Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-05-2024 00:36

General

  • Target

    Client.exe

  • Size

    31KB

  • MD5

    fdbf55e90eba969a41229f1a8b2506b5

  • SHA1

    5df3f39480c05be26a61d41406ae50b107873a87

  • SHA256

    6e4e80c7fc6f4a659f2bceabc5e609061ee6e3715c070f853e79c8ad9a2718f6

  • SHA512

    9857f7c45ad04ff7a095f52523c6da22ed8d5e3e841e988ee430c691e585c17d39f4110f8e9e55cacbbebbde65f838f8a736dc7c563e50e13429a78dcecffdb3

  • SSDEEP

    768:7e0v+hW1nRNAzx7SnAlOvQFLhvKcQmIDUu0ti+Yj:C0K2a9RLQVkCj

Score
10/10

Malware Config

Signatures

  • njRAT/Bladabindi

    Widely used RAT written in .NET.

  • Modifies Windows Firewall 2 TTPs 1 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Client.exe
    "C:\Users\Admin\AppData\Local\Temp\Client.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:3440
    • C:\Windows\SysWOW64\netsh.exe
      netsh firewall add allowedprogram "C:\Users\Admin\AppData\Local\Temp\Client.exe" "Client.exe" ENABLE
      2⤵
      • Modifies Windows Firewall
      PID:2172
  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe"
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1772
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb97bdab58,0x7ffb97bdab68,0x7ffb97bdab78
      2⤵
        PID:4004
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:2
        2⤵
          PID:1088
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
          2⤵
            PID:2344
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2252 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
            2⤵
              PID:1012
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3092 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
              2⤵
                PID:516
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
                2⤵
                  PID:4348
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4296 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
                  2⤵
                    PID:4756
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4032 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
                    2⤵
                      PID:4336
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4584 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
                      2⤵
                        PID:4108
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4776 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
                        2⤵
                          PID:2472
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4840 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
                          2⤵
                            PID:5056
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
                            2⤵
                              PID:3180
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5064 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
                              2⤵
                                PID:2244
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4872 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
                                2⤵
                                  PID:4536
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3952 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
                                  2⤵
                                    PID:4388
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3120 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
                                    2⤵
                                      PID:5004
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4304 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
                                      2⤵
                                        PID:3600
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3208 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
                                        2⤵
                                          PID:516
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3236 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
                                          2⤵
                                            PID:4612
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5244 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
                                            2⤵
                                              PID:1472
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5708 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
                                              2⤵
                                                PID:3180
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5824 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
                                                2⤵
                                                  PID:3188
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5968 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
                                                  2⤵
                                                    PID:4724
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6076 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:8
                                                    2⤵
                                                      PID:1996
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5968 --field-trial-handle=1956,i,17644277690033423587,2509237240271641964,131072 /prefetch:1
                                                      2⤵
                                                        PID:4748
                                                    • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                                                      "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                                                      1⤵
                                                        PID:4728

                                                      Network

                                                      MITRE ATT&CK Enterprise v15

                                                      Replay Monitor

                                                      Loading Replay Monitor...

                                                      Downloads

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

                                                        Filesize

                                                        69KB

                                                        MD5

                                                        c356a0c771a0209d3482777edfc10768

                                                        SHA1

                                                        1ff2d992af8a6f19c30ecbe8f3591f26fe1cab08

                                                        SHA256

                                                        32381f4549d36fa4583e599adc04056a4da80a6067c6805b7081c3f3f54a27ad

                                                        SHA512

                                                        561084baf8d65579ead79e79c2c3920ef987384d52ecc11a2689aff95c54a6b823a0c4a8e5b910e60e569450e36563f53adb5796f261f13bbeea59130b81fe3c

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

                                                        Filesize

                                                        326KB

                                                        MD5

                                                        b99c109402eb5090a41bd60127623b77

                                                        SHA1

                                                        f0a74bfe1e275a5683bfb4312aba6486e2834d62

                                                        SHA256

                                                        ba454b5ba7c123abbb66244771cf49844219cb6c9f2a23d07bd6bc91a4f8f950

                                                        SHA512

                                                        619a29ea7a1c678ab86c9cd4c2c3cf9686d613bba14088fece0f8a55a51f8bdbbe239b58f53c2c84e3b20e9fb8cb842c92a4627c760a164777d5f03176a96608

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

                                                        Filesize

                                                        133KB

                                                        MD5

                                                        18fa2e39cd464591489d8fa9217e25e7

                                                        SHA1

                                                        87e11371a06ed5cb998d77504b2ac18e1f022e01

                                                        SHA256

                                                        92c83b8cd694d5aa9b846bde687c15ac8c6c086116a79962cb77831b3d333535

                                                        SHA512

                                                        7a97c939acafe8c6f140ac29ac93f3756231dbd31c346a24ca0b2aa7b46527afa5d22c710693edf5ed218ae68b2e0e9077f05bedc9749383fb60471d3a3e5e2a

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

                                                        Filesize

                                                        73KB

                                                        MD5

                                                        34602c14b3cd39436015a03c31a33c69

                                                        SHA1

                                                        3c483bff2700da63547b033d6e181d8eda923a79

                                                        SHA256

                                                        cdcd68953968b057152973f3a8c5ddb22af24ad0fa7f30150cff714ffa124284

                                                        SHA512

                                                        07d047a878e3dd70fa32b6c40812a79e8cccad87708a40fc942422067a95c4fc5b97b69e1921103fc569fe48b9fb2499c3a1578b2c4dd1cf2add1f0e07fb95b5

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

                                                        Filesize

                                                        32KB

                                                        MD5

                                                        df0c867c5fabd8e3d924adaa0b71645f

                                                        SHA1

                                                        03080a2098c5ae7d430ffc50360252ce01dc8d19

                                                        SHA256

                                                        5f58994bcd7c1fd1ea6b68dc79e50554a82235f193937093cdd7b1f0d9b1fb5b

                                                        SHA512

                                                        da24d89c4921a5f1ec0d7aefcbca5a8a4e53fdc28385e4c9c29f3b3a0b6d2f84167e46ef77b7aff03c5b0ed23917b3fd8e7e8bda675903788e95cdad9a56d352

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

                                                        Filesize

                                                        64KB

                                                        MD5

                                                        d84862513956cbe61aeb4ebbfdd3355a

                                                        SHA1

                                                        14ab269df17cb0333b1556ce120d587324479f6b

                                                        SHA256

                                                        a18b26912ab9e034923cc64fbfdb59d682500f2c556456930e480b6bd69e33b5

                                                        SHA512

                                                        d04ca96d72595f1e291a6ce96f092c1707064800103cde733512a186c1b22e089b63690a0c53965c97248dd782731b22fa2d27b8ee3ae112647382f1c06d1a9d

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

                                                        Filesize

                                                        19KB

                                                        MD5

                                                        d546a874d6488dc7b2abd0843b4d02b2

                                                        SHA1

                                                        abc38412c078bb9ab9ff9757aeefa67a19ff2501

                                                        SHA256

                                                        c243c2a98c75631185c8d04ecfffc2765b0d3e3516c3ee7e2cd8d2b67660cf5e

                                                        SHA512

                                                        13c7bde4df056340a345dbf1473a01308fd2786be7a384411814afa8f005d34d2ea979a24cb2d7821b5bd928841ffc3c00944500a55c2f0934155ba786ae9c0b

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                        Filesize

                                                        2KB

                                                        MD5

                                                        492612622352ad00963f0442009b8de5

                                                        SHA1

                                                        878f3a4ecb624042bdfce0129827737a810e58cc

                                                        SHA256

                                                        15cc21d60af9164537b63f13019b9330553da7287d22755313beca0aca1e04f9

                                                        SHA512

                                                        c0612172ae010baa526fbb4a2b8c30d6233e778a5d80b8a234728d7e0e56afeb4d0642b5e6e076eba9449451f843e18add232a54508fa043b3ccdaa70504afb4

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                        Filesize

                                                        6KB

                                                        MD5

                                                        8157920e475c3f6226ac2aadfaadfc4b

                                                        SHA1

                                                        9de46fbb7ed69898f4ba6038a10ea1a17ad035cd

                                                        SHA256

                                                        926ccc20444eff8439ce16765f6b918214b15e05d0b538b45451a384a46af2b2

                                                        SHA512

                                                        f470ce78e4a2dc34847fe377e983ead623c48af2fd0fd9f5173d60c82598edabb7142b5d6a5cc794e1a85df4a644af9348a582a14d7dc2cb928592757b8fd06c

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                                        Filesize

                                                        2B

                                                        MD5

                                                        d751713988987e9331980363e24189ce

                                                        SHA1

                                                        97d170e1550eee4afc0af065b78cda302a97674c

                                                        SHA256

                                                        4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                        SHA512

                                                        b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                        Filesize

                                                        524B

                                                        MD5

                                                        ead0400b11f443bb5ac44bc7c032693e

                                                        SHA1

                                                        00edeb1109767d9a88806e163c52d79d2f99661c

                                                        SHA256

                                                        1d3a8f3c4c654765a607d766345b561f569150beb36b2368ccb2c0a827823a28

                                                        SHA512

                                                        f0655a775b2a78ea0797e6f27de6405f294eceed2719c6c93379e626318626a6068d714554afb959a93a4cc79c48c147dffbe2ee1921544617578ea905b10cf8

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        2d1f23f3b2d88cace27e02735e493035

                                                        SHA1

                                                        e6f7474a1722d158ba948804f9bbca2599df6c48

                                                        SHA256

                                                        56988fb00effedca7033783c1e41edca09620231cf563ba60543109b1ec3f7dc

                                                        SHA512

                                                        53a3f22db92436ec5d6f43ae02ec4c05310add9ee918c790a8085704e44555242b83db930cb91f7a8866bf05fac848e541aa380b780ae45bb2d81629f4e8f4ec

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        ea9d75cdcdc3314217f0edf69e3fb7bb

                                                        SHA1

                                                        bb36bed24caa7e18ff96b71398b54e988b759dd3

                                                        SHA256

                                                        5619f2c627e4a52ea1619d1bd401e60fec46445ae894fa28afc5733f0ce47703

                                                        SHA512

                                                        2ce161ef650aa3004f519dcd2fe167c880d2f9131e212b719ff60d8717ad64f9b0dc599df8642ed28867b69df39fd8e38c6408d79b4e6cb6671f13496e642445

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        93558e2a4c2d37a4666350c6ddd78982

                                                        SHA1

                                                        7d0aa614efee5c3563ce249a05019c16d29c0224

                                                        SHA256

                                                        da8651004ca790f50135260a3ea1b7231374ae6d47de4516d1e2fb0748ee03f6

                                                        SHA512

                                                        c71bff004d919e7cc0adac464e26306fbfcef2a4633d2cd4367300348614e48d214b7c598d82d72bd001b4af8f396bb2f216bed95415d4d66fa4e41f0ebb7e1d

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        a61da270ef35eb46ca18ae9d18be6ea7

                                                        SHA1

                                                        7b000a507ad10cb09ff5f81ef7274975b5f2b2c8

                                                        SHA256

                                                        dd3269e9105b5a9efee13b0dd07584da5caab550bcab785beaa13d4db86c5c1b

                                                        SHA512

                                                        ea7f8027f6246e8c661542d725d054e1c1d602f692199d37db913bde6ad4264bd2e7f6e07c8ce44766bae4353630c4be086aa2b5e766ece30b06262d40b4eda9

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        db8eeb1efcb680b0ef83570e2bdcf99e

                                                        SHA1

                                                        2331023234ad9610f69c140b5673d2fc0dd6d308

                                                        SHA256

                                                        1310176caec8cf867a552a10f204b4254c102907f4fc51f045c40dd28a58ac49

                                                        SHA512

                                                        5c2fe28ee2d1fd3ec0dcd3b1234012a89e77fdd9d94c6cc7651531d034b28f9b4364ba18a738915424caac758b18c5797ec8b76596a6a1166f9efeebdfa52f6b

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                        Filesize

                                                        7KB

                                                        MD5

                                                        a861f4c01174dcb49bb2f3da84109770

                                                        SHA1

                                                        9f050d6428bb7e8b4af2a9694c889e0af4657f1e

                                                        SHA256

                                                        2a44d984aad16935f54a35d9c043180cefc6fc0ff8bd57e513d7688a2ff3a018

                                                        SHA512

                                                        208f2ad5dda55201a9ed442aa62a3bd63e8b57597cb77fcc9fb898b8c0ec49bcc5c43c73388b648933eecc1023fe6a11451f2066de40635210fcb128b0553ab8

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                        Filesize

                                                        7KB

                                                        MD5

                                                        4ecd9b405155bf3375b70263775750fe

                                                        SHA1

                                                        65d7fb158c5f36fd71550ae23241a7e6a6254eda

                                                        SHA256

                                                        360f55820831250e7095302b8ade436572b4580ae87fb5e1af43f658d6d46dd4

                                                        SHA512

                                                        8ffcf60f42ed040cae65185a4a33f0a682556ea054dd0ee998f5bcaa2980ee66560c33c1466189b2882e22f252e76aeb02ffed19818b6ffa72c2ead65c84e01e

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                        Filesize

                                                        6KB

                                                        MD5

                                                        c18c1b7c91f2602a497b22b7322dc5a6

                                                        SHA1

                                                        ca5e8243b7e90c09a3b4355890166386d1efbbde

                                                        SHA256

                                                        61cb371cb1dc486a3a7cfece8ea0f13a853b3947741cdb30faed244829a11c49

                                                        SHA512

                                                        4e951c709eb393a9fd23805a11a6df68799dd23dddd4df561e46c8194c7d90d3807eefc17de85ede7f3b007af9fc41e3815d26b83f3b53ffc368c75ffdacbb75

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                        Filesize

                                                        8KB

                                                        MD5

                                                        db638310fa4abbda02cbb0816d9592b1

                                                        SHA1

                                                        3e4d4283c21493493fca3816d580f66156e4d36b

                                                        SHA256

                                                        e9d4b643ae5c8247e51cd9bd776b48eb826a2fe2a9c681d423e2aa3851f487db

                                                        SHA512

                                                        df6ba861c77d3081953e2ae65bb4aee910c4a68b7b03621a16da2d373de4dc691b1c4a9367f819ecdd08d0910730d4408100f07831cc07f716598620485717c0

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                                        Filesize

                                                        16KB

                                                        MD5

                                                        3c1d89e664ba304a549ac91f463d49a2

                                                        SHA1

                                                        c7392f3386e3b87c708b0cf287c723346801aa16

                                                        SHA256

                                                        7eb8d9968ae75f141be6000a8693cfab7ab7f34884fd4ab0b09c2bc534f4918b

                                                        SHA512

                                                        8ef83d6553ff57e368a78703d8dfdc7f267ad88c527ae5387b4381a759283f8e909bf82768278b36bf64de26dcc77e0965056b3c373fbad5d2d6527d53431ad4

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                        Filesize

                                                        261KB

                                                        MD5

                                                        4404d7c58181e45d40130e374682b9eb

                                                        SHA1

                                                        d6299cfb654e628c9c1a2b5d341dcee5c123c8e3

                                                        SHA256

                                                        b47ad636aef1a6c3b4d55d4021da7d3fc7bb90ff9e565fc1aa81cf80dfeb0779

                                                        SHA512

                                                        7a39a4ddf3dc51229506efadc2acd870eb385992ce6305d931438b584a17881c18b06a1be1c4236ab829e08ef91a51d08a736893a88281c076ff063e24e0252a

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                        Filesize

                                                        257KB

                                                        MD5

                                                        01fedaa06c4cae55e922b7b3d20c6790

                                                        SHA1

                                                        1601ff09cef8898732c62d23289b91b598c47ba7

                                                        SHA256

                                                        010d78ec02f4018101fdbe655cccc12c85b060aaac647bbd34b2166cb07d338b

                                                        SHA512

                                                        4ab68bb1ffad79e3ac1a968d7b79e6ac38d7b5a84f7299dc2ec21522f9c3284823277438a11eeac40a3de9d06172c47b465b430b29fb6d9d3f95e2f3225f3c3d

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                        Filesize

                                                        262KB

                                                        MD5

                                                        cc27f4998d441a8143f49290cf6b1f99

                                                        SHA1

                                                        ca6fa5965a61914c4c47df324c69079dc39c2635

                                                        SHA256

                                                        9360435e77ae2561de1dd86edfcb79bb055abf2f11ddcdef445bcdde7c87baf0

                                                        SHA512

                                                        62498b42e4c1e19378306b83b5a17bf24bd3556b87260980b15727415248ae02ea55ea0521bbb14df524c3ce24537d729801632a8b3352ebb4154229e48e1fc7

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                        Filesize

                                                        95KB

                                                        MD5

                                                        000f8638efd24f102fc4a56d7c64eae5

                                                        SHA1

                                                        bc60005efd49c147d00c608b32fafd9341be9e47

                                                        SHA256

                                                        e59ef6dfe4a5a2d0e30e64b08da6bca6c171d4f0673cfa9e5f8ecad62e786ab3

                                                        SHA512

                                                        bc9925d1400536901137c026bd19fa7325ffc0f4fad90bc608b2920423ad6b2404c2759f3dfed9ca91a93d12e04454a8bc7b3628c19a066abdb1eb506485779d

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe586136.TMP

                                                        Filesize

                                                        89KB

                                                        MD5

                                                        47325fb167b9a495e59d0b83b8868cd3

                                                        SHA1

                                                        0d1bc351a525ca807a486f914ed7df736d810356

                                                        SHA256

                                                        4e1f580a463c174c56a5ee60090257ca81fde7504cc39b2acfb5c7b6e1c8c191

                                                        SHA512

                                                        46f9f8ab116c048a2db3bd7d8919b4e31eaeeca4d994f83481cadbc4cf1d637a5c706a1bedb5324cb77e936dd6957f75aba0816db38d3e66ca167af9eb4f2181

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\cd26ab94-ab51-49be-9993-4e742f2e8ec7.tmp

                                                        Filesize

                                                        262KB

                                                        MD5

                                                        18febfa85b6b27a4baa9d12b81838f2f

                                                        SHA1

                                                        edae22d485cdd01c9334823834cf5ad5e436c5bb

                                                        SHA256

                                                        d9c80f36447175bb127d12c0eeef14582b6dee94c91e7b9e856edda79894562b

                                                        SHA512

                                                        ae39af8a01b53feeb3f3df638d7579f87d49d1073b9a2e0360f90131a92b37fed00d9be52fe9f5d5927a42f1114e3c8e8f9f1fbe7cf4c0c243f139e1d37d9bb9

                                                      • \??\pipe\crashpad_1772_JQGHYXSUWCASJVUH

                                                        MD5

                                                        d41d8cd98f00b204e9800998ecf8427e

                                                        SHA1

                                                        da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                        SHA256

                                                        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                        SHA512

                                                        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                      • memory/3440-58-0x0000000074F20000-0x00000000754D1000-memory.dmp

                                                        Filesize

                                                        5.7MB

                                                      • memory/3440-251-0x0000000074F20000-0x00000000754D1000-memory.dmp

                                                        Filesize

                                                        5.7MB

                                                      • memory/3440-0-0x0000000074F22000-0x0000000074F23000-memory.dmp

                                                        Filesize

                                                        4KB

                                                      • memory/3440-4-0x0000000074F20000-0x00000000754D1000-memory.dmp

                                                        Filesize

                                                        5.7MB

                                                      • memory/3440-3-0x0000000074F22000-0x0000000074F23000-memory.dmp

                                                        Filesize

                                                        4KB

                                                      • memory/3440-2-0x0000000074F20000-0x00000000754D1000-memory.dmp

                                                        Filesize

                                                        5.7MB

                                                      • memory/3440-1-0x0000000074F20000-0x00000000754D1000-memory.dmp

                                                        Filesize

                                                        5.7MB