacc0e411eed07225cacf5d18201c7f34f48da66da07f6 |
| SHA512 | dca33f19b470ef46a46334de2f3dde66a356324dca2e72992421e2a5c96f8e0440c03504a85a373c70bfc11e600c8f7349b55ddd5bfab95571b9a0f13bde3bc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035
| MD5 | 3f934b380357b651105f2d99279e00ac |
| SHA1 | 3691ab97e025d816cfc57b5fdfcdec1d2271fe15 |
| SHA256 | ee22dd801b8ec5e271caca4b2cd5bdcfd400bb7d427611bbe7c9be022d140b94 |
| SHA512 | 496297c588bed42b05acc3a94bd470a8202be437d1ed4eb9e9f97144093466dc8e42c60fc7ced650b9d2280d068f9f2808ec7ce05a2c225cf4dbc10eb90c0021 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2cd74c85e41614b46bdec02fca66944c |
| SHA1 | 5c8fc038cff9359c38fccdb343f29e37ed832010 |
| SHA256 | 319814071e58633248ad271dd1564077d21ea5f4844c8938cafee65979e753ed |
| SHA512 | 6422d0f6501b3933b2b9f8dc041ac7c169f22d56eac5d454eb7b5bdec4eff480abc522c0c9cffc78888d2ebfd273a11d7643ab773af9776741f10403e5787250 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64e81314f2434de4_0
| MD5 | 0fc500bd059d510e0991c2152c0d9233 |
| SHA1 | acb2fddcbc9a7c02b09dfd1538c2a35f4a0e05d0 |
| SHA256 | 794349a9fc87a5740ec7518b7d05494983263c78fe54d471707ed90eddfa3861 |
| SHA512 | 0d0467b6154f4af91edd40c3a817d5537d212d7b654e3e1dbd763a95f84667fa5b71184d67359913427e8cfcf0a8737214a98276945b356a6ac1fd97d2fa8b7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f40a384836825283_0
| MD5 | b0fcdb270a6c5f6625328bd30b78cfa0 |
| SHA1 | 9e28f3f031107f07d93309cef097513abd7bac1c |
| SHA256 | c3c12f4af09fec29aa263ff32f557df5979877ba53fe2ee5705e3f6e6ef63fc9 |
| SHA512 | 5ee78fafc0404ad273dfe4b9b17147c1ce11587ecc95d8ef1326386f71f7e1af30069b3f27085c59822e3bf21801d0da365a696f9baec9003d96bc2f4c2cd4e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fea19af8f924e1bd75d0d4f18907aeda |
| SHA1 | 14d7e3fe8cd31d954cb3c18fa14617e49c4eb1b7 |
| SHA256 | 6d5844dc18b020e76da320a871d71a7e1235ebb1fa61a467da3dec3da429d264 |
| SHA512 | 79105a07e06936a40b4bd1cec7b2ed6984dad3513a2ea4c7faef7c0eec26916c5e0de64c37187b7139e37539d2d8277dd49b6feb29a8306e1b13c90493fea0a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4001a024b0f1900e536040525df5a762 |
| SHA1 | 1a1b8fe0fc2a825db0067667258bed27e6a92ad8 |
| SHA256 | 9b450077519fc9cbe850a7a34019cc331ffc10fa29ff4cc3c5331f6770a76854 |
| SHA512 | 642f0b181b6ccb575af511292dfc164937541f0b6126d7ce5f3c9e021f6952838f3f7a9eef8c0db7bd8d85704bc384eae250239cbef05d3c966b58ce114a270a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9170df9e5f3a398abd923bb954f713b8 |
| SHA1 | f30ae3bf18dc1b5da92838634c0b1a139683dbbd |
| SHA256 | f1471bb582cf3ddef3ea5860236e130b497dadeef0d1012a3e24dbc0c41e1e08 |
| SHA512 | 41355238412d8ddb0fd238344789b6987a1e334a236b60a4a9d7d03eb7acfacb3ce631c637112b7e8105aca1bfe01db7d2dfb409624c176ee95591e1c953c481 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0a1aae1bc1f236299c20c72894b31559 |
| SHA1 | 97e1a96aab3fa5dfa3f6014518e4a31c56fec520 |
| SHA256 | d1095031797ee3a9b7b6f8d94dc9da0ff63a3a641cbf7899678331a75d8d5976 |
| SHA512 | f2c4f1ca8f1c576332dde4575758da89a0460ecce9c6e19d6d46a1b3b9703225244f1d7d92896674a0ddbff35e70a70b167ff0c49840dc49b176e4cc3e544a8b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 34cbbf7f241a2a481d2affa2f4164911 |
| SHA1 | fb9b2d18c0d9826d5b567016af863e6f60f3e9cd |
| SHA256 | 89ec2d82dd4a307a25403313b0fe785fd0693a155f8693f7be8c0d6616f3f23f |
| SHA512 | 6c13f9d120ab0b3c8d3d378a98f7b51b9a3e0912e8d5027161a55284ba9f251520fdeabaaf40b4d3f09c238d8ce886c4ec43f17e1069690dfa03e36c8dd8af4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e99cf2834cb50b339e59d9bbbb0fbeb1 |
| SHA1 | d8ee4d4d1a2d053e603e9b84f7d1bb70d1605afe |
| SHA256 | 3e0c93486fb5d89a67e2bb840d8539e67cfcd5575db6e26a8231e23e3a384eaa |
| SHA512 | cdff1215b97cf22e5afa4661544a97097649a290cb68f7476aa8fad48a70172b4045cc03dbb1864be0e68c5cb990cc4e64a282d870fe6b7423cd7e065837edd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6cd654013b5063ef52b423acea9fb7c9 |
| SHA1 | 2e64f372dfbf78dfacb0986b733946b45e8abba4 |
| SHA256 | 54e9850e494abef65bbbd2d27acc5ee264f9a4cd0b4ac3e545fb655bc7e46d81 |
| SHA512 | 162da13dc612ac838a80726ad684aa2e32b31a45bec556b28b1a80d5743a9b7ceab1b6106aed0e7be90215916fd5ca24b0ab68535f2bbc8fdbc8810a6850cd3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2fad4283bbc0062b9116f0d1ffd3e4c8 |
| SHA1 | c461fb62b57541623084c5c0d87f0001d2381f71 |
| SHA256 | 1f4f5bb2c8223663812cb64aa2334f5a950afdc54599c59ae5b5927cbfb3906a |
| SHA512 | 5f65e64256a3ba957afdd4d784f317a97b9c4ed9c934afeb7b1f920c2e717d89c1a01df0f0239cb7a233297b81291c28654b459698f4a71d9fa207ef118f47a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 820b27ae1a43595b1f895c12666b7ebc |
| SHA1 | 53aa9bd7b70bc03f00cd0bad414f4122ffa086e6 |
| SHA256 | 15398966575dc9e6dacf7da93d9457f38790cdb605960514ec4747fe68c713a0 |
| SHA512 | fbc80498ea8cb254fa6c4a37826273923bbe5a852a44e170bd15124218a91d8ba0c8911e6dc808eed9e4117c00705de8a3f787b05276e3a282f75bfc674467e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 873ecf06edcab078cde5ae177d169cd1 |
| SHA1 | 3a9e0b8ddf807e141d5fb1ff7a8404fbb53f869d |
| SHA256 | 303bc604ff7d95c21d160b86c4b54ce53534835e21a457ce923c2ca2bb4340c6 |
| SHA512 | 546f734a3bb400e4a85510174a82ea97deb1c3de909cb24c209f3a2cb3abe4e921081cf0c0f4ffe310e960715b8cfdc6c9733837dbdfd8ff3cd261d4f68539bb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0ab81e316ade7505db7e2d60f74e505e |
| SHA1 | 53d8b901eb6a68351f3d27d51b3d36fa30cb0e8a |
| SHA256 | 8d6f4abf021c93dd09c74a8816cdc516b3d6a7e55ae3478bedf46c3df66bcf5a |
| SHA512 | 576a5767dff8d7462e31f65120e7ee112943bfe20f14de037b0ed2497a6c9b33fc63b2935ae6112f60099b7c01ea3f6bb200b2f14078e690db1f5571e8b78eec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c0d59d2748f6057e694e23006c10cf78 |
| SHA1 | 524ac8b4d6e27509c950bec76da8f1f831473bec |
| SHA256 | 8fdb058bb1df94d41f8415a502ef579a798d0d33cfd0dcc8cd9e5c28dea61af3 |
| SHA512 | b6f99f5d75c7fefd40e1c99dd4f4a047aa63ccc62180ce4eae2f88f79ddaeb61e314148ee99f7d3fe079be57e89fce2d857af39e1fe74fb703d5a11065f0cf2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cba023543d8b9ec76ce6d7e998d431c8 |
| SHA1 | 1aced653fef90ac54311b0fcc0e101241e362288 |
| SHA256 | 382443dea4b58dcfa6de468433deacfb992add52e1a1c6a1a4d04bfe7021d8f6 |
| SHA512 | 53ee021c5caa9d549480b730311f472b1898fe6ddf827ab6ff24f4a8708c63bb5191025c2db4fcc05dfa7af5e40d183ac1c5042316650f52b19f2c9eb4b5f5ae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eb697c940e3a3113e3322637b1a6188a |
| SHA1 | 2fa7735a2643cf6ae44db1e6d0292f0aa3d60b09 |
| SHA256 | f18ba8cd90760451f39a7492c18ab8c96c2ddcda8ae08dc7006dc1e2e33ed2ad |
| SHA512 | 9322fc1668b72937150a53cb073ca822b061fc7256f9b30eab2419767980b7896b5755d57e9f7918d694d019438b0012eee83ea270ad880b5e1922455d54b978 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8f3cd2327715321972c0e153a9fdda5d |
| SHA1 | aa2843c72109c7b0be46044b43ee4c361d0a1700 |
| SHA256 | bfbe4554fb0e1da76a5abbf3e9d97caac9a041c5c368e09b4bd231491f31fd48 |
| SHA512 | 260380f116a8506a0f2f8f197f99535ae534e079e2ecece8a07964400e75064cc6838b71524e10a347b09d0160e97c18e3a4237bb8129ba21718f2498ad162aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ad7ee69e945a7cace772787392cb5ff0 |
| SHA1 | 5589e2376d8343e42271bba2d23807714a5058e2 |
| SHA256 | 21e6a9607b42524d9c4652d50050e21f889240c75e573d63b30ebdecb5603aa3 |
| SHA512 | dd3c138e6272b5ed09c40503d466a503d735c6fb25ddd11077f9a183e71ce07d020610ab95877ffa064d1e9f211091436195a0521319c51baba454521f3c9bbe |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8cd06b3c720ea62c922dea3f2e8a71fe |
| SHA1 | 47100932fdc05070fc738ca910bb3e803d9d904a |
| SHA256 | 0275c2e7f3a1420f6496a11a70cb8ccd1d7ac92af8aecc5cd70c6a275fa33529 |
| SHA512 | 5423f309c199a4b3beaf5f0eac2ba9fbc2928a89e046e18197237ac6e4779db0219cc9eed4914c98bf836469bff132f78ea93abdc82a051700b079613bb23a6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 9d0269c07ddf91f10b8739f1ca9831ac |
| SHA1 | f85d2ffac72641352b29eb6ff685b50bd5656461 |
| SHA256 | e687a5dbaa50e708782e11dbafe809cb1ee6fdfb8134d282b1a211ecbce9a177 |
| SHA512 | f3c0abd78c8924b64cf05b7befcf397296c45365bdf9b96a5a491960e39079db2d2f81a3bfde718b3374653afd051f5c857d063e5a51419877f86c4e4603a565 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 863a6a8becab35511239afb9076619bb |
| SHA1 | 2523cb5077508132d5bcdef39b1bdcc0344b7690 |
| SHA256 | 2bb3a15f03a9d11376ae8508ea470ffdff69aad7fd80a59c19398ab32ee71985 |
| SHA512 | 01fe7d90915bc7583767e38cdf4902799daf9063228e7c4f81b88512800c60ee776bf49d975eef5db96b77c9b8edfad4608128a6326494fff32a06c243b34cff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5c79e4c11f3e139113596a42cc9311ba |
| SHA1 | e37b80441fee48712f91539964712621ef07f156 |
| SHA256 | 847b05189c683010a7be0be1f4e72ff9d78ff8ecb7f09989252d64316e26518b |
| SHA512 | d2220c1c1b609b1f860ca2fb7dc160a49f6fd4dd0ddb030966cfebc0eda2a3faf615b64a00660b5ab79f00c57c8e2336617a010e50b0cf4e8ba8195e1adf1137 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | a79b89783300b5b42d7e1bdf219cdb83 |
| SHA1 | beb18c48ee481b27be6f6a1fa5a6b1b08c8e1a64 |
| SHA256 | 400bde904e5639bfc21f9b78e4c755be889416cf5bc8ec98a4456355c39cee47 |
| SHA512 | 79c1b3a2feb22dff868f7582756211ba8aeb8aa20efd0ddf85b062b74de3dde3ca54cbf0565d39d80fcbdb139604019c0ae7ddca0047a9bfbf0b6760f87d653a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 77fc29db8603ff9d50f3bf3179199fd3 |
| SHA1 | 77e1ade48427988875060390696c0787d31ee784 |
| SHA256 | 9251fa62370a1254d639f15702a376c4e7e07687f44094a8c362eda1dbadf280 |
| SHA512 | dc406139b66d7780ee92cd8f518394920f9194db03bfeffd65fb39b924b827f5039447cac41ada47af330efb02da386f70e0c48ddae1a1aae0286928ecc3f6d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e30b9312da71327c93c3755699732875 |
| SHA1 | a4bf516ed871c3daf2184d01178f6a71f7207870 |
| SHA256 | 38eb04f572a7d666fa38a7567eec51cc14fd600614991e7a532f1d179edd245d |
| SHA512 | 8ea9f75a5a0519307b25d91411bb187f456f0628ca82bc628a4e493b28fe9ddd9c08b5e05a533e0d470db62b91bfb564f1b74e0d96cc8324a27a8f0f324fc91b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 3b2dee28d28fcc1c496a5d7ed57d970a |
| SHA1 | 2cf07ca5166494b74a854eb37a505fd7ba824e2c |
| SHA256 | e4e99ed9067badcb38efb2208adb15a207a8f7b900c57c360622ef9351434ed0 |
| SHA512 | 0d89ac927c15a896272ad4d6d3ced31e947f82c2f8da1fa3ea6748fcceb7d3613ffabc0a4f0883fd7256056aee8167d847ad13abfc0363ad54d9ff111dd910db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 085359706e65f29ae4dec9a38ab99a3c |
| SHA1 | d5c8fa0db6337ebf210edf4efe30d4c2f74fa5c6 |
| SHA256 | 4cbace98a44a82f08d00e45a206342c1c0fe7f436f963617749afb63bf1ac7af |
| SHA512 | 3abf2e2858f36a995d67720ceec5d5b033f669da916b0d7c872f4b06faa1e912aac97acfcc819080c23e98026db30894503a02d99d8a0b79e67e760539dc91eb |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-20 22:47
Reported
2024-05-20 22:50
Platform
win7-20240221-en
Max time kernel
120s
Max time network
120s
Command Line
Signatures
MetaSploit
Processes
C:\Users\Admin\AppData\Local\Temp\reverse.exe
"C:\Users\Admin\AppData\Local\Temp\reverse.exe"
Network
| Country | Destination | Domain | Proto |
| CA | 51.222.245.69:8083 | tcp |
Files
memory/2400-0-0x0000000000020000-0x0000000000021000-memory.dmp