Malware Analysis Report

2025-03-14 23:49

Sample ID 240603-gb251sdd5z
Target 90b57906a2bffd7182075b314160ac40_JaffaCakes118
SHA256 b17ee0b9176b8139c11f6071af5459678629e4b4cb20e30944bf592b684f450f
Tags
upx persistence
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

b17ee0b9176b8139c11f6071af5459678629e4b4cb20e30944bf592b684f450f

Threat Level: Shows suspicious behavior

The file 90b57906a2bffd7182075b314160ac40_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

upx persistence

Executes dropped EXE

Loads dropped DLL

UPX packed file

Adds Run key to start application

Checks system information in the registry

Unsigned PE

Enumerates system info in registry

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies system certificate store

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 05:38

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 05:38

Reported

2024-06-03 05:41

Platform

win7-20240221-en

Max time kernel

120s

Max time network

137s

Command Line

"C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe"

Signatures

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\UBRun.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\UBRun.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Windows\CurrentVersion\Run\UB_Run = "C:\\Users\\Admin\\AppData\\Local\\UB\\UBRun.exe" C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 19000000010000001000000044ba5fd9039fc9b56fd8aadccd597ca6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca61d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e4090000000100000016000000301406082b0601050507030406082b060105050703010b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f006700690065007300000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a92000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 040000000100000010000000a923759bba49366e31c2dbf2e766ba870f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a953000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f0067006900650073000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e41d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca619000000010000001000000044ba5fd9039fc9b56fd8aadccd597ca62000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6 C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 0f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a953000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f0067006900650073000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e41d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca62000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2168 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\UBRun.exe
PID 2168 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\UBRun.exe
PID 2168 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\UBRun.exe
PID 2168 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\UBRun.exe
PID 1824 wrote to memory of 780 N/A C:\Users\Admin\AppData\Local\UB\UBRun.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe
PID 1824 wrote to memory of 780 N/A C:\Users\Admin\AppData\Local\UB\UBRun.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe
PID 1824 wrote to memory of 780 N/A C:\Users\Admin\AppData\Local\UB\UBRun.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe
PID 1824 wrote to memory of 780 N/A C:\Users\Admin\AppData\Local\UB\UBRun.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe
PID 780 wrote to memory of 1928 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe
PID 780 wrote to memory of 1928 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe
PID 780 wrote to memory of 1928 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe
PID 780 wrote to memory of 1928 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe
PID 2168 wrote to memory of 1696 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 2168 wrote to memory of 1696 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 2168 wrote to memory of 1696 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 2168 wrote to memory of 1696 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 1696 wrote to memory of 1852 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 1696 wrote to memory of 1852 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 1696 wrote to memory of 1852 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 1696 wrote to memory of 1852 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

Processes

C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe

"C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe"

C:\Users\Admin\AppData\Local\UB\UBRun.exe

C:\Users\Admin\AppData\Local\UB\UBRun.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe --use-spdy=off --ppapi-flash-path=C:\Users\Admin\AppData\Local\UB\Flash\31.0.0.109.dll --ppapi-flash-version=31.0.0.109 --load-extension=C:/Users/Admin/AppData/Local/UB/Application/106.7.0.8/extensions/lineSelector,C:/Users/Admin/AppData/Local/UB/Application/106.7.0.8/extensions/screenshot

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\UB\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\UB\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=UniverseBrowser --annotation=ver=106.7.0.8 --initial-client-data=0xd8,0xdc,0xe0,0xac,0xe4,0x74f1f7f0,0x74f1f800,0x74f1f80c

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:2

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=1372 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:8

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=1540 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:8

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --first-renderer-process --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2108 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2116 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2932 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2940 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2948 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2956 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2964 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2972 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --event-path-policy=0 --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2980 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3144 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1784 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:2

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=disabled --mojo-platform-channel-handle=3760 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:2

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4036 --field-trial-handle=1288,i,15041380974954229635,16534542653585392376,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 ub.xf0371.com udp
US 8.8.8.8:53 d38z5zttlbg669.cloudfront.net udp
FR 52.222.161.118:443 d38z5zttlbg669.cloudfront.net tcp
US 8.8.8.8:53 ex5n-pt6g-b6g7.iy7mljjr68h.com udp
US 18.245.199.7:443 ex5n-pt6g-b6g7.iy7mljjr68h.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:53 optimizationguide-pa.googleapis.com udp
GB 172.217.169.42:443 optimizationguide-pa.googleapis.com tcp

Files

memory/2168-0-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar4226.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 defe86f5afb0598c5d57dd3aadee8bb5
SHA1 b30636328c62506105a14403c875cb72d503a21a
SHA256 62bd5713d83c6fe57f3a621eedecb217d6eab30e884b4a3cf6a97968ea8d346a
SHA512 bb4fba1b24a237d7417d820b67f4696ab7b850b18688d08e82cca402785c2ea388e19f8ec48082691eeb482d7351b3c111d353d2ce756fea6b2291a33c5088a2

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\ssleay32.dll

MD5 906009c15dac4d754f7f95499ae7d91a
SHA1 452cca6da84300082c8c2f910076594685910246
SHA256 2a60511530d0e57b7e5b486be691bd5fdfe16f9ad6b18e61504e152f9f7a2e10
SHA512 e79982caf893495fe1efd29cad3a43f03f342fb215041562be18e0f9fa01b12fa474398d42a5b4d8229c45fa8d81215f546f132b497c0fab44eb60976007e6fd

memory/2168-177-0x0000000000400000-0x000000000123E000-memory.dmp

memory/2168-565-0x0000000000400000-0x000000000123E000-memory.dmp

memory/2168-908-0x0000000000400000-0x000000000123E000-memory.dmp

memory/2168-1013-0x0000000000400000-0x000000000123E000-memory.dmp

memory/2168-1014-0x0000000000400000-0x000000000123E000-memory.dmp

memory/2168-1017-0x0000000000400000-0x000000000123E000-memory.dmp

memory/2168-1042-0x0000000000400000-0x000000000123E000-memory.dmp

memory/2168-1043-0x0000000000400000-0x000000000123E000-memory.dmp

memory/2168-1048-0x0000000000400000-0x000000000123E000-memory.dmp

memory/2168-1108-0x0000000000400000-0x000000000123E000-memory.dmp

memory/2168-1127-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBRun.exe

MD5 654aebc12f90f5bcaab193a5629ffe76
SHA1 a95110368dd9157d1d7bb535de2ef9bc330498af
SHA256 e8d76e5c0f30327b51718f2a543075607cbe797cd24b712d527f1f6ac724a3aa
SHA512 509b9dedb08c8706dc7240dd5d162ef29b83979320826e568f61f70bd2d8e25b6f176dfec55d76f746a77dffc9ff3790e9f82f91372cd1a9fa551538b1334c62

memory/1824-1148-0x0000000000400000-0x000000000078E000-memory.dmp

memory/2168-1147-0x0000000007030000-0x00000000073BE000-memory.dmp

memory/2168-1146-0x0000000007030000-0x00000000073BE000-memory.dmp

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe

MD5 63449cb90f980153bcd00c8b27f7a88a
SHA1 94828378b3951a2ed8d0f3161aaa93f420619972
SHA256 1e222a409d9895c9ff7eadfe58753cc6c88959b55c82a99cd9026a9abf4673cb
SHA512 f7718dcf00a1ebdaa447f7154872ea960f651bf5eabdc0642ffa532c1a54fc724888ee9519c99023f50fa20160c66f76df47982bb1ffc6a9bdbbdf0078bbeeae

memory/1824-1153-0x0000000000400000-0x000000000078E000-memory.dmp

memory/780-1156-0x0000000000400000-0x00000000007AC000-memory.dmp

memory/1824-1155-0x0000000002590000-0x000000000293C000-memory.dmp

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe

MD5 45d5d0c6f7e6b6fb9b2fbf524d4e43df
SHA1 fea6b0aff3a4be451a308e68ca695bcc7e971eaa
SHA256 767cd8ec08bdfc26875838c6755c2dd253d5871756ca317f5662bf77d174e815
SHA512 df1e636c16c80bd02cfb3b4c9d95bc3736917e9f19a34e2da56d43159f11856c96c2513ace2e29f35960987a491811f084c3838632905770b8dccacc38a34022

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe

MD5 c311ee84cfbaf0cbbf9ab9ae5fb15003
SHA1 ab617a3325aab33450904e6bcf8c674930c19026
SHA256 9089a1884497f66ba9e4973ccc23d123a558ad360cd264e0604e3ef401fd86cf
SHA512 fc63bd90a6dc1ebd0f7e79ae51ea3aa10cdc7ab5618af43a82ea035d20bede332073d0b12a18a032e4ae8293eddf1251d342af501ead501acb1b10d2cd882349

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Qt5Core.dll

MD5 58388131ea2bed0e6abcd5b7f2ffb4b2
SHA1 df20f769c01ba548bb04145362045cde2dbd5b9c
SHA256 c4264c0be7206d5b7d0024d908fe96cbac7c4c711685844743b7d1defe541dfc
SHA512 9b20e296de29fa92f83946fc0d148d8b0582d1047bd320537c8b9e6c9d9fcc41dcb8aa56f7114669cd6831b5381553339da3b616c69c077f628761de53dc9e8b

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\QtcSsh.dll

MD5 c6169bcfe1f0412f4c255b931290260f
SHA1 2390948f1c85fa01fa4604d7ef391735d68572ab
SHA256 d648ce2e0619fc39e3bfdee7ec9fb7ab7a32a62389695af0256c0ca6c5e8ed6c
SHA512 c392de1690fc148d8df8a1dba99b6ddeb9e5c0f25a453b6a1e1e483234bfbcd589e010e614d10d564837c0dcf276bcbf5657161ea2c84b14e9183b79f60500c5

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Qt5Xml.dll

MD5 1abc784e1b8d1b5d0769743135729c40
SHA1 842ad1c0f6d066e9fcf32199ebd5351dbd818942
SHA256 010483eda8234778e1085eb61bd3348087379bd1dcd27c30b6c9f99ef27d0220
SHA512 a5a4b1b5fceaab819927a3317b0e2a8c683c360279655dd116963703dd7da30e2c0082fc1b8c2f6dc18ac7e25c6256c44b75cd4e8537dcee14252f81f2e8f306

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Qt5Sql.dll

MD5 4c98926aed327c0248111be855f3d039
SHA1 0351dc9112245ea3ad575755a15e31507c0fc8c0
SHA256 0db964aad8a7d3b19e2348ec16860902d2753060dc6b44d746a6a1d03b1d4b13
SHA512 18f28669bcedd7bb71788eaa30b999ee0013d3a230d60f7c138c0bd799141c0aabf8568eaa68bb7d4c65536e010775e56251b86606424bd498c3730120dc9450

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Qt5Network.dll

MD5 1e20d73283cba98eedded0fa42152083
SHA1 4e4d0a643a30d1c830d9a1bb024295fa3d494593
SHA256 c71afe298229ebef8c23c87abcb11bf203b3c837af62d00c8a6cf5379f613ec2
SHA512 eb398835c99b1a1973d33a6c67d043a1c7a1ad1d11cfbe9db42a6a88a07d34fbdc3906ba910591e8f45ce866da7e185ea8fdd8e845a6fd303fab6e899361fbae

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\libstdc++-6.dll

MD5 c283d446b34e75019b81d0981cb11f0d
SHA1 a6e146975dfc55b0659d09e25b9a69f7cff993dc
SHA256 f6530962659d0641236a42517a30dc55c4fcb7d30e942c3e820af343798a770d
SHA512 eb51969a79ee4501c955a81cec9f07e9a39007c1ea69c5021e03ebf3b640d949e19f6e0cd7af969e80ec60ea6b8477804fb76deec2704db503e72906103fea63

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Browser\chrome_elf.dll

MD5 08e568cfbe555b6b4d36e318ca4e477e
SHA1 2c7fffef10063370888d88d6580b66a842570c2d
SHA256 93eb116703983d9d18e7bfca9f772f1ca5806d22c14038cc36b70d3d88af0465
SHA512 49742be04e4cdd70d1051a2c45db93d0ca265b67365f28402ba534a7a83852d450b5c0c73ca5529a068f3bbac7acd652fc04f0a52cead9bbf4659ac18ebcc67a

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Browser\UB.exe

MD5 326b977efb7e4eb6b6de2f83b78e751e
SHA1 f305000772be745d1da95a2fd502ba83bdf8be91
SHA256 4a4df1cc10293a310f8b8bca4c6ecc19fc9e8e376906cda7bb43ea6e34fb60ee
SHA512 cd47ac6099a30b1e91465d099e73e0e1d744ef52467419930ade6b273f7e23ce495cea080a7db39a61d4a58ae846620d4261eb644ae684bfa3403b0aa67f6a79

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\libwinpthread-1.dll

MD5 d128ae39a79e5d196fc001907b5ec3d1
SHA1 71de74d0aa93903e0a169c88fd21e0c617f0660a
SHA256 4195ac1e3a4a8056de42c31d511e0e595772439adba96180b8953ef5f135f7a5
SHA512 5b32eb7e2f01fb17ed0c4434a525ae3056acddde75c32c5036c18b6f2ffa4cf80cfee9bab4c824ca313e6e33114ea0e761dc8f75db3bbbbe4319c079848a3c06

memory/780-1184-0x00000000026C0000-0x0000000004C55000-memory.dmp

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\libgcc_s_dw2-1.dll

MD5 fadde43c97607e4445a6f924d851f04e
SHA1 36c1aa0e1b6d4a322c350f5e502c10c64c203041
SHA256 f0614835136413217ed3baec9ba22aaac4c37956afcb0209f1f89b7676ae86bc
SHA512 66f5637419f88070838ed522defad9aa1b46dd4fd8cb045e0292742831520740d152795b6e99770f34061db596019ef3a342a956b541180e78d1c48b2703f42c

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\icudtl.dat

MD5 cf9421b601645bda331c7136a0a9c3f8
SHA1 9950d66df9022f1caa941ab0e9647636f7b7a286
SHA256 8d8a74ca376338623170d59c455476218d5a667d5991a52556aa9c9a70ebc5e5
SHA512 bc9601e2b4ab28130bfadfd6f61b3ed500deb0bd235dc5ca94999c09f59d10bdcbf278869a9802f918830041f620c88e2c3b506608ade661db48ccd84c1977eb

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe

MD5 49def816483b5100f8d61cfb8b304767
SHA1 cf506faf49fbeffbecb444c9da85ec7d8a3bca21
SHA256 c359ad7b451eac59515d38a649b926daa70dd1be50a987a3f2dc06f98517706c
SHA512 369072764cf06e40567438e5e203fb82b3f6b95886802e6cc7db8dda3d6e97dc3be684c5d270aeec7346196ab5d85e23a1e3eb4c731bcfcac1ca5b4b5954b8de

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe

MD5 df2a17aa1617ed0e1a62073b10b1aca8
SHA1 868d357566f51e73d5ea9f29b9bb877d96161138
SHA256 6efee38732cb2d52d6159f19dc684f275915bd3b9e54b11dd2b4b55aa7def3fa
SHA512 e81e7fcf03a4ec915bb632cac034a2433d01f7307195ba0814dbda7b183dd1b966ac50f31dc8b1a7c1e4f56dd383cbf346b7204ed33ed4688177ac1dc6537413

memory/2168-1194-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\resources.pak

MD5 03e919cf26d0f7f2109cf40ecc1c5499
SHA1 bb43c9114f73747bb9fa0f8571fb6c9f8bb954b5
SHA256 9558d09cea5294c35ec92ef50a6d020bb472f03896852d7c13106e6253c5ab44
SHA512 70d3f9a51ca42baa4fc2c64ec7308b532ec68dd03d60a4b5fad835df04a7bd5e2bd71b0e5e0eb8929fe9c389f502fac14aaf7d8e0dfe47298cf2f9ce7cb37111

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\locales\en-US.pak

MD5 e47fd7db4f5a7fe978b3ae6997596bf5
SHA1 623c27b55bbb8ec58f42752eec480bb6ddee4691
SHA256 435b7a9e72d5e671c96c20e7d4dd8282d7d168af28ae34a141d632b959989a4c
SHA512 a7772f3879d819ffcfd6c9cc54cd1aac3c7a10aeb8f0b6327d9b1eeeb6cdfe0a1fbc846e2d020fd40b1eeaed9a17cf13a7acd5cb638de87e2444f3e4c9866915

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\chrome_200_percent.pak

MD5 0a828129353544891688f6f3ad180385
SHA1 89260e4745d22b9213f2ce7ff89b411200445b1c
SHA256 d2acbef35aac91396019e7915c0d9cf0bcaa9a81793bbeb9e4e4aab1ea196b3f
SHA512 7b799301b5a12ec50f624aa13c41a7564b2c75ed73f4e96ee0e1a9ded18ce168e8ec0d802ac7b90e7a0a10177a5496bae283fa38a920706b1a4754820f009f8b

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\chrome_100_percent.pak

MD5 dd9ee26af78adc777835e9f64632d528
SHA1 70f6fef762b9299000087aac477ae3adf12aa91d
SHA256 2016606f21b925b2fd175c7a14cea2b2ab577c48574083e3651a72be57ffe747
SHA512 de7ef538737a5389cf4fe264a38a6fc4b5ba552289566116a2a343c789371758e06bee0c65a291fa4892fd82633254dea8de4cbeed44166112ee5b32638cb0f0

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\v8_context_snapshot.bin

MD5 2a68f512b2d80c9f9092d8766b1f8519
SHA1 c799430ed9d30e56cc5d54bf1c8c8ea84dbc0a59
SHA256 657e6964658bfc1c475d25083f4ea52af627865af78654f2a3ebfbdee057534a
SHA512 1d4ec445bfbf60761c6d75b96bf4b1fd31d8f435e4a0d5e77a35cfd0e66a160c7db10e1b7ab330369f8364a335db44d24ab7b1871e210b0d6d5bd5ef68ead41f

C:\Users\Admin\AppData\Local\UB\User Data\Default\Site Characteristics Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\UB\User Data\Default\Site Characteristics Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\UB\User Data\Default\3e7fb63b-fe70-4329-9f8d-4a813ab0f0b3.tmp

MD5 5dd72682a9d32761500dae79a77da33c
SHA1 14e45ff351f06b585f300aaddeb036183f1c527f
SHA256 876985094873f4c33c6cfb4825805590c63fd7c1c93bfbda711d6821198e48a3
SHA512 9a45dbe4ba3c5e7841f20ffd6197a90b0b6e6c697003710c3666e09f7c15b0325b3a4b0e3ee91a843cdac2eb07f5234a17a4d0ddd06cdd988f3c9e4784c588ca

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Browser\libEGL.dll

MD5 4ec1537410590cc33881440d4fd7f315
SHA1 e3079ae415de9a15e1b9ab50069635556cb441d0
SHA256 4a3b016fba64f890533dfb67790ef48a0c09674caf146209e6b431ea4b680f7d
SHA512 5d85005a1747546481e4ad177ee0b165bb7649af1c6563e4ea92f39452c35d2646e3d273529c2186a02a94ee386a7a65c4114880c5b6ff5380324b7c0e75394d

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Browser\libGLESv2.dll

MD5 f067893b7e5d73a952b59d3762850fdd
SHA1 13b7b78e8aa179b54b674dad3492925f961e77ad
SHA256 3728fb6d19504d03a9390f5c44b0969adf332ee0005317de505e25f960000531
SHA512 e41105d55ae06257f5f521204f53be0f89ae70084ed877544350edef039d14c2d8834707c18dd4aee2ab5af98e5db7fbe3295b9e353128fce0501595bce9c20a

\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Browser\d3dcompiler_47.dll

MD5 5bb9f86fb494e43609402862a114f39e
SHA1 8544441f348d23044a7f2825db1bafbf1ddbcd86
SHA256 59e36267d17ffc6851a0f5328e85e92257724da758be5d1fb57cde555ad752be
SHA512 ba54ba33472f02b2e9f7592b20f9dc25094d1145738608559217ebf3010806a3342d4ff72b4165dde924e8d9d4794009ebcc9d64cdcbaa6467bae4e02b88528a

C:\Users\Admin\AppData\Local\UB\User Data\Default\Code Cache\webui_js\index-dir\temp-index

MD5 d260c5e43594ad8c54a535d61ef7c0a5
SHA1 c58263fa91d16e0378d052f150ee296ae68194ce
SHA256 54be7d650eb7fcf93912fe46584aa27786ec904384c5b506930ccff9d55fd21d
SHA512 19e4a43976905b8a8b9eaa65cf03dd122760fd8e9d331e0b7f1f46f944a997860eec434a88b9f0054cebbdf13ac7272f1e1fb37565f6ac346959a66f56a4d643

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\extensions\screenshot\_locales\zh\messages.json

MD5 11f12ba54629abef6ab810cb12686bd3
SHA1 8f10a0b8ed91dbfcfd9b42050e65da3cb8a7998a
SHA256 1a9a4617325d5a1112e6f7ef40e92d47d0d64d2d52c26f6a3e0faadde7bba4a0
SHA512 9c842d829f39e49720ddeb2ad3ce06c50f95bfd77bcb0653978629febf773c61555573e2e8afafa930aebc3be936f2afb39414cbfc0b5d58fff2cba99712ea2c

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\extensions\screenshot\_locales\en\messages.json

MD5 6610ca429b053ae2b150a76a4a8c5be1
SHA1 d35254586118f4d303c747526fa0fe2cc0e38738
SHA256 6d3fde8862d78ceda9384cce8be388b8de882a45dbb2c6c00248b783d363b916
SHA512 8ea6fb1315138109c99ac434016e69495380a53a3751917700efb1373910e408332b27233116469a0924eaaef03b08fcad7bd8441b231765968e45733d93a1be

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\extensions\screenshot\manifest.json

MD5 5d8126114c61a71bffd029b5859f7111
SHA1 de4515bda68a5fa241a2f4cd3e9254856fbed6f7
SHA256 c809f00d89a94d416c82d74272792ed2e50caafc20427d491bebb877633487cd
SHA512 c50b55aad374ffb4374c58e2edd32012c49396659c43da336223967266a695ae4853cbab1d95cc66ef1f17a4f0cc1c357fae81f4fabffa08bdc3ba0a24243a44

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\extensions\lineSelector\_locales\zh\messages.json

MD5 cc006484b6f5980825c498c84c018e23
SHA1 24662288f479ed3ad361a751e5ac4accd586c488
SHA256 5a50577800dc63270f0399c07049170ef01dd8b215afcb30e5d57345ceae3c1d
SHA512 4ac8caf9e662df678a89d0938c940a62c2a84052604d6e6ea87e941bd21d7ba4a2f60ec2abdaa5e3ab943819bfaba2d0608a2acd0cdb4b566f91aeed08f26824

C:\Users\Admin\AppData\Local\UB\User Data\Default\Extension Scripts\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\extensions\lineSelector\_locales\en\messages.json

MD5 8fcef4433bc24a187c404ed7680b4056
SHA1 2f582a30e6b362ae5020f6f020c38650d95cbb19
SHA256 909ddf2dcafe1352cd66c330fbb056c801b77fd9d3d1fedf772ff9725f8e7dab
SHA512 320f0a193b49bb4b5e0b0931beb0a45d74ad69ad658c4342829af788657fdd8ad92fb85755aa026dba370e6b69b7c560db96974db71fdadded107e2ca5b249e2

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\extensions\lineSelector\manifest.json

MD5 2ef4a4d4eba11f44d427b994f2c4376c
SHA1 f216955c4a6759b5830d24ca8d4db601f86535f9
SHA256 d25998ce912a643a730f46cf8a0848151e7d3d2f5ea47332c7c6f314064fa396
SHA512 163fcec547922fa905ff67eaea14679b9d788c383cca8ebbe4544df2561333c99e953f08e9c8237ca55439321c3f0d0e5af35c6f8fae0aef16ac19435b2c6529

memory/608-1203-0x0000000000150000-0x0000000000151000-memory.dmp

C:\Users\Admin\AppData\Local\UB\User Data\ShaderCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\UB\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\UB\User Data\ShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\UB\User Data\ShaderCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

memory/1928-1943-0x000000006D340000-0x000000006D40D000-memory.dmp

memory/1928-1942-0x0000000063000000-0x00000000631E1000-memory.dmp

memory/1928-1941-0x000000006E400000-0x000000006E46E000-memory.dmp

memory/1928-1940-0x000000006B680000-0x000000006B69D000-memory.dmp

memory/1928-1939-0x0000000067580000-0x000000006759D000-memory.dmp

memory/1928-1938-0x0000000069480000-0x0000000069692000-memory.dmp

memory/1928-1937-0x0000000066C00000-0x0000000066C3E000-memory.dmp

memory/1928-1936-0x000000006D7C0000-0x000000006D80B000-memory.dmp

memory/1928-1930-0x0000000000400000-0x0000000002995000-memory.dmp

memory/1928-1935-0x0000000069700000-0x0000000069893000-memory.dmp

memory/1928-1934-0x0000000068880000-0x0000000068DA6000-memory.dmp

memory/1928-1933-0x000000006FC40000-0x000000006FD41000-memory.dmp

memory/1928-1932-0x0000000064940000-0x0000000064954000-memory.dmp

memory/1928-1931-0x000000006E940000-0x000000006E964000-memory.dmp

memory/780-1929-0x0000000000400000-0x00000000007AC000-memory.dmp

memory/1824-1961-0x0000000002590000-0x000000000293C000-memory.dmp

memory/780-1964-0x0000000000400000-0x00000000007AC000-memory.dmp

memory/780-1979-0x00000000026C0000-0x0000000004C55000-memory.dmp

memory/1928-1969-0x0000000068880000-0x0000000068DA6000-memory.dmp

memory/1928-1967-0x0000000064940000-0x0000000064954000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 05:38

Reported

2024-06-03 05:41

Platform

win10v2004-20240426-en

Max time kernel

119s

Max time network

150s

Command Line

"C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe"

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UB_Run = "C:\\Users\\Admin\\AppData\\Local\\UB\\UBRun.exe" C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3256 wrote to memory of 1220 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\UBRun.exe
PID 3256 wrote to memory of 1220 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\UBRun.exe
PID 3256 wrote to memory of 1220 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\UBRun.exe
PID 1220 wrote to memory of 4364 N/A C:\Users\Admin\AppData\Local\UB\UBRun.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe
PID 1220 wrote to memory of 4364 N/A C:\Users\Admin\AppData\Local\UB\UBRun.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe
PID 1220 wrote to memory of 4364 N/A C:\Users\Admin\AppData\Local\UB\UBRun.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe
PID 4364 wrote to memory of 1980 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe
PID 4364 wrote to memory of 1980 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe
PID 4364 wrote to memory of 1980 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe
PID 3256 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 3256 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 3256 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 4180 wrote to memory of 4888 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 4180 wrote to memory of 4888 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 4180 wrote to memory of 4888 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 4888 wrote to memory of 5032 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 4888 wrote to memory of 5032 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe
PID 4888 wrote to memory of 5032 N/A C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

Processes

C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe

"C:\Users\Admin\AppData\Local\Temp\90b57906a2bffd7182075b314160ac40_JaffaCakes118.exe"

C:\Users\Admin\AppData\Local\UB\UBRun.exe

C:\Users\Admin\AppData\Local\UB\UBRun.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBMaintenanceservice.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe --use-spdy=off --ppapi-flash-path=C:\Users\Admin\AppData\Local\UB\Flash\31.0.0.109.dll --ppapi-flash-version=31.0.0.109 --load-extension=C:/Users/Admin/AppData/Local/UB/Application/106.7.0.8/extensions/lineSelector,C:/Users/Admin/AppData/Local/UB/Application/106.7.0.8/extensions/screenshot

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\UB\User Data" /prefetch:7 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\UB\User Data" --monitor-self-argument=/prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\UB\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=UniverseBrowser --annotation=ver=106.7.0.8 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x73e6f7f0,0x73e6f800,0x73e6f80c

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\UB\User Data" /prefetch:7 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\UB\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=UniverseBrowser --annotation=ver=106.7.0.8 --initial-client-data=0x180,0x184,0x188,0x130,0x18c,0x5e8938,0x5e8948,0x5e8954

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1748 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:2

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=2176 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:8

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=2260 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:8

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --first-renderer-process --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3016 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2980 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3440 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4520 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4524 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3428 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3436 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4488 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --event-path-policy=0 --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5224 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4656 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4880 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=renderer --display-capture-permissions-policy-allowed --event-path-policy=0 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4852 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:1

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=5644 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:8

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe

"C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\browser\UB.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=4568 --field-trial-handle=1832,i,6497244688843721178,6893233194049738801,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 ub.xf0371.com udp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 d38z5zttlbg669.cloudfront.net udp
FR 52.222.161.67:443 d38z5zttlbg669.cloudfront.net tcp
US 8.8.8.8:53 67.161.222.52.in-addr.arpa udp
US 8.8.8.8:53 38.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 52.111.229.48:443 tcp
US 8.8.8.8:53 233.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 22.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 ex5n-pt6g-b6g7.iy7mljjr68h.com udp
US 18.245.199.7:443 ex5n-pt6g-b6g7.iy7mljjr68h.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 7.199.245.18.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 optimizationguide-pa.googleapis.com udp
GB 172.217.169.42:443 optimizationguide-pa.googleapis.com tcp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 168.117.168.52.in-addr.arpa udp

Files

memory/3256-0-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\ssleay32.dll

MD5 906009c15dac4d754f7f95499ae7d91a
SHA1 452cca6da84300082c8c2f910076594685910246
SHA256 2a60511530d0e57b7e5b486be691bd5fdfe16f9ad6b18e61504e152f9f7a2e10
SHA512 e79982caf893495fe1efd29cad3a43f03f342fb215041562be18e0f9fa01b12fa474398d42a5b4d8229c45fa8d81215f546f132b497c0fab44eb60976007e6fd

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\sqldrivers\qsqlite.dll

MD5 e043f9a830bc760b4e8844d280a07c88
SHA1 aea0837f22abb3a40da4bf064dbd6ab060ca4b7b
SHA256 9caf403b6f618b2e30515f8938a92c36257d0c8a90951c506e8cf1462cc84166
SHA512 51baaca10e5e8f6764742c7b3e44bf21e3db8beb32b91d60c5ec01a2d1707db970c7ce2c60064c34d41d7a8c262b304bfaa97bddb8144f37d84157750e3e266f

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\QtcSsh.dll

MD5 c6169bcfe1f0412f4c255b931290260f
SHA1 2390948f1c85fa01fa4604d7ef391735d68572ab
SHA256 d648ce2e0619fc39e3bfdee7ec9fb7ab7a32a62389695af0256c0ca6c5e8ed6c
SHA512 c392de1690fc148d8df8a1dba99b6ddeb9e5c0f25a453b6a1e1e483234bfbcd589e010e614d10d564837c0dcf276bcbf5657161ea2c84b14e9183b79f60500c5

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Qt5Xml.dll

MD5 1abc784e1b8d1b5d0769743135729c40
SHA1 842ad1c0f6d066e9fcf32199ebd5351dbd818942
SHA256 010483eda8234778e1085eb61bd3348087379bd1dcd27c30b6c9f99ef27d0220
SHA512 a5a4b1b5fceaab819927a3317b0e2a8c683c360279655dd116963703dd7da30e2c0082fc1b8c2f6dc18ac7e25c6256c44b75cd4e8537dcee14252f81f2e8f306

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Qt5Sql.dll

MD5 4c98926aed327c0248111be855f3d039
SHA1 0351dc9112245ea3ad575755a15e31507c0fc8c0
SHA256 0db964aad8a7d3b19e2348ec16860902d2753060dc6b44d746a6a1d03b1d4b13
SHA512 18f28669bcedd7bb71788eaa30b999ee0013d3a230d60f7c138c0bd799141c0aabf8568eaa68bb7d4c65536e010775e56251b86606424bd498c3730120dc9450

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Qt5Network.dll

MD5 1e20d73283cba98eedded0fa42152083
SHA1 4e4d0a643a30d1c830d9a1bb024295fa3d494593
SHA256 c71afe298229ebef8c23c87abcb11bf203b3c837af62d00c8a6cf5379f613ec2
SHA512 eb398835c99b1a1973d33a6c67d043a1c7a1ad1d11cfbe9db42a6a88a07d34fbdc3906ba910591e8f45ce866da7e185ea8fdd8e845a6fd303fab6e899361fbae

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Qt5Core.dll

MD5 58388131ea2bed0e6abcd5b7f2ffb4b2
SHA1 df20f769c01ba548bb04145362045cde2dbd5b9c
SHA256 c4264c0be7206d5b7d0024d908fe96cbac7c4c711685844743b7d1defe541dfc
SHA512 9b20e296de29fa92f83946fc0d148d8b0582d1047bd320537c8b9e6c9d9fcc41dcb8aa56f7114669cd6831b5381553339da3b616c69c077f628761de53dc9e8b

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\libwinpthread-1.dll

MD5 d128ae39a79e5d196fc001907b5ec3d1
SHA1 71de74d0aa93903e0a169c88fd21e0c617f0660a
SHA256 4195ac1e3a4a8056de42c31d511e0e595772439adba96180b8953ef5f135f7a5
SHA512 5b32eb7e2f01fb17ed0c4434a525ae3056acddde75c32c5036c18b6f2ffa4cf80cfee9bab4c824ca313e6e33114ea0e761dc8f75db3bbbbe4319c079848a3c06

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\libstdc++-6.dll

MD5 c283d446b34e75019b81d0981cb11f0d
SHA1 a6e146975dfc55b0659d09e25b9a69f7cff993dc
SHA256 f6530962659d0641236a42517a30dc55c4fcb7d30e942c3e820af343798a770d
SHA512 eb51969a79ee4501c955a81cec9f07e9a39007c1ea69c5021e03ebf3b640d949e19f6e0cd7af969e80ec60ea6b8477804fb76deec2704db503e72906103fea63

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\libgcc_s_dw2-1.dll

MD5 fadde43c97607e4445a6f924d851f04e
SHA1 36c1aa0e1b6d4a322c350f5e502c10c64c203041
SHA256 f0614835136413217ed3baec9ba22aaac4c37956afcb0209f1f89b7676ae86bc
SHA512 66f5637419f88070838ed522defad9aa1b46dd4fd8cb045e0292742831520740d152795b6e99770f34061db596019ef3a342a956b541180e78d1c48b2703f42c

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\libeay32.dll

MD5 6e9bd6cd2a46013827beedd7492c8ebe
SHA1 791040e2e3a672c17812ed7609c460d219839c78
SHA256 901f7b4311899bcb506520733893ede6616d946e040e1d7b3cd3fb292153404e
SHA512 304585183d47c32749fd6c9e378dd1dfb8efc579fa7f5caefe438fe3ae3d3c78b546bad76ef274f32d49ad3d3282e6c9ca4ba71b83d9f0276980f5b344e6774b

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\icuuc54.dll

MD5 cd6e2c4817bdd06fd3de63387fcbf2ed
SHA1 be011ff22d1dfc3f98c354f1f5570e4f71df8e30
SHA256 194c9681e1543bcb528ae6e49f7095454b0506b08a0cb7316d06a40413ae3b61
SHA512 a56f5ece467fbb6f79a9784586d3f6bbc832fb8b2ff53353cc463b309d9a63a4cdd91931b0f89cf677240aa798c244f083d054a6542281165d11c2fdbef5742f

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\icuin54.dll

MD5 7ef28f00a7aeef3d434467c4abd57118
SHA1 605aede38f7a06c34343b775b7d42a5f591c5eb2
SHA256 745983f9fefa2b835b638bd82ebb643b6056fa97ad09210a316bb1911170d8aa
SHA512 c016b8357f5d67d62604b19abd53c26f6a6dd54ca3d5a9b4e6892749c30b902dfc2b70f3a0d453f6d9c70d56798f610a68e75abae3ace752bdd850b7bc8c6ea7

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\icudt54.dll

MD5 bca193bb9819d5ce974f312050074310
SHA1 7ce9788facf63ce66f7ff19d25a748c1320ba037
SHA256 e135ea3570731efd6537890407ea33f4d7019a7e607de2331a6f0074df43a62e
SHA512 a0e1501e90817715168ab1fd0cbc8f2d3142144edb2becd684d1af1a4b78e55864f9329d03a97da3cab7f4297bbafe07c34414c7984a2d7f078f8ed532e69561

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\screenshot\manifest.json

MD5 5d8126114c61a71bffd029b5859f7111
SHA1 de4515bda68a5fa241a2f4cd3e9254856fbed6f7
SHA256 c809f00d89a94d416c82d74272792ed2e50caafc20427d491bebb877633487cd
SHA512 c50b55aad374ffb4374c58e2edd32012c49396659c43da336223967266a695ae4853cbab1d95cc66ef1f17a4f0cc1c357fae81f4fabffa08bdc3ba0a24243a44

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\screenshot\js\chromeExtensionBackground.js

MD5 63c298be6af4dbd75ae047ef8969d6b9
SHA1 9541649e17e81295f70ade8f7f49efbb494eafcb
SHA256 df92d3e37f0561385cb5fd1529843630b9b21805232878e73767cc1967c53754
SHA512 9cca4653451db901aedfe5713a6c04bb153218e8429087a7b81561030115c3d910288197f5ad23c46261d64625bff4fbb151c76a8b27744b82ba05f296350c39

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\screenshot\js\app.bundle.js

MD5 eb6e5903136f2eed0c2c140f1d1f8f77
SHA1 c7a7523e002c35b504e5794e784510fd6ab640c6
SHA256 1d5417ba66fac54865250fb545aecc823f596595f056c990625adee30448bc8b
SHA512 455a3535da82adaf66e3f543cbfd754a80e86aee9c4422e4f00283d2a20bb51be2d7db7b8c2e4a0a1f3a845a57d52777833cfb6461d9aa9af1ddcc857759d402

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\screenshot\index.html

MD5 4c982d6b93917266d207b850a17a02aa
SHA1 60e5e52aad823fedcfc3bc7b1191885e8c56b837
SHA256 d7e726afa0fb55fd2692d14958c96c5e2e7d2d6785cc2a9b1343c65320b1f352
SHA512 df644a01522ef69d049cfabc49acc0b6a2ef6d590c7c7dd6c758333fafdf6eb9992b26a6293f05971fd924238acd473c502a853de71661630f7ce98ed17113d7

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\screenshot\images\upload.png

MD5 877666349d241bf45f31b51280bfcfc9
SHA1 2adf1dfc4b46483e4351ff2f1f3931626db95ba8
SHA256 f7dd7aef0166e79ac292d832eec019785e415990b6c853212074d7d7d0689e6c
SHA512 fb7343b2de5f459f4b1758790bda66eaf7f18c01b70fa362ba01871508ffe93e120282f7c151ed9f09633be74477ab9b877d5a64aac80ee451d022d5d2c60f99

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\screenshot\images\saveFile.png

MD5 b0cfb485386aec40d5f799341dc3b62d
SHA1 2e4d00db3e6e8e4336b944feea9cadff04224bba
SHA256 5ce492cf35f31750138ded50c64da348ea7bf56d1a5c736e784b7be6f160978b
SHA512 b76c171fc1b3035f6557753f4d4af2065a02466a26613e524edbc2f87f91e51c0cf3cf20b35b9dfdfc8a87c886ee9d5d6063d3f0b71a43ff44ab6bff1a6e6d43

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\screenshot\images\camera.png

MD5 7060bfd453e551abfc0ad7f2666e34f0
SHA1 e9e0e7bcb8e6e04d761ea4f4008ffd059f95b28c
SHA256 2439ab3e4681fc5ec6c11a352ed2b6862cd0f8ac8bbeeb7ab8c85844fa564ae7
SHA512 a5943dbb18192cf4e1c3978a4f4992bc7db4b86d4e32b87882ebdddb1a2f22a93296735749887a20a44c2922d0438580358422e2dd0df528a8da96fb6752aeec

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\screenshot\css\app.css

MD5 43f437b64ec5e4c49f1f493eb726b65a
SHA1 a41917b3329c9ecee1fe25a9285a51d7db3dc861
SHA256 43866d1f06ce9a37fd72898cf209fd19b9e0611754f9e79abcddaa7f77fe4e64
SHA512 305d60bbb2185fa0ff9357186f73597e03732e49e4fdf2cbf0b819dd1cea0b566fae818654f8c18f8cefc0ec24ea972ea57cfd5db51bef5a2dbb6e9419155573

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\screenshot\_locales\zh\messages.json

MD5 11f12ba54629abef6ab810cb12686bd3
SHA1 8f10a0b8ed91dbfcfd9b42050e65da3cb8a7998a
SHA256 1a9a4617325d5a1112e6f7ef40e92d47d0d64d2d52c26f6a3e0faadde7bba4a0
SHA512 9c842d829f39e49720ddeb2ad3ce06c50f95bfd77bcb0653978629febf773c61555573e2e8afafa930aebc3be936f2afb39414cbfc0b5d58fff2cba99712ea2c

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\screenshot\_locales\en\messages.json

MD5 6610ca429b053ae2b150a76a4a8c5be1
SHA1 d35254586118f4d303c747526fa0fe2cc0e38738
SHA256 6d3fde8862d78ceda9384cce8be388b8de882a45dbb2c6c00248b783d363b916
SHA512 8ea6fb1315138109c99ac434016e69495380a53a3751917700efb1373910e408332b27233116469a0924eaaef03b08fcad7bd8441b231765968e45733d93a1be

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\manifest.json

MD5 2ef4a4d4eba11f44d427b994f2c4376c
SHA1 f216955c4a6759b5830d24ca8d4db601f86535f9
SHA256 d25998ce912a643a730f46cf8a0848151e7d3d2f5ea47332c7c6f314064fa396
SHA512 163fcec547922fa905ff67eaea14679b9d788c383cca8ebbe4544df2561333c99e953f08e9c8237ca55439321c3f0d0e5af35c6f8fae0aef16ac19435b2c6529

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\js\chromeExtensionBackground.js

MD5 c70a32fcb5ecf027b2e98af5e144c2a9
SHA1 730788af1f543b615eb188fbb9b95b1b5a113c5a
SHA256 ed569eda1b4fdfc49bfd9b6419c3a2495f54b845f4c6d9bc5237e5ac51306392
SHA512 92189e2d53643b9a7ab32353fb512711574f182bd251cfcd157d1b6bf306b4aac1bf63af8142e51da59526a07386e7b373c6be2832254a1e4489efe6fdd0651a

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\js\app.bundle.js

MD5 0ddb49c7d1168468b41323e1961dcb40
SHA1 8cd1e774da2ddf895f8a0930b3a341fa8e807be8
SHA256 0e519cae0ed73dff6ca542caa22f487ef32967b8f20c90c262a20dbf1dd09e6e
SHA512 fd10d28877d858a15e20c6703bf712c9168c56625e1298b18ea9ed27bc1811afb122a46b3e2da5961b184e91fbc0904a4b1ee4eb9450565cabab5a828081064a

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\index.html

MD5 c4710df19164a98d335e2736bef9380d
SHA1 282caac29d34660d630c9ddba98bfd2f8253c045
SHA256 8a77bfac8964e8e27255bf287ea22268f305d5e9cccd585252cd737b7bb3b4f0
SHA512 99c9dfabcf3fb7f633a9c3c315878e28f14f57fb73a5c059c5bbaef9d1d9829cf10778bb8656acbcd35cead86e5d56324d984c4b06c01624cc662f60565190e7

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\images\undetectedIcon.png

MD5 8eed950a4b647edbe5738091d701e872
SHA1 8c2fdf8b0719ba1a665a81f478acd7c0894b90d5
SHA256 7f2a772337534ccc710b70a991410e6658b2ff4f04afff1915bdb49f1dc88c70
SHA512 fb208770a557c79d081c225164300681fe85e166db352a985e42a920655f5b6d12fa9e9ee4a78c20448250ff8e1ce5d2c66cb178f48aaf5e3578be98b7c4dc37

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\images\selecting.gif

MD5 bcd2209a63a8cdb5c84a4018ab90ea60
SHA1 0c5185fa67f47dfe0aacd357de71e2cd565df754
SHA256 b9f124721027763041dea3ff32abc803cc2e56ae9adeee3eceba0f30488e5124
SHA512 382169f771c08166a3f4152606cfb6f6944cc1873574c6588315a978c45d2cb26069bc80c09762cf84379869f787f7c17e41cbf7b4135aa9c71f7b1fb5d62a43

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\images\normalSpeedIcon.png

MD5 c3fdc9ea9c1014f45cdeb97f39778d0d
SHA1 848a470fa236851d7f7cc57ce343c4fe4e95bda6
SHA256 a480de6e366aa7d862842be7fae82c08f55e58c0ae7a28a6417318fce99c11e7
SHA512 b67b81d2bb5614657bb53829a8ec75149bac6f9b29073580d1ed3165d92999d5f21a0e75ca1b332d8a2f52227e25b2decc1817d1fa068edecbf01df35b02ffa9

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\images\lowSpeedIcon.png

MD5 c5ab038a512dd6085abf69b269149ae9
SHA1 9413fa0e0bbf44046087a8f03690e17de971b349
SHA256 827be425aef7c1f84ec3e46e143480987876fe782e47c2f689661f798ae1e226
SHA512 c474f7f6f3cf96b5aa192d20dab9f1c05fb0f0c37b58a5d8630b138d59aa1314ce4381ead7e51f8da7ff554dd3bfae0389bcadf9d04d8d84dd98d777abca6bdd

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\images\highSpeedIcon.png

MD5 21578b84b95d5f939793bdb5e4d35e17
SHA1 af0b1a542212de31aeaebef24d9b9e84396168d0
SHA256 2676e8126fd98fcd629ee9b8a3a4164ce5bd9a4bb0ce70bf02c8318c4e0f1297
SHA512 63f92684fb9a28f032ad1fa745e999256c9927ccc3533a6c766e3b4459317a4dbb5fa5b950454c27bbece5e9c3515670f0f8bbbac768454a426dc4c5b3e34b3e

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\images\extensionNotification.png

MD5 788e78c2133c9a60030dc9aa6bf406fd
SHA1 e484f30e21f61f59e89a6dc115e63b7bf1eaac49
SHA256 33be6018ac50d80d87cbb3e167b4b069d1c3a5f9ce60d384877ad9ae2ebe8a44
SHA512 d4315dd43b4eb14725900f24f173a9fb26340e2b80e8e11d6c9557f2777c9dc444ee45389fe978955a1973656766a653eb17c647b30ed694dcc2bf8885258944

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\images\extensionInstallIcon.png

MD5 33b22db842ac7dc80f7eaa5eb367c8ee
SHA1 8a26422e68df54239cfcd3f32146da1ea6bff52f
SHA256 ca2fcfc753bbbdc01715ebe8fd6f71864e218ccbe33e1582183ea58d2ec7eaf2
SHA512 898122e50ecb272d5a4c80efce0b63fe06668246915e48f46d0d95711e3cba53edfcd9ff88ac253111b5591611b99b299f5a7e509d680fe015a9d534d4a22032

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\images\extensionIcon.png

MD5 e2ed4d99e007bef09e2cc3c4a98c522b
SHA1 e928b41920ea348f934b3582572f639f2e0da979
SHA256 01024161de4ef0baad9147cc7d1859e031f788bd2a180ce82064d24962d184af
SHA512 e47f709db21ef07778bfc506526ae001db369fb0a93365ceb86f8b4f618bdc54d440badd5538cfa88bed543c2163b7b16f777e24d7105dbdbb7f1b43e892142f

memory/3256-282-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\images\extensionFailIcon.png

MD5 44623b6418e3e477cd7c350f1a4fc816
SHA1 85ee80c2d34282d2faad1fa91a2672ce5220e91d
SHA256 59ebe72cfc5577860fed5e5ebae2a53376a51535df59aee696a7dca9e2f0963d
SHA512 463382a45e9ead4c6cecbe2e28dbd50bfecd8d96e482a1c034197cda09ba4db40b3074d969741b2aaf3c290308aacfeec8c285e12b2724d5dedc217902a43d47

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\images\connectFailIcon.png

MD5 15ec44f4a8f580ae266f46c6e4fad624
SHA1 e9c92fff15c8517f7d5cf073ffe57c6b4cbf134b
SHA256 5478249cae82474dd3ca3b723a9be5fc93e31e07bc3b837d9834fece3fb00f7a
SHA512 e8789026263131a54830a85495e1c3fb503e0fcdff18a4a04a35ab685dbfd266ec38adbba6fe49cd7497b8c247e509a888cc6fbdc8a63f2b229490cab474c572

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\css\app.css

MD5 c3c893b038c159bcbeff7e0adf0ad766
SHA1 d12a78ca3a235ea95346a17cb6d339eb37522a00
SHA256 b92bfa0c906f2ec034ca75f6d4e1d23d895989f16f3bcb8f0e6a437ba39f87bf
SHA512 a2223f8710d5da6b79897f84941294778e1e2149aadb4c2916634892a3681b4bd55600d8a33ca0ffb0f00b070fd364c65e3eb4a8a10c2d58e593cd74fc78970e

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\com.ub66.ieadapter.json

MD5 fcbc0f99c834684f3e564e16a304d5cb
SHA1 519f8d500b5f35b557728391f75e739c4bf4d8a2
SHA256 fb03ceb26c0914bca4fa4dec0ec0c5566260ae7cab028c5f0f44e0b7e3fa0d65
SHA512 c76009f40e10a547db744236a61d06521e99d807718af4ec71f642f51de491f3eb7b94c5a14a45c889af14c8286796f1f988e54e50627c7d54093bfd13a945b8

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\com.ub66.firewalltool.json

MD5 9bbb2e2ee959fc42bed6c92f5de92a04
SHA1 f2a1e4381b8ce4cb7a5f51ea67464764219c881b
SHA256 95dc0b105d74bc0610021ebd1a3f530813b3ddcf1d4a65c46920a953ccdc37bd
SHA512 987d25d626887c4206964cdc2d838abb4ca55aed06d6f62b4a03e04690b6daf1f87cfb2e2659a0c3addf3e3ee163541b943f0a5947f7e68c02232e79991f3ddf

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\_locales\zh\messages.json

MD5 cc006484b6f5980825c498c84c018e23
SHA1 24662288f479ed3ad361a751e5ac4accd586c488
SHA256 5a50577800dc63270f0399c07049170ef01dd8b215afcb30e5d57345ceae3c1d
SHA512 4ac8caf9e662df678a89d0938c940a62c2a84052604d6e6ea87e941bd21d7ba4a2f60ec2abdaa5e3ab943819bfaba2d0608a2acd0cdb4b566f91aeed08f26824

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\_locales\en\messages.json

MD5 8fcef4433bc24a187c404ed7680b4056
SHA1 2f582a30e6b362ae5020f6f020c38650d95cbb19
SHA256 909ddf2dcafe1352cd66c330fbb056c801b77fd9d3d1fedf772ff9725f8e7dab
SHA512 320f0a193b49bb4b5e0b0931beb0a45d74ad69ad658c4342829af788657fdd8ad92fb85755aa026dba370e6b69b7c560db96974db71fdadded107e2ca5b249e2

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\v8_context_snapshot.bin

MD5 2a68f512b2d80c9f9092d8766b1f8519
SHA1 c799430ed9d30e56cc5d54bf1c8c8ea84dbc0a59
SHA256 657e6964658bfc1c475d25083f4ea52af627865af78654f2a3ebfbdee057534a
SHA512 1d4ec445bfbf60761c6d75b96bf4b1fd31d8f435e4a0d5e77a35cfd0e66a160c7db10e1b7ab330369f8364a335db44d24ab7b1871e210b0d6d5bd5ef68ead41f

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\snapshot_blob.bin

MD5 eff0bb5a379135c55fd7be8aba1ee83a
SHA1 7e31143aef48be07670da6f64c019270e3bdfccb
SHA256 c5138ec9eceba5960305ef676d5f4a1c02e504fcec3a4093f2fd7409d7e20cba
SHA512 0ad3abec81d3cb056b94cdbe2886dcba2d586a59cf06d5a89022f0878ed62405cf72b4c298a86ed0eee160ba3cecec9435940e7a10ee64df104f61a501e91ca8

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\resources.pak

MD5 03e919cf26d0f7f2109cf40ecc1c5499
SHA1 bb43c9114f73747bb9fa0f8571fb6c9f8bb954b5
SHA256 9558d09cea5294c35ec92ef50a6d020bb472f03896852d7c13106e6253c5ab44
SHA512 70d3f9a51ca42baa4fc2c64ec7308b532ec68dd03d60a4b5fad835df04a7bd5e2bd71b0e5e0eb8929fe9c389f502fac14aaf7d8e0dfe47298cf2f9ce7cb37111

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\nacl_irt_x86_64.nexe

MD5 c671cd1155b05e4ea7e692663301185f
SHA1 a5720a62bd216ea9c400ac9ba2619032f13c2d0a
SHA256 6ca6cdd5ae14f7b2be1be12aeb7ca31078b150f342128f4fe6aba078f1220019
SHA512 72ca73a013143062d20815ea9cc15b56f85c00e9d71b640d62bd86063ead163491e7951492f44235bbfcead136f044782aeefacfd00e0f815aa7b8ffd4324c83

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\nacl_irt_x86_32.nexe

MD5 7689e7e39f59ab85423d0104a7541092
SHA1 5269415e49478de9f9137118c054610c9269c72c
SHA256 cec80406f6443277d1120d1161e048f98a31538bff93584897c400a9735c24ad
SHA512 3a240492d4458c71e5654a70267d4690887f35f4d4aab2bd6d2075412ce9498696417cb4f41ede812d390000a9be4b9ae7a7f8f12e2d5d43eb45f76baa6cdd97

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\zh-TW.pak

MD5 47d078c511f36173cda9de0cad3b8f80
SHA1 51f35f018bf7bbc3acf228d7e1f5ea9a22c2a892
SHA256 1ac0d361203fc5f550c90cd5aa34589a550daefc758e334afa9590b3db58e85b
SHA512 57eff29e1da49af28c74ec1db5f7dcfe960a847f66dfb47434cd46bcc30c733e38e41f40354b863b6c5846e8eaad76d51082a6ce0d9c0f75715af520bf4354ca

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\zh-CN.pak

MD5 715e1f2950ff1dda916161a933f3d73f
SHA1 86f6c2182b13bd3b093741ec19902b9ce5eb06f7
SHA256 93ee4e1509b1e7aaad3401ad3b2ff175edf0f8709ea1c9ad976e5b9126f7cbaf
SHA512 a05418588b19cfc6d453c72dad07a89ecec5311324ae5f97ce54b91e455f61c702c24036480f08c544056c04a59f4ea9784817b0ccf0f78174a845c81c2301ec

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\vi.pak

MD5 a424a94f4e9a0f566082adffd2fa0992
SHA1 a82f64c26337528dbe6d1810831ee976345abd4a
SHA256 33498ff44f0488d173ff9f51bff75f0009271d7cd7e5d808bcfa9a1fef865b37
SHA512 3c65a6c2050557aaaddc1086db61d3bfc6ea6834f536324f9bbba2cb1325ff038d67c499fdd35121a93c4f316db92c3ebec58872e5cac6fc8649f8e69d5667ab

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\ur.pak

MD5 ec32a6db6ed3eeb00b891b844560e6df
SHA1 4e90d52947b2ad05f0cd966ab5f75a3d62ed63c0
SHA256 fbbb73792efa4c0f02e8b93fd143fb044b76b6d4fb3c5fc0787b81bf44565a3c
SHA512 84d8a316d1cf09dd2d390f348253a597891eb0757c1ef3658362117be8f5cc66f5663fe578afae7eab99833b6f934589a1c9b0c28aad95046fcca6787dcac097

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\uk.pak

MD5 95df19f8d37aeecc44dca95115d0a460
SHA1 445c6536f8ae3522432fb4880b42861186e9707b
SHA256 144a480d7907750041c938a59f157bdb7630dbed7b1546184a899a991ff48dbc
SHA512 966471792fa97c520e3fe6bb120f2dcb29bf8eb5c7f60cc943489365c14a7d4a6318c32b799c1c1db5a2586546b565aacd389a16752462812a53c27a2d287f7b

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\tr.pak

MD5 b708daeae7caa5426a432c9e6f9f953b
SHA1 cc5d9ebfebe82522d706aa74a3d3a2d5f2e6e05c
SHA256 8e9e97e6244f3d39f120f9e95427ca66cab0018aa3d41e7b7c42bcefeb13f562
SHA512 caf2927510d445776e1aa43c907299f6c092f0d604e60b1b4e86af62f0d9184977aae01332356078b65007c2924366cab8dbde96c5ded528dc0196d7781b05d3

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\th.pak

MD5 8ebd5bf65bb5facfe0e6094212b4e8be
SHA1 ec4d16a588b4b50c66aa99b276af31e5c9c1e2b9
SHA256 70a2bc6bb66687720e6447d34d0c8fab5c6d5ec67a39881b344034fba48bb393
SHA512 030af0d379c3f941a170cc3d33a19bc150fd20277027924847c399db9c11700f72074875f73dd9c84fb6346222d87ee176e96dd0ddca1d07ede6ae0f1d111825

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\te.pak

MD5 08e6fc37d68911359c84197d08dbcd0b
SHA1 2301a5465767887299b25dcdc58d7c62fba95ea8
SHA256 5f6f5fca377f90e23533d62641299924e422fbc4a7b473e3b669db7fe85d84c3
SHA512 51305e4639400f71e35a242ca283a774175753f05581c80c30031695f323a8455730eb80c5247d4f190072c71b882d88683f39a51fcbdbf41f1defed901e2395

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Browser\locales\ta.pak

MD5 f6018662c2370fceeb088f179a520279
SHA1 c9215ba59993e16fcb7f1938c287fb1eab635e0d
SHA256 d747776ca1381585ee5e8a7f30c973c01eabf854f6db6a57c01e966053342a34
SHA512 ec151cc4d29121383f9f75f0d758661a9175848d40b0f3be8d943aae0c831177769b9af117f9292b55fac58c600d7347881c14689af844d835034eacce928a56

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\sw.pak

MD5 bf8867b82acf2d68ff3904ee6416f63d
SHA1 0e7da5f1bf93cd1fe5df5a192464dc38e1957dae
SHA256 f336092d0b535a952b2126b5bc9cb2999d1547ff034f2617c0d3841f80061387
SHA512 1ce9319213bd45250f337a695590de4e2f7eaccab7189d1068bb3dc87a169f826b3ef2e94f53f9e33863f6548ec61ed6383b40350d451c2967868b781d3603c6

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\sv.pak

MD5 b35b55385cbcb471d10ff4292a86653c
SHA1 f990b236236772ce5b6f0bb2dd60dee68d1d520a
SHA256 a4ec4bf1a08047cfd22bbd06756f24594bf91096565f5dac4f6961081e4a73eb
SHA512 76bbd8f9c7150defe29ed67575e7a95226e317c67f775b95868ccec9ddcc2603ff467e739e41b53bee2a7ca641ab8b5425fae7010d9a5c87a9709ce133ee8a49

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\sr.pak

MD5 4ea038c8d2af75714664ef39da33b11b
SHA1 ed17298102b7201165ccc4e54b6931dbd87a432e
SHA256 50263a845222fabd8d0d148d57ccf0fc7960fb6b9fa217bd4b2f5d253532a607
SHA512 31304932a7838212b227ac0cbc6eb6c6976c6907059b82e2458d6a98da5c13ed244816f4c5806af59c501fe0e35b7f92b0fedb8078ec56d907c7c1f06e8e1f99

memory/3256-501-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\sl.pak

MD5 d6d7d0874ddc3f37421ef7c8e5c4acb8
SHA1 24ce487bec36a59714267e8d5b3d2c052d6055f4
SHA256 bb4da29e3d1874728111601a8c91103ed7373db7f7c6a6e2513408d0ebf4e48d
SHA512 c49408b47db80f724f93af009f2c63f14cbb4690c835c6f3452c9f03cfb2fcc7f07b282c5c04fe603f7e6b7b8db7135d705e2d90f7b73f6a5418c834bc809c5d

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\sk.pak

MD5 230f85b04919f5961502aff07ec02075
SHA1 f9e2d8cc4edf1d8e8ae8d9b5e4badffad94312c1
SHA256 0fae749d1b5c4e6eba77477f1fe9c1f51354c528a7a3720b4a5fa434741afd57
SHA512 c94b936d56bcafcc9811eb556412e6313e98755b4fcba4b72ae786b4582e8c0faa033d1ccbe48b9ccd63aad47482a43bed5c57b0c02ecf99d66c562113126d98

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\ru.pak

MD5 88024ea77db59d6f283eeef99ed379e7
SHA1 a9b453db5338bb5247a2e16d723ea855c26ab277
SHA256 34163b75925dc40d9c8160d2018a7e9d82636040b61ce29e6e718e69615c985d
SHA512 cd0573ab97320fa18646eadbcc7170ef815e35aed041eddffc2277669279d8fc08690b410f837b214eb5a413c75cad262f84cf62d2bb47c9bb2f2fc8e065e86c

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\ro.pak

MD5 a9a4dbfd3314579c61a8a34fbe5ac9f8
SHA1 f5e837ef69b8d14a98b81e77f3e8253257e124e1
SHA256 574a4e4ddab66f6b59215baffa19a7b273167b062f570d5225bfdd0f6c137799
SHA512 c1443140cb5a240290f6934611d28ce582290877939e8861764eda3b225a5b7218c80655b961096a0e22a3e7e749d25fa0f17432b38307a65e780f056ba3eb64

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\pt-PT.pak

MD5 60206854174f50433798fc37257ac2db
SHA1 4257f5cdc6d3d5e3dd92dd51f60877ccb16c83a7
SHA256 652746adbabbc609730ffc285335aed133b0b47d78871fb485531beb668f78a3
SHA512 30469aad621ebda759b7b580bdd86539d3954199a82cc1ce70ed173ee72bfdd0b46a158e3c33cbe22d0ea4efecd15ba187daf21b6750d78fbd668f7c854dd913

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\pt-BR.pak

MD5 6ff471b07cd5469aa2228849b99dd8d6
SHA1 2dfbece8396c3aab9277db4804e29795b826ab78
SHA256 a89dbf730225aa6a275800ee7904c0ef83385b381de67e6e7febf8a7e2135b1c
SHA512 7143044f7eadcf09f1cbf083f23d2089da7c76591dfde32f4dedb46c23934914631e2ea8b14205f5122ff0b355d006fc02a3eaaa1bbfc8df68f1ac18c00194b3

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\pl.pak

MD5 17c9f64f53759b806ac0b4d20e506c51
SHA1 8f03f1d7264287f0952a98d2f91d94d5915cac05
SHA256 a6b929a798dd94a0e46164968112b380720857086f8be5f59a5ca1178c79bd9a
SHA512 8bbe8f4b3691f589b173280966e4b7b64e48bc72e5177f8023f0492c6f82fd07b93cd688c1dc20f1eeaaf16beb41a3a2572ee702cd913f1703783ae12f6b7008

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\nl.pak

MD5 6869b9b4e04a7c9fea7720b7257067e9
SHA1 12099b8890e2999ac94748dd308ef0f67d02a6e7
SHA256 32fd6df087cba9ae62a1759646abfc1a29d211f2a61fdbfec1ea8d265bf3872f
SHA512 f2278c2172a1ebc467ee53c60ff29a00f007ebc04312ae9d44e92160a7f5006b8d99824f9fdee429bce47c33af54ddd2f3e4536eba194a073cc29d441c83b349

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\nb.pak

MD5 bf876dfcdc7de37ed09a83467b8ecb90
SHA1 80e02607c074afb26e389a499f63626691abcf01
SHA256 f841183de4d4595a46df1182fad4f76292f04bc6382054c5bb8707e0cff8cb37
SHA512 f38cd75c3cc0707e20fa33cf82f66c62d8a4b05c2e5db6a487dfa09f52375acabb3ec81e9d0172863b90122dc4c36b413a2d16e111134130117d0db847e1c453

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\ms.pak

MD5 7b128924ecaecc2ee908f964f1987959
SHA1 5070b546ea7bd8e6f5665a985053406e026d4409
SHA256 ac228142c903f58c5995a6e3610030e755537ae50a71b31cc3b88e97768cc837
SHA512 b41544b6f55f882d62e44b7c7bf1a42b3615212dbe3d1b44d4fc27d00945c9a58e38bd5f406f252c9e6776b0290d15867d30df87ddf0908ff2ed5a121c32d3d0

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\Browser\locales\mr.pak

MD5 7cdbd4c3ff0b51c3ebd2706872c60f1f
SHA1 caeff15280b1f254aeaeb63b7cbfc47a8859af06
SHA256 bc2c411991058710b934e0c1407dd441166875a9ce337a1195d2ff8318d10916
SHA512 6205a80c8355023d9f594c84a0f2aa4eb5448a6736739596dac12f9a0d5e8c5f3da3153dbd9313d70f873aeaee6ce90d080f20eedf9bb1383cc8a4e80e30b231

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\ml.pak

MD5 d36a9fe4c87ab10a57d6cb0a1bf28b40
SHA1 5427e8b9ec9ddd227f4452d61e8aeecb9e81292b
SHA256 f2b42e2e55431dc5f7a4c06534c8dc09971fa506d5fffb37940ac7a800c3bfe2
SHA512 ac1b8bc715447e66e795b2a374ed9ccd6473713c5d121f56bccccb07e2caef5a1e73d91bf234c723f2cff97d3b37b0ab46966dba3fcc1fd06cdc1a81bd6e6782

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\lv.pak

MD5 fd0937f44d7f6258fc7ce94717c4b8b3
SHA1 69f6402ff70325988cf8aef0a04060d46d633e0a
SHA256 1b1f08c323a0378cf46b16903e172915d057b7ef6c7ef0f0ba87f4ff7e08b88d
SHA512 b39d1d5ae8f4830edd830dea2a62b729726025d68e8cf7c9c32a4ce14d654a4e00c66a2b521ae8c1895aedf65e387d79684bd1a2aa2630c1265978483fbc4724

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\lt.pak

MD5 a6e8af2b0725339659a6c3dceeeac45e
SHA1 b6387217e299eb5c8ebfa403a068e5283db039d1
SHA256 f3a544b03f707b8373bc14f10f5b9ec7644909ad847466a21945fabd1221a293
SHA512 71dc1070bf575045192709a92b847f5d20f22428c99ebeb0a72adfa824d8e7c129d3ac9bcecadcf6941784980cbb0c416ff54ae40aded28b5f8f01a030edbb78

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\ko.pak

MD5 4603885d0a5a8669cb9b17c60009483a
SHA1 803216b6f52c402356b81f7d81772c67a13b1116
SHA256 ae25523f9601fefe8378eec809279e8f5bb3e333e9957d3ceede01f1d6fc0828
SHA512 f57640fb5c0b2e35994983f156ebf1e6aba48afb7015fb6b8d288467f27f7a954f4a10bb80e63987bd2cf9d337264faec1ea458bc08701277d6ac0dbd5b73cc3

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\kn.pak

MD5 9b75424e0492845c7876e418955b0465
SHA1 d55ca4ddfe79ae3d2fc15b4b791a460deb066d7d
SHA256 00aad07cbdd600eccd6127b2818f2bef8c7c3ad4199530bd743e134a3fe3d405
SHA512 491df0e778e607f23618b250cfda77ff7362b88180b281618d9830620f56fe438a87405a57e535fd4ed969a26c802c06271a9d01d0cd96ea99eaf4128dd0a87a

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\ja.pak

MD5 74d092d4f3d922b71a40aeb3566b3684
SHA1 aad962eafb7be44bc3bc5cf1b1fa870c62203731
SHA256 8a75eb8e73280095ff4f04e5527f044e0cc75c9fe68f388620badf87697a1e1f
SHA512 f19200d9daaa522e3c038c2d67cecc6337901919039e21ad0bdc16bcca930bf9c94c0d6d61504590378bec323e89df1065a94d7ab35c69360473e55990ed6f82

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\it.pak

MD5 1d85722c7dff6f50694e8e20c6fd3086
SHA1 bf5c93a4a5cd39e9182a46358b3f77ce53820af5
SHA256 2e7b3ee87317e472bab83a0989949f8d6c2a23e5c2615791d5216fe3e842aefd
SHA512 c52a01639381bd49077a844a40f802f42907b12cd46e5aee7056bb137b672e19ac59b4c33207293aca45e18bfb4e1fd80b5aeb4f29241a7544e283afb2b86883

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\id.pak

MD5 3bd2963b24ea56dbf97ed40bcca31c7d
SHA1 61bc772b685f1fc22e676e08eb76abdd63b723d7
SHA256 e48cd48d043d39ac5880de79f0c5ec8dd03d38d34acd02cbb1a9a5c3d150ef4e
SHA512 60237bab520164561ba891563d3600bb18fccde8743771235a134b6a301b0e2fbba1c04956ac25fdbdc38f0467daf244b29d918f5287b0fff17d88a0013ff580

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\hu.pak

MD5 f045e0a0af27364df2e49b2e080a2bef
SHA1 0acca14414b24057e736ecefe4f5804ccac21d58
SHA256 e62c611aa52e960b39a05a6a8258616d96a7db70324edf95857d22a4f27e296e
SHA512 e4f5ff004e4966a10761eea552c60e052857ee27d8abd1aceb4c42a073e3984952320003aca5bf1e08e2a25ea356d41f84582e725b14d375daec22c35e87dffc

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\hr.pak

MD5 6347913435dbb759e05e674f6e5c008e
SHA1 97c3d4f85429d5ff9788f35975119f036788bf20
SHA256 22cf61e29603ac4f8753d6f33f207bedada6de5a6596b40ee61276f9498cff3b
SHA512 d7e79de9e9236a7f77ae609531f92df803ac23783abc22c08982ffb30464fd29c3e0876d7d534903adac53c983fbafddf9b5286a4b69be41929480dfd42fa576

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\hi.pak

MD5 f3f227ace259cd625418ac3279084c51
SHA1 f2d6dabf34423357bd6316ba33eb8ae1b01eb35a
SHA256 c7b3716c42c198aeb49a442fb8edbbed51418af8c1f0447ad32af435889c4021
SHA512 2a8e690da9d7591226aeb36b700d3b9e02b8fa197943a9972d4468a08b185e35e45562affba7c48764672a2b52f43033a227ab3092622b4d3c577e240f3300a9

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\he.pak

MD5 824f1a30a7b9a02fc47a94fa6669ab2b
SHA1 43a995ace33ce41d2581682bf0d834373c123a91
SHA256 b632ff1a6ab78d7ec1a0c59db1710df3610b07bdf54ca2c86b326dd7a69ff9ba
SHA512 de48b1862dd6d2b841e5a2388d0def257f7efae79e9142bfa99eb7fc259b957041e2d6a4009caa1059df3e67e75cb4cebe97611d3db79a6e9636926ac3c90ae5

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\gu.pak

MD5 b8d968f2019694e46a2ccee03ab51b06
SHA1 dcc2ddb23d0d4c9bb55e53ebee396868d489ef6f
SHA256 77f49bd18b8ddd8c0445a698e05b677d5c60872d5c0294f75daa7af39d1d9d4d
SHA512 65a69a31c2ca3cead03a98846ea4636ac1dae7b0ce10c9ed3e5d716df6614ea09e391aa6ffcdca247a9e075ff9102df51c52aaecb1d44dc148996da5327e1279

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\fr.pak

MD5 f4193fa383decd6d41c65339135966a1
SHA1 33f17b1f55dd23f9e839564f8a051673bd5de948
SHA256 d43b61c9973cdf9a84201575c1f1d5a6ea7f56a5aae80c92a8259a080ecae5dc
SHA512 ad176f8b6618f35c14032310e54a2a6b372c2b161b9a1bfde1189055cbb359bbfac1cac97942dcae3621555a6e1d40a7dc380623a84181bd404b92c3097bd0c9

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\fil.pak

MD5 7bb7731483dad3079bee02f1e9fea90b
SHA1 64a4618eea6baa43fa3ab8f430160acc4a02e7ec
SHA256 2d20d1a48ef736e5e18d93a639f907b4da8930755207a0baa1dfa5134092faa6
SHA512 eaf73e1e26d06d067367e0a93068d28d52c11aaf4a597d85c3d6636eeaa90384342a38323f310b8911b98fa593ad4c45c7f1ac22001859fc98ef213d37ef14a6

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\fi.pak

MD5 ce45f230cda356b3192e0bb4445775c7
SHA1 456b45141e3fe5377e65846ebe781564cb736376
SHA256 cad4022a5d4569bb3353b2d244b9630c3a943c3d091fedd282a8fd98ac709229
SHA512 da63e4e988f7aeadd1544dedb556e91c8ae91a2ac495dce8b2a472ef78ceb25d1e9fb8320ee845c3892092e925d3fd8e2c1a5c66cb2d2a1a1b71da925bcaca4c

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\fa.pak

MD5 e7a877d193f43356b1c70a16ba6ea3dd
SHA1 d06d018b649f2a792b334a5dfbcc50fc65e05673
SHA256 b70163f429168ec64a93eaf97f49ef700702980a568d1289965efa71322678d2
SHA512 2b065e7feb6d53bd717c02def3d2b83294203aa02deed4e36a94af73c6d60265fee7d9cfe28096a57466524c2b3a9def5a1f88848cecc0ab592c30f3ea781b61

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\et.pak

MD5 c29ba05233f65d05e72b143d1eea2628
SHA1 b04ca94b08eed6db41c49ad3c5b0dc9f3a1b3f73
SHA256 6e3655228f10e9d52c27d9f0a0e824de1f111b27cb5b3c09a0d3efc89d94bbd9
SHA512 05c48466ebaeac87e79137ac0daab668ab7cfec19e4b2e66f6f4eaf5fc9077870fd4715adbe1cfa2fa573092b8f0fbfb4cdea5b4236a30420a42c94067303785

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\es.pak

MD5 3ab36416789c1018112385f164cf45d2
SHA1 3bbdf6bd8dd22101624a6a5c0c1a858049d5f48a
SHA256 85f6783fef08b066608ab2020f74440cbc3adb31e1235949934df6fec7ef6e79
SHA512 1f73b6000190fb4370ad81b9db2c17bf00b8db3157d11fa3abd5ac66f1b9aadee10497ef76b8e693d4259a1ad555ec27a3546510e35a56862c44995b835cba73

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\es-419.pak

MD5 d21daf761c75bdb9cc10295fb03cb0ef
SHA1 ffe8f4811bf6311834693d42bbbabf0d674dc786
SHA256 09d492693d8737c0fca424cef4f4c7eda8c1a88d7a316d26db2fb481c828b722
SHA512 7251f45b443d98215eb65788c38c628b7119503d9e10b95ea0a792b11c437195f6a526689ed5a4b59cf89e465d4977eec1cdf5fc19c8ebd867deda8341589752

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\en-US.pak

MD5 e47fd7db4f5a7fe978b3ae6997596bf5
SHA1 623c27b55bbb8ec58f42752eec480bb6ddee4691
SHA256 435b7a9e72d5e671c96c20e7d4dd8282d7d168af28ae34a141d632b959989a4c
SHA512 a7772f3879d819ffcfd6c9cc54cd1aac3c7a10aeb8f0b6327d9b1eeeb6cdfe0a1fbc846e2d020fd40b1eeaed9a17cf13a7acd5cb638de87e2444f3e4c9866915

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\en-GB.pak

MD5 c682c0288a92986a88cd9eb20ce9cefe
SHA1 a80cb976d8fdd4db154069102bb8281938098d05
SHA256 435ac693b8918df1cd71a744a9111df6356b4155739fb7f0d55a91960b7c6510
SHA512 4896738be17fb5908b17d49f74af182a02b8e039ce3939d9e9681ff51f863e64009f66dbd3c17075ff7a10ff45e33b8733e75d6f19e301e55187faae83eaaf47

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\el.pak

MD5 44e5706fa409498ed48818420afbdae6
SHA1 a794f3a1525926eab7a759c68ec3ab1d2692a328
SHA256 fd3c6e878f322f3e16f41949ba7b2a550552085fdde45fc16d8c946e79970903
SHA512 9b717c911d0fbfdc255ef7427898b5de722a3b63b4619ce28428b0f87e32564c2fafff435d1ca8e28eec94fc61f079d1efefefbde3f37189140f7c87be0fdfba

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\de.pak

MD5 4fb14c3b190801485387ded48acbd96e
SHA1 a7ab69ff4c4c33a919d075ac75e2c761ac32ae23
SHA256 23c722dc520b2b58eacb2b1b6cf3f0aa3df0d2fa2666124d2238aca09d7cce06
SHA512 6b04c33f6f5718e0d66dd8cb134c091fc2336b09eabe7af6097fbeb6cded711770f0b3cb0465530030edb34a0a3e65e5aa408b9a83bc66311567fa4c90c72f6d

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\da.pak

MD5 0a102a1276c543cf103f7a3ed48edda0
SHA1 cd02be90204b9595fce02c3f57314d63ddf05f26
SHA256 7ec9d528ccfd5e47260dd778c26c80ff764f20bf658cff87db1dd0f711e663e8
SHA512 e290344d1ecdedb18fdf9ff9134911d6b29b8f2c3e2b3fd93460ca34100abdb11afe9b85f9d139cf6043625ad09532965d481c2186ff3626150c0e830597dfe7

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\cs.pak

MD5 9a6f08c65ba9d255d0ca2d5cab57a08c
SHA1 fbc6756b08e2a978d453a104e4ccea92fdfddb19
SHA256 7570cbff9eee9fafb0f7e4c2e70ceeba10d9afad5778247717e200566159318a
SHA512 80e539ac32218a0d5ae8dfd375d17517a0053efbd833bab0b22f11d6ded7aa633f63629fe9d5bb12e53a04cd338e15d959af5b7f52e33511e068c6653da1e63b

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\ca.pak

MD5 b764f2b1e1c44ca4aabfea04f92e98fd
SHA1 0345e892ac2b0868f563e1939d626bbd02c8d741
SHA256 53f5e31fcc2cd26efc6e9c97ef18843948035c6d7588a3b4535692b0037dd70a
SHA512 5960c6d4693efdabc7dece802020e892ba7f2030e0828ced1fc8541a4e51586959e7152e7e14844546a38b5ff370a68742a198e2c86801d7cc775b9b5570c185

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\bn.pak

MD5 f45c88f1e4d1d2101cec2d5df9d91c88
SHA1 8fb2a638829a793f495f9e25cf3c0c7ffef66173
SHA256 2c798b03ecd19a1644fb528fb566919bdffc50406dcebf71bfe4434f56aea5d0
SHA512 6f351b225984b3761f757f14a5275e78a267fe4d13f91ca9230120363af4d75d96479f77d54444617f302b4a5f8c0fa8c649362d12dd4c8e2c48f6157d77b05a

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\bg.pak

MD5 e407bc57643878d71ad3292813b27e69
SHA1 aa6e1c0b70fe6b0b16ba7ea76db31d63aa428c2f
SHA256 62f1cb35c14aa7d796f2459a4bb759cb4aa8e7138e05a3a13c61142c26225b6d
SHA512 2388100e5a59fa13d4e0f3fdd87aada5a0c5362afa2df44ebfce42e59aa1ceee5d9e493fa3599bb94894af18db524158b2b6d9fe69dbd0827bf6864482446057

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\ar.pak

MD5 688b1048962f48dcec640b9c48394427
SHA1 8bc73628517a790eba1290dbaf379554f7e06784
SHA256 6eb9e18a625f5772250f75ae0eac1cb762678b2e01eb76430650d167cebc8ddb
SHA512 98463a2f947f04e483371985fdb686eb13561ed46784f711d538735b6ca43fb198cc23bbc6660eeacce8e0ac3c5f1bff094f0a61d54cf6bd42c707a3eb393013

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\am.pak

MD5 8da2e25e428de9fe0a7e21de422194c5
SHA1 06a96b48ac61da1d305bd7c3f9f4acd115f4b335
SHA256 964d2cc5d54d61acfa8ce0dd156d285dda090fd43467e8235e86d86d7224756c
SHA512 6256496e9de2187c449b2f6aa286617761d989b4664b383b6e62ede53f15f8b823f2c486b14141048a43c9620125304c95f595785df9fd73412737acb74fe9b8

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\locales\af.pak

MD5 b1e5e4133d77df847b447d76f7bbff2e
SHA1 476eb6f69772264dd3cd7eafab6ee19dc0f9a6b4
SHA256 22466317f5006a9eae6e27eae1a3f2de0dfe9815a24f1e19de86279f96362cef
SHA512 3d1725386e70ae902938501f3487a9e0631af2188143342e02b020676aa880d97b5da4a2cd687985308a02052ab6ad406836aaa6d957c4bf8d4789e41795e6ad

memory/3256-932-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\libGLESv2.dll

MD5 f067893b7e5d73a952b59d3762850fdd
SHA1 13b7b78e8aa179b54b674dad3492925f961e77ad
SHA256 3728fb6d19504d03a9390f5c44b0969adf332ee0005317de505e25f960000531
SHA512 e41105d55ae06257f5f521204f53be0f89ae70084ed877544350edef039d14c2d8834707c18dd4aee2ab5af98e5db7fbe3295b9e353128fce0501595bce9c20a

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\libEGL.dll

MD5 4ec1537410590cc33881440d4fd7f315
SHA1 e3079ae415de9a15e1b9ab50069635556cb441d0
SHA256 4a3b016fba64f890533dfb67790ef48a0c09674caf146209e6b431ea4b680f7d
SHA512 5d85005a1747546481e4ad177ee0b165bb7649af1c6563e4ea92f39452c35d2646e3d273529c2186a02a94ee386a7a65c4114880c5b6ff5380324b7c0e75394d

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\icudtl.dat

MD5 cf9421b601645bda331c7136a0a9c3f8
SHA1 9950d66df9022f1caa941ab0e9647636f7b7a286
SHA256 8d8a74ca376338623170d59c455476218d5a667d5991a52556aa9c9a70ebc5e5
SHA512 bc9601e2b4ab28130bfadfd6f61b3ed500deb0bd235dc5ca94999c09f59d10bdcbf278869a9802f918830041f620c88e2c3b506608ade661db48ccd84c1977eb

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\d3dcompiler_47.dll

MD5 5bb9f86fb494e43609402862a114f39e
SHA1 8544441f348d23044a7f2825db1bafbf1ddbcd86
SHA256 59e36267d17ffc6851a0f5328e85e92257724da758be5d1fb57cde555ad752be
SHA512 ba54ba33472f02b2e9f7592b20f9dc25094d1145738608559217ebf3010806a3342d4ff72b4165dde924e8d9d4794009ebcc9d64cdcbaa6467bae4e02b88528a

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\chrome_wer.dll

MD5 b4aa310fc5ca3e33affc6c8e638a66bc
SHA1 72014b005b038165bd025117b0e62526221e7cdb
SHA256 dd66d70cca6d37ef80d706cdcb45fa5da63731ac6ead150a41b556b14f5037ec
SHA512 11b3f764478fb8317a836a202a806008448ed998986c1e5024bf41f529416083e03de90d7bb9410812f6c7d4e6dc9a9e71b2b2bb1db4c1fefc0ffb650b4968f1

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\chrome_elf.dll

MD5 08e568cfbe555b6b4d36e318ca4e477e
SHA1 2c7fffef10063370888d88d6580b66a842570c2d
SHA256 93eb116703983d9d18e7bfca9f772f1ca5806d22c14038cc36b70d3d88af0465
SHA512 49742be04e4cdd70d1051a2c45db93d0ca265b67365f28402ba534a7a83852d450b5c0c73ca5529a068f3bbac7acd652fc04f0a52cead9bbf4659ac18ebcc67a

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\chrome_200_percent.pak

MD5 0a828129353544891688f6f3ad180385
SHA1 89260e4745d22b9213f2ce7ff89b411200445b1c
SHA256 d2acbef35aac91396019e7915c0d9cf0bcaa9a81793bbeb9e4e4aab1ea196b3f
SHA512 7b799301b5a12ec50f624aa13c41a7564b2c75ed73f4e96ee0e1a9ded18ce168e8ec0d802ac7b90e7a0a10177a5496bae283fa38a920706b1a4754820f009f8b

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\chrome_100_percent.pak

MD5 dd9ee26af78adc777835e9f64632d528
SHA1 70f6fef762b9299000087aac477ae3adf12aa91d
SHA256 2016606f21b925b2fd175c7a14cea2b2ab577c48574083e3651a72be57ffe747
SHA512 de7ef538737a5389cf4fe264a38a6fc4b5ba552289566116a2a343c789371758e06bee0c65a291fa4892fd82633254dea8de4cbeed44166112ee5b32638cb0f0

memory/3256-1009-0x0000000000400000-0x000000000123E000-memory.dmp

memory/3256-1010-0x0000000000400000-0x000000000123E000-memory.dmp

memory/3256-1011-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\106.7.0.8.manifest

MD5 669f59c00f57cd655aa20bb51c899234
SHA1 80cd0356a2b899545186fe9fbaa4e6f4001879f3
SHA256 ee8e40a6d870f392a0ca8a070f5874b103a4dd1c4b2de45e808547818e1e9747
SHA512 6f018f0f43b31a5449251a8399b5355105c7ab81a1b31ceb7595aeff5445ddf007442cd665d8cc9f8124be1a16f0c9af1d3d85f36b8095a7457a68b25884b945

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\bearer\qnativewifibearer.dll

MD5 cb7725d9a585d1d1a495152084f4cb9c
SHA1 d7465db4a3a24b42a08b4d6e6e8add3375686084
SHA256 52a22fc54660479bb36c1317c92456c086353d213ae08a52a400e4c76bf68193
SHA512 a41b1dcd2f0225a96c395ea4b3c63d34be864c7f0ce834e2af6cc7c8b6ff5cb5274c7f09581633df869ddbc4b0685393a10ff492e4186a3cebc40cc29e8aa7cb

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\bearer\qgenericbearer.dll

MD5 209b0ff7c37828f51a96120e282163f6
SHA1 a49f0070fad714589f96779ff83d56b90c74396c
SHA256 d98cd8ab7837e10265b4310888d3f6d514971823ab9e9b40da354dd9b838725d
SHA512 2746c8c97aa0ee2b4ee0f5d33d3eac1df4ad2ebdf550dac14ec39d903e74be5486b06c5a48358ae00c2fd3d2ad69325927fe9ac9ebcf92696ab4310db13b7e1f

memory/3256-1042-0x0000000000400000-0x000000000123E000-memory.dmp

memory/3256-1043-0x0000000000400000-0x000000000123E000-memory.dmp

memory/3256-1045-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\UB\update\Flash\31.0.0.109.dll

MD5 b4e5fe3f57802c5d84751e58c5eae059
SHA1 d37d3278fde355fefd6da1036ec8a6c0fed8fd59
SHA256 de48aeec2bccbb824a87eb0acfb535b3339ba7682e6aba8ea3f6e1473745b4cd
SHA512 a1557cca02270b1fa84195a4ab75869f47de5d5ee39350b7efcfd1d85f0b56ee20b4296770cc96a23ea7eda5878df6e2728a9c11b417a7c766032b41ff02a016

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\Browser\UB.exe

MD5 326b977efb7e4eb6b6de2f83b78e751e
SHA1 f305000772be745d1da95a2fd502ba83bdf8be91
SHA256 4a4df1cc10293a310f8b8bca4c6ecc19fc9e8e376906cda7bb43ea6e34fb60ee
SHA512 cd47ac6099a30b1e91465d099e73e0e1d744ef52467419930ade6b273f7e23ce495cea080a7db39a61d4a58ae846620d4261eb644ae684bfa3403b0aa67f6a79

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\troubleshooting\UBFirewallTool.exe

MD5 5b312cf735fc77988eda62bcae2e5757
SHA1 80df5f204c5dd6f390ec83ace88df6c50fbfb6b6
SHA256 a9ea3d6c9f21510ebd783cefa0bb23a28431a69ac4b6e3e563aafd6b5fdfdd4f
SHA512 578c8cfac5e94d0d95c6af5057bdb771dda7096151c6c19e4a6346d452f19a3139481416d7015883825ce72e14aa57ced43112140cd925a807c4422b882f9299

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\extensions\lineSelector\UBIEAdapter.exe

MD5 05aad230172391cbd8247f474ea7c2f6
SHA1 dadf0cbfca9f4a9ba52695d888111f0dafa85edd
SHA256 f0907f3259f4b7f6d3fb7c2d05706a7bb296e5b3c41e8f3585090983d819e5f8
SHA512 190eba7965e3c90dd46492b730399e5724253fd3c0f00d0be07c461eb47e35c37e89d14f01b267a9302418e997b829fc3bdaf9026ea216e1cdc321f002a231bb

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\UB-Launcher.exe

MD5 4c326dd94d4d3d1b576699c088ac388e
SHA1 fd6352ed8252ece364bb9e44a098c1465d35f43e
SHA256 a4623d533a9dfb6f9d426740ae452a0cf1d2e5c8c841e74f236d3ee7f5752215
SHA512 a9490c1ac69af6166159cfa7352df1f86b35b2d7b7ef84f47919e0ebf94efcbb05f97d858484411a55c251917af4770e27467aadb301c01cf75bf970e6e1a1ed

memory/3256-1105-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\UBDownloader.exe

MD5 78a882efa8fabffe80062f4af78a0ff7
SHA1 9a5950cecdbfff808c500067f2f7ad3dbba9346e
SHA256 8aa6e2de40d9e63abcf65852587bd4ad6b56201689e9c8f0669398f30f5c09b5
SHA512 9bebc3f0562f9c84ada52ca02b81036d05c7f5fe45dd0c97035cbc4cd3d652fb4cd1049c56b27a8c5c8ba57d1549ca0c670818012a5ee8d730d57a854366d7f9

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\UBMaintenanceservice.exe

MD5 63449cb90f980153bcd00c8b27f7a88a
SHA1 94828378b3951a2ed8d0f3161aaa93f420619972
SHA256 1e222a409d9895c9ff7eadfe58753cc6c88959b55c82a99cd9026a9abf4673cb
SHA512 f7718dcf00a1ebdaa447f7154872ea960f651bf5eabdc0642ffa532c1a54fc724888ee9519c99023f50fa20160c66f76df47982bb1ffc6a9bdbbdf0078bbeeae

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\UBRun.exe

MD5 654aebc12f90f5bcaab193a5629ffe76
SHA1 a95110368dd9157d1d7bb535de2ef9bc330498af
SHA256 e8d76e5c0f30327b51718f2a543075607cbe797cd24b712d527f1f6ac724a3aa
SHA512 509b9dedb08c8706dc7240dd5d162ef29b83979320826e568f61f70bd2d8e25b6f176dfec55d76f746a77dffc9ff3790e9f82f91372cd1a9fa551538b1334c62

memory/3256-1136-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\UB\update\Application\106.7.0.8\UBService.exe

MD5 17863cb4d7fe15aa6741e0bc4f1e0c7b
SHA1 39bb7b3b0474c15be0d87b682ba5dcbe4192591d
SHA256 26f9f0655242bff2156dffd03b2cc47d6d5690e6bfff819d195df68dc2b9e438
SHA512 505bb02a69f320f0e2905d0002de62bce79d5426e80edb713c106ee6348e41155ce0fae1387cf0f4929fe78c590226da803b8a19ebb2398deea16242a09774e5

memory/1220-1153-0x0000000000400000-0x000000000078E000-memory.dmp

memory/1220-1158-0x0000000000400000-0x000000000078E000-memory.dmp

memory/4364-1159-0x0000000000400000-0x00000000007AC000-memory.dmp

C:\Users\Admin\AppData\Local\UB\Application\106.7.0.8\UBService.exe

MD5 2c919ba2e7adbf6def050c1d5ce17ffc
SHA1 41b1165916a141611737f77fbbba225ee421c6df
SHA256 26cf5f3affb63501ca3c418e71cd3ea6f8bee2f24f672b9d069ea2311da99159
SHA512 49c8b6fd5fd9ce38148fc254697a446a165a33b5b4f98fb3a48f20f12de624f819e200f0657c6b9ed4f9ce411c8668784c403403ef87949f866c1e96636e8e17

memory/1980-1179-0x0000000000400000-0x0000000002995000-memory.dmp

memory/3256-1192-0x0000000000400000-0x000000000123E000-memory.dmp

C:\Users\Admin\AppData\Local\UB\User Data\Default\4bf63ff0-9aa2-48ef-9a96-d5406e91afdf.tmp

MD5 5dd72682a9d32761500dae79a77da33c
SHA1 14e45ff351f06b585f300aaddeb036183f1c527f
SHA256 876985094873f4c33c6cfb4825805590c63fd7c1c93bfbda711d6821198e48a3
SHA512 9a45dbe4ba3c5e7841f20ffd6197a90b0b6e6c697003710c3666e09f7c15b0325b3a4b0e3ee91a843cdac2eb07f5234a17a4d0ddd06cdd988f3c9e4784c588ca

C:\Users\Admin\AppData\Local\UB\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 f0c029282e4e83d1c07f82906b59877b
SHA1 693d2d329f32c13936aebe8630f49e18725b35be
SHA256 62b4baa5435553618fcf9f781295a32dbb230e2d963c44f08b2ba698aa2fab1f
SHA512 088d2cfacfb2d68c4db8c90e6d37f11109ad2383f34a601860b4dc1ff00c3ffe4b4d5116e955df9a58ae0f65dda3123219602ff2ef0e72032016b8c80bcc154a

C:\Users\Admin\AppData\Local\UB\User Data\Default\Cache\Cache_Data\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\UB\User Data\Default\Cache\Cache_Data\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\UB\User Data\Default\Cache\Cache_Data\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\UB\User Data\Default\Cache\Cache_Data\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\UB\User Data\Default\Sync Data\LevelDB\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\UB\User Data\Default\Sync Data\LevelDB\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

memory/4364-1385-0x0000000000400000-0x00000000007AC000-memory.dmp

memory/1980-1388-0x000000006FC40000-0x000000006FD41000-memory.dmp

memory/1980-1387-0x000000006E940000-0x000000006E964000-memory.dmp

memory/1980-1395-0x0000000067580000-0x000000006759D000-memory.dmp

memory/1980-1394-0x0000000064940000-0x0000000064954000-memory.dmp

memory/1980-1399-0x00000000050F0000-0x0000000005103000-memory.dmp

memory/1980-1398-0x0000000063000000-0x00000000631E1000-memory.dmp

memory/1980-1400-0x000000006D340000-0x000000006D40D000-memory.dmp

memory/1980-1393-0x0000000069480000-0x0000000069692000-memory.dmp

memory/1980-1397-0x000000006E400000-0x000000006E46E000-memory.dmp

memory/1980-1386-0x0000000000400000-0x0000000002995000-memory.dmp

memory/1980-1396-0x000000006B680000-0x000000006B69D000-memory.dmp

memory/1980-1392-0x0000000066C00000-0x0000000066C3E000-memory.dmp

memory/1980-1391-0x000000006D7C0000-0x000000006D80B000-memory.dmp

memory/1980-1390-0x0000000069700000-0x0000000069893000-memory.dmp

memory/1980-1389-0x0000000068880000-0x0000000068DA6000-memory.dmp

C:\Users\Admin\AppData\Local\UB\User Data\Local State

MD5 3ddae2cda713e1fe61a7b2c78a98dc0e
SHA1 2a7c1b09431e013f083166fdcf2d43addcccdcb0
SHA256 51b643997f25b8c475c8ba71d2f5156f377dca5b282cccc540c934255a2e66b0
SHA512 3b394a613ff11773fab042071e7681427e3501f8d75ce236b83904fcb12fd4b2447efbfb018a91d6770b5f49f4bf996a21510b552860dfd1b437781777f5cc5b

C:\Users\Admin\AppData\Local\UB\User Data\Local State~RFe592acf.TMP

MD5 d74e06bbecf8aec543b444571d55df03
SHA1 e21a8fc769efc3125642e5b0ed098e3553daa253
SHA256 80985c74b2d65ee98c67496cf92c475ad3fa898643fc5e67d6453d0566f4b7df
SHA512 6c786eac90a6835910a1f84f8011550fa0af326039b369beb022dafbf84fd2d8c84e664c6ad681bc64765787391e6901cb4bffdef25c459eb8bcf3937afc7bb3

memory/1980-1437-0x000000006D340000-0x000000006D40D000-memory.dmp

memory/1980-1431-0x0000000064940000-0x0000000064954000-memory.dmp

memory/1980-1426-0x0000000068880000-0x0000000068DA6000-memory.dmp

memory/4364-1422-0x0000000000400000-0x00000000007AC000-memory.dmp

memory/1980-1442-0x0000000068880000-0x0000000068DA6000-memory.dmp