2510be907ec476e8375ac7b5431536ae9a32bf99fe77ab695a5100852b111b96

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
27/05/2024, 05:26

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

SolaraB/Solara/SolaraBootstrapper.exe
Size

13KB
MD5

6557bd5240397f026e675afb78544a26
SHA1

839e683bf68703d373b6eac246f19386bb181713
SHA256

a7fecfc225dfdd4e14dcd4d1b4ba1b9f8e4d1984f1cdd8cda3a9987e5d53c239
SHA512

f2399d34898a4c0c201372d2dd084ee66a66a1c3eae949e568421fe7edada697468ef81f4fcab2afd61eaf97bcb98d6ade2d97295e2f674e93116d142e892e97
SSDEEP

192:konexQO0FoAWyEfJkVIaqaLHmr/XKT0ifnTJ1jvVXctNjA:HnexHAWyEfJoIaqayzKAifd1LVEj

Score

9^/10

evasion themida trojan

Malware Config

Signatures

Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 1 IoCs

evasion

Query Registry

T1012

Virtualization/Sandbox Evasion

T1497

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__	cd57e4c171d6e8f5ea8b8f824a6a7316.exe

Checks BIOS information in registry 2 TTPs 2 IoCs

BIOS information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion	cd57e4c171d6e8f5ea8b8f824a6a7316.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion	cd57e4c171d6e8f5ea8b8f824a6a7316.exe

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation	SolaraBootstrapper.exe

Executes dropped EXE 1 IoCs

pid	Process
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe

Loads dropped DLL 5 IoCs

pid	Process
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe

Themida packer 7 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
behavioral4/files/0x000700000002344e-1484.dat	themida
behavioral4/memory/1628-1492-0x0000000180000000-0x0000000180BDE000-memory.dmp	themida
behavioral4/memory/1628-1493-0x0000000180000000-0x0000000180BDE000-memory.dmp	themida
behavioral4/memory/1628-1494-0x0000000180000000-0x0000000180BDE000-memory.dmp	themida
behavioral4/memory/1628-1495-0x0000000180000000-0x0000000180BDE000-memory.dmp	themida
behavioral4/memory/1628-1500-0x0000000180000000-0x0000000180BDE000-memory.dmp	themida
behavioral4/memory/1628-1503-0x0000000180000000-0x0000000180BDE000-memory.dmp	themida

Checks whether UAC is enabled 1 TTPs 1 IoCs

evasion trojan

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	cd57e4c171d6e8f5ea8b8f824a6a7316.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
9	raw.githubusercontent.com
10	raw.githubusercontent.com
25	raw.githubusercontent.com

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

pid	Process
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133612612754587767"	chrome.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
3548	SolaraBootstrapper.exe
3548	SolaraBootstrapper.exe
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe
1628	cd57e4c171d6e8f5ea8b8f824a6a7316.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
1860	chrome.exe
1860	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	3548	SolaraBootstrapper.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe
Token: SeCreatePagefilePrivilege	2004	chrome.exe
Token: SeShutdownPrivilege	2004	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe
2004	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3548 wrote to memory of 1628	3548	SolaraBootstrapper.exe	89
PID 3548 wrote to memory of 1628	3548	SolaraBootstrapper.exe	89
PID 2004 wrote to memory of 3508	2004	chrome.exe	99
PID 2004 wrote to memory of 3508	2004	chrome.exe	99
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 2084	2004	chrome.exe	100
PID 2004 wrote to memory of 4068	2004	chrome.exe	101
PID 2004 wrote to memory of 4068	2004	chrome.exe	101
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102
PID 2004 wrote to memory of 3596	2004	chrome.exe	102

C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe"
1⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:3548
- C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
  "C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe"
  2⤵
  - Identifies VirtualBox via ACPI registry values (likely anti-VM)
  - Checks BIOS information in registry
  - Executes dropped EXE
  - Loads dropped DLL
  - Checks whether UAC is enabled
  - Suspicious use of NtSetInformationThreadHideFromDebugger
  - Suspicious behavior: EnumeratesProcesses
  PID:1628

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffae0b8ab58,0x7ffae0b8ab68,0x7ffae0b8ab78
  2⤵
  PID:3508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:2
  2⤵
  PID:2084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2304 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:3596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3116 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:1
  2⤵
  PID:704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3124 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4464 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:3632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4684 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:3432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4476 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:4608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4988 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:2100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4228 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4840 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:1400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4884 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4228 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:1
  2⤵
  PID:1392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4964 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:1
  2⤵
  PID:1628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3980 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:1396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3352 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:8
  2⤵
  PID:3640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=1632 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5128 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3356 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=2804 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:1
  2⤵
  PID:896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2380 --field-trial-handle=1956,i,11056185840189654279,17591732832250155612,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1860

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
206KB

MD5
f998b8f6765b4c57936ada0bb2eb4a5a

SHA1
13fb29dc0968838653b8414a125c124023c001df

SHA256
374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef

SHA512
d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
8cd690461339dfde609d4ef2c51fdbce

SHA1
e7c77d35fed310941c2b964a47835aa7b2275d2a

SHA256
c4aa5b1cc6b32617b37856de50caa489c359d1d16aeb6ed54075628577c0fb0f

SHA512
a3fed68ff2a3a86afdc21e765b861f4b0203b9aa76bf683eb8d4e7f4c70ccd8287278e6671559d2631da3df9b7123599d6123216fbfdca570f44f4730ed76a76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
b434a5d9eb1cef985f8899ad769724fe

SHA1
82f81b57b1cfca0bf176e4fb93d961295c3db1f1

SHA256
f417a519bb50f84873f179a14896e7be586bdd7e559ab205c60fb95bdc605097

SHA512
56255c369bb14c97de21979a7affd2aebb43b96bc503d6b785b523edb144f0fe7934051278cc25d45df3227f711f6a2d236ae91ffc41169d897c0dcb8e4cae1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
07e630041cb0244628e0a4a3701038e8

SHA1
b8532c595e8104b1bcdec995a064760a1a23f4f4

SHA256
de5504e9740a07186a6e4a5f774d129ed2a1043df619bc470af4209d5ce446c5

SHA512
0c0d543dd45740290475d432c0dba18611e52f1c5aff292ee581e6af5df5d28138e227037c80bdb9276704456b34b37a6ba9a223e12650ae5542d9adfe6abc6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
512B

MD5
6c7f8425621d2d150f0e739e2e2bc526

SHA1
b514f53c9d56a19f4ddb66436624aa48fc9ab630

SHA256
acf33f590000912545ab2ea87be2b5b9695f8633b74e45945193698978d485d2

SHA512
7a3769a79dc729edf501acbfcd3e092a65be490ef7d6ed1843781de5748469bade3ddca44da20fd87f177ca70deab469cef532dccc2219d90d1009e9f1b272b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
686B

MD5
6f1846b6e200991ca0c84524cdbc579a

SHA1
d07379a25f01b420d33c2b106897ac6b7b8a9ef1

SHA256
66d661648978b09a5d23bd2efab243e5f50464baad926c28ab8853c5cdbfe1b0

SHA512
00f0e002010615e42f523600cb162dff2a8de9ac0c7ad29e1a930a1b5716d33b6e1bc6dad90149f83f2a741513f86e854ba6b06f980316741a358c2699f0141c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
512B

MD5
6ea4445c0c8618342a976292a1629a4e

SHA1
f099ced7f4d1373a6fc1c85c2672a222c0a408a4

SHA256
6a1f33fceefd8e63a089236b4c1c0ec8e3146c05141d76e64507ee3b5586b122

SHA512
8d72d82fe37d672f9963322911a90a22d4703f914a78cec9c445b40b3ba61a7d1365626b968a69c454da4ea549dbe02bbeacefdf7041488d1eca3a9d13faa005

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
686B

MD5
7f6dc2004618a5b1705cf28e964a6110

SHA1
a302da810d58ba062f2b8e94fbd8142876fbfa44

SHA256
bc46b6b30e5040b41b9c880e2298f0a107567d6b414235bdd3a9aae4c00e8e63

SHA512
b7eca6f7705d962c1b7c0ab562ffc9b4ca039f0aeed789f14c261a7c11335b8802f81741fbf5111846a5f9e59a19acc8153bb0e429f78f5c5287c5ac5096d99e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e8997d9e6f6a7d7d56ae76e0bfd9b492

SHA1
fb48b8704ac180f4ee7ffd6e6d255a6ff714e90b

SHA256
62727ad18d29afcaf72256984af1cb26d42af7433d74a5027795845cdf3501e0

SHA512
b335f0a693aaa508adb7b8922a6421446c79b55ce56ae5f04b3e7e2a2695deaa290602785b5b00c6a9e06d1486351d5959df25601759fc53626abd1fe639a4f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
510a20dcb7a90e42904a0a7bb3716020

SHA1
2d93fdacc83aa10de6210f7a6c4868ddba7c116c

SHA256
1034d8ea693f3e59e6e53a95e110cc6a73168411171252ca7d9a7c18d8ae7456

SHA512
3a43fa0046e1583567bda1d3fba8e88c4d75aca27dca01d29c5e03a5f5380b5fe979e5ace1097416058cb4edbf59ee8da8d26c41d1fb02df8a71b812a8e9d06b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
8ff191ec1760d053896c9a63b2e059ef

SHA1
ebeeb6a372f40ccfeacf4e5e2eba3a03c3f1d32f

SHA256
1dd96cf10e4c82fb619f0e3a8751c59cfc68293a0b02134595d811f1b70b622f

SHA512
8a0b04587c35564f67421e06ec66d649eea05ec7e2215658b357f589ff0a1d55deb55221d651d0d962349d230ce0dba56ad0c7eb2511f9a63634d1ceb5e7ecfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
5bbcdd4a31a41f41b0750357e684816a

SHA1
9b94ba0ec22de28215499f6419f9358dd97dcee1

SHA256
8c56b29e7c8b2112ec8972eab360cb725d27c1c5fb610329bd36ab245a8ffe45

SHA512
c677725d7f10e516b1c93949c32845dd141164802fd7caaa59890b2a360ecdab9128e458421a660e4ea7dedc987659550c6aff6e29fea73375cd2e2230fd1297

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
542116690d29693f602908d1c7c2de7a

SHA1
d12a5e797d9219d25021f948bf242957d7746239

SHA256
bab1be21eb0b5c6099b8d2ef9d4d914da9b2728fe616cf9e90ce9920654a9870

SHA512
680d89391c8f8399f9fb075d47207f2bebd1350b94b8fd084ae37f53b01f76286f14c046b690033cf65acc0e9cdf3821957b01a2af9a6ddc198aca9543cbe2a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
bdd49133e6d2612f9c8e53e1dfb09971

SHA1
e25e94be1a0c12e35960855aa8e42ea310854476

SHA256
2422f9b38bd8a45cf410a614a579ee47dd3ffdd681ca00f4224ac917b62c5323

SHA512
e4dd5f7c25b348c0dc976b023f5f8a7c1fdc7442858bd29cbed9eb1dfa6daaa4c8616e210f4a5f0426cbcca8a2e72bcdebbe61f34d4c7cda39f9c569c81d8297

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4d4b24570808ce4cedddf11290bb81fa

SHA1
828143dc6472017f861f7b414e6ad7b120b4da83

SHA256
629776d96dd88a6ee289463c35b6c4ce3451eff30b2d539d9958e6d81f829e89

SHA512
2b309213741cd25252de2c725fade8efbe3249875f51dde8f7a17096e1ebf223808e169511a7e6d3d856a7de4543127c343fcf68003285733ff1fc6911d3d390

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
ee8a7b3b407abbe5c94dfde286d06751

SHA1
b533b63f8633a40c5ae455350267f688a8976308

SHA256
c3acbb3ff9d8509122ddec3022506b3915384df8996543c9aebcfb4ebbba3a3f

SHA512
9736a23b90acc97c4427e0af5f25ce765455986c778ce5f5d5a4683d3c89063cd08470cac29b7776d6e1ed3c376b51db3ca82a093f3bfcac1980ad65ce9e2ee5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
94275bde03760c160b707ba8806ef545

SHA1
aad8d87b0796de7baca00ab000b2b12a26427859

SHA256
c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968

SHA512
2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe590575.TMP

Filesize
120B

MD5
5a21b7334db3594cd0ae1ef136710ea5

SHA1
8cb9e1fbd0969459434e4fb3b9e612a690a78a21

SHA256
f332ead976d28c413e6f73a7f6c200c9cc26907e3a88059e35720de0541b25ef

SHA512
e85cfbd34f9eed137c8848f1250f84c6e9173fa976daa8de64e7fea1952265162c7ba530fee1aa1bbb4e7ecfa3e797190758d40f33746974db8a0c5a9618d7fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
282KB

MD5
807750692df108c5384e41828baae87b

SHA1
c91c7bf409f993aa4d03f4447b9686065f157132

SHA256
28d63a7dfc3eec8eff60a7ba43bd26058dae15d876c84f19d612397e87942a8e

SHA512
ca76b9653862cf055ce85a6c43b7af67c78468bf8b73ee3adf6011467a24c1275396809633b361bcbd127590cf092488a5a073cecae4fbd70cf4ec2033edccb7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
0ce2c433f2f5fb0c8dcdf8fccc59ed51

SHA1
882b68bbea4f27daf191075d1ae6a33332d54d15

SHA256
9119f44a109b9237b30e73eed5b426fd52d31aaf7cbc8a094ed9d712dc980c3f

SHA512
641e2cc891ca560484e101e8a16c62c311d7a27c59b71ddb805e102c76738bac24424537f4ba0eb5af06e49da96de13d5dae90f007c42f1a57df08ab2f07eed5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
262KB

MD5
0922589dd85d8f1a7994a216763ab772

SHA1
f3255bcb9ea54037ba129ecbedefe617253397e2

SHA256
81bf4ab2307a8bc071040caea89e5696eb779a0d79247214d2707eeb9e9a7039

SHA512
4aedb87068a699e47bcd734fb0e0f6ad9b222b9292795cdf8b3a3d3bf3c7d8b8a041c547d0cf5c2a3dfca80d4e5354fd61754997fe25c8298cbb20020228b1c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
262KB

MD5
e5a6ae1cb80160b2cd2449306fc43b7f

SHA1
31071dd808f35198640bec7553d29c376c958de7

SHA256
951d67c0525e609910e742160ef2a14ccfe241dabfb58834681058c3f49a2ccc

SHA512
a2d4c853a928a0f31a6c772d4a33d6b00700bd26663413f80bddf6d292b25e140ef35ba76cad0509b242831ad3dc060e825e0efe06d298a352d804532090e07e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
bb376df5624852c802dfe560f3c7c756

SHA1
d915d5526758842d131f05d5434d3e6726cf87f4

SHA256
11e2c62d830337ba1414e7da963de8120b7d54b976cfb2e995ebdd38b291987a

SHA512
cf37e016ab7a0174f139ecfa4b9e1cb02c020e31c2fbb86b711ae7ad51c409c299ae368e828a286db6e2954b9bb48a14a796b27b226b0aadb84a43f209aa7d5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5879af.TMP

Filesize
88KB

MD5
25992bd975e6d5f80642d9b203f66dda

SHA1
2958906b24590050eed42b5b72300cb35094cd50

SHA256
23ec8a774eecaa74bf7b4fff6285b320e9d2e5cb21ff65814637ff9976318d29

SHA512
fc88766ba42c042e642489c953ba8351f12a13f5d32e86f4f8bf75fff24fce718d2b22fcdb55fc0d52f21da01b656a5b0b9a53a8ff2d9616846c3fddee626bba

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Core.dll

Filesize
488KB

MD5
851fee9a41856b588847cf8272645f58

SHA1
ee185a1ff257c86eb19d30a191bf0695d5ac72a1

SHA256
5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca

SHA512
cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Wpf.dll

Filesize
43KB

MD5
34ec990ed346ec6a4f14841b12280c20

SHA1
6587164274a1ae7f47bdb9d71d066b83241576f0

SHA256
1e987b22cd011e4396a0805c73539586b67df172df75e3dded16a77d31850409

SHA512
b565015ca4b11b79ecbc8127f1fd40c986948050f1caefdd371d34ed2136af0aabf100863dc6fd16d67e3751d44ee13835ea9bf981ac0238165749c4987d1ae0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\get-intrinsic\.nycrc

Filesize
139B

MD5
d0104f79f0b4f03bbcd3b287fa04cf8c

SHA1
54f9d7adf8943cb07f821435bb269eb4ba40ccc2

SHA256
997785c50b0773e5e18bf15550fbf57823c634fefe623cd37b3c83696402ad0a

SHA512
daf9b5445cfc02397f398adfa0258f2489b70699dfec6ca7e5b85afe5671fdcabe59edee332f718f5e5778feb1e301778dffe93bb28c1c0914f669659bad39c6

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\has-proto\.eslintrc

Filesize
43B

MD5
c28b0fe9be6e306cc2ad30fe00e3db10

SHA1
af79c81bd61c9a937fca18425dd84cdf8317c8b9

SHA256
0694050195fc694c5846b0a2a66b437ac775da988f0a779c55fb892597f7f641

SHA512
e3eca17804522ffa4f41e836e76e397a310a20e8261a38115b67e8b644444153039d04198fb470f45be2997d2c7a72b15bd4771a02c741b3cbc072ea6ef432e9

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\hasown\.nycrc

Filesize
216B

MD5
c2ab942102236f987048d0d84d73d960

SHA1
95462172699187ac02eaec6074024b26e6d71cff

SHA256
948366fea3b423a46366326d0bb2e54b08abd1cf0b243678ba6625740c40da5a

SHA512
e36b20c16ceeb090750f3865efc8d7fd983ae4e8b41c30cc3865d2fd4925bf5902627e1f1ed46c0ff2453f076ef9de34be899ef57754b29cd158440071318479

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\vary\LICENSE

Filesize
1KB

MD5
13babc4f212ce635d68da544339c962b

SHA1
4881ad2ec8eb2470a7049421047c6d076f48f1de

SHA256
bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400

SHA512
40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\WebView2Loader.dll

Filesize
133KB

MD5
a0bd0d1a66e7c7f1d97aedecdafb933f

SHA1
dd109ac34beb8289030e4ec0a026297b793f64a3

SHA256
79d7e45f8631e8d2541d01bfb5a49a3a090be72b3d465389a2d684680fee2e36

SHA512
2a50ae5c7234a44b29f82ebc2e3cfed37bf69294eb00b2dc8905c61259975b2f3a059c67aeab862f002752454d195f7191d9b82b056f6ef22d6e1b0bb3673d50

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Wpf.Ui.dll

Filesize
5.2MB

MD5
aead90ab96e2853f59be27c4ec1e4853

SHA1
43cdedde26488d3209e17efff9a51e1f944eb35f

SHA256
46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed

SHA512
f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\bin\path.txt

Filesize
49B

MD5
6b09afc61af8884f2fc6204922e970be

SHA1
fe3da40f27e8dc2b8e2392c9590666982fff3398

SHA256
f99a87a0c9006940f0d9efa1331d253dcf56016c82f4e266b507c303bb8493a6

SHA512
69ac27dbd690d1919a5da98e5f427328147c18a338596a0cf7ccb2cd09594da388fc4bb5df660bb4ca5a630f3ffc3ee3783b24c262683d2c5992db2f1abca8ea

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.dll

Filesize
5.0MB

MD5
721f26e6e6d332fbe1a67d70dbd3a162

SHA1
1df1d0125463e6e9097a2af68bf10c083e4399bd

SHA256
38da7bed4cca1d50a9894d1005ec1228309853c2c2ccc40b9dbf50c0704257c1

SHA512
6c90deb52c1a37fcd30fd34c22846eeeb4118ab71ccbc15ca626f3db4a227bccd586fb1c94521bc183bf6c931d6ad03eb2586397b48f1f6a127c53c40f799004

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe

Filesize
85KB

MD5
f8f4522d11178a26e97e2046f249dfa7

SHA1
8b591d9a37716e235260fb6b3f601e4ccbebf15d

SHA256
3c372a8919c28dc76414b2f30da423c3e1018b1a8444527949ce20cc3fc93ed0

SHA512
52ea881cad501cf1d5e8ac47355e862ac1bd39cb6e1ff3d362d392b6f2d676e74878832505d17a552aaa3bc8f3977da11fa3f9903722eedd23716fb46ddb7492

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\libcurl.dll

Filesize
522KB

MD5
e31f5136d91bad0fcbce053aac798a30

SHA1
ee785d2546aec4803bcae08cdebfd5d168c42337

SHA256
ee94e2201870536522047e6d7fe7b903a63cd2e13e20c8fffc86d0e95361e671

SHA512
a1543eb1d10d25efb44f9eaa0673c82bfac5173055d04c0f3be4792984635a7c774df57a8e289f840627754a4e595b855d299070d469e0f1e637c3f35274abe6

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\vcruntime140.dll

Filesize
99KB

MD5
7a2b8cfcd543f6e4ebca43162b67d610

SHA1
c1c45a326249bf0ccd2be2fbd412f1a62fb67024

SHA256
7d7ca28235fba5603a7f40514a552ac7efaa67a5d5792bb06273916aa8565c5f

SHA512
e38304fb9c5af855c1134f542adf72cde159fab64385533eafa5bb6e374f19b5a29c0cb5516fc5da5c0b5ac47c2f6420792e0ac8ddff11e749832a7b7f3eb5c8

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\zlib1.dll

Filesize
113KB

MD5
75365924730b0b2c1a6ee9028ef07685

SHA1
a10687c37deb2ce5422140b541a64ac15534250f

SHA256
945e7f5d09938b7769a4e68f4ef01406e5af9f40db952cba05ddb3431dd1911b

SHA512
c1e31c18903e657203ae847c9af601b1eb38efa95cb5fa7c1b75f84a2cba9023d08f1315c9bb2d59b53256dfdb3bac89930252138475491b21749471adc129a1

Download Submit
memory/1628-1476-0x000001F1F6940000-0x000001F1F6E7C000-memory.dmp

Filesize
5.2MB

Download
memory/1628-1481-0x000001F1F3450000-0x000001F1F345E000-memory.dmp

Filesize
56KB

Download
memory/1628-1504-0x00007FFAEECD0000-0x00007FFAEECF4000-memory.dmp

Filesize
144KB

Download
memory/1628-1503-0x0000000180000000-0x0000000180BDE000-memory.dmp

Filesize
11.9MB

Download
memory/1628-1500-0x0000000180000000-0x0000000180BDE000-memory.dmp

Filesize
11.9MB

Download
memory/1628-1501-0x00007FFAEECD0000-0x00007FFAEECF4000-memory.dmp

Filesize
144KB

Download
memory/1628-1498-0x000001F1F68E0000-0x000001F1F6918000-memory.dmp

Filesize
224KB

Download
memory/1628-1499-0x000001F1F68A0000-0x000001F1F68AE000-memory.dmp

Filesize
56KB

Download
memory/1628-1497-0x000001F1F5560000-0x000001F1F5568000-memory.dmp

Filesize
32KB

Download
memory/1628-1495-0x0000000180000000-0x0000000180BDE000-memory.dmp

Filesize
11.9MB

Download
memory/1628-1494-0x0000000180000000-0x0000000180BDE000-memory.dmp

Filesize
11.9MB

Download
memory/1628-1493-0x0000000180000000-0x0000000180BDE000-memory.dmp

Filesize
11.9MB

Download
memory/1628-1492-0x0000000180000000-0x0000000180BDE000-memory.dmp

Filesize
11.9MB

Download
memory/1628-1505-0x00007FFADE7D0000-0x00007FFADF291000-memory.dmp

Filesize
10.8MB

Download
memory/1628-1479-0x000001F1F65F0000-0x000001F1F666E000-memory.dmp

Filesize
504KB

Download
memory/1628-1477-0x000001F1F66B0000-0x000001F1F676A000-memory.dmp

Filesize
744KB

Download
memory/1628-1471-0x00007FFADE7D3000-0x00007FFADE7D5000-memory.dmp

Filesize
8KB

Download
memory/1628-1475-0x00007FFADE7D0000-0x00007FFADF291000-memory.dmp

Filesize
10.8MB

Download
memory/1628-1472-0x000001F1F2FE0000-0x000001F1F2FFA000-memory.dmp

Filesize
104KB

Download
memory/3548-1473-0x0000000074E20000-0x00000000755D0000-memory.dmp

Filesize
7.7MB

Download
memory/3548-0-0x0000000074E2E000-0x0000000074E2F000-memory.dmp

Filesize
4KB

Download
memory/3548-5-0x00000000057C0000-0x00000000057D2000-memory.dmp

Filesize
72KB

Download
memory/3548-3-0x0000000074E20000-0x00000000755D0000-memory.dmp

Filesize
7.7MB

Download
memory/3548-2-0x0000000004CD0000-0x0000000004CDA000-memory.dmp

Filesize
40KB

Download
memory/3548-1-0x0000000000300000-0x000000000030A000-memory.dmp

Filesize
40KB

Download