ed76a9198f050ab5c34ce6c50fc9913af710f4b7c02d17a9255d5aedbd151ef7

Resubmissions

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
05/06/2024, 21:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

anigame_fusion
Size

305KB
MD5

3bd10552ea26be45339a9a96e96f0af2
SHA1

d01219f5c60406d7d02670e01a394bc82be68222
SHA256

ed76a9198f050ab5c34ce6c50fc9913af710f4b7c02d17a9255d5aedbd151ef7
SHA512

9f1cfe52af898b37ac2a6a24b6be3f48466ea18931b78b48a2ff743a8ac21c43f9d2ef9a569f7ee72f59b76540a4cf4dd4177d7904a8b7fe24eeb1993fbfabb2
SSDEEP

6144:tJoqW2n9dH5M2vkm0aWyRv3pId9RD9hvZJT3CqbMrhryfQNRPaCieMjAkvCJv1Vp:ToqW2n9dH5M2vkm0aWyRv3pId9RD9hvc

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133620967949326908"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4184	chrome.exe
4184	chrome.exe
2332	chrome.exe
2332	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 19 IoCs

pid	Process
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe
Token: SeShutdownPrivilege	4184	chrome.exe
Token: SeCreatePagefilePrivilege	4184	chrome.exe

Suspicious use of FindShellTrayWindow 33 IoCs

pid	Process
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe
4184	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4184 wrote to memory of 3856	4184	chrome.exe	96
PID 4184 wrote to memory of 3856	4184	chrome.exe	96
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 1840	4184	chrome.exe	97
PID 4184 wrote to memory of 2824	4184	chrome.exe	98
PID 4184 wrote to memory of 2824	4184	chrome.exe	98
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99
PID 4184 wrote to memory of 4020	4184	chrome.exe	99

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\anigame_fusion
1⤵
PID:4188

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb9d19ab58,0x7ffb9d19ab68,0x7ffb9d19ab78
  2⤵
  PID:3856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1692 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:2
  2⤵
  PID:1840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:2824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2260 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:4020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3068 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3112 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:1264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4336 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:4944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4492 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:2904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4640 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4772 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:3628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4788 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:2444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4852 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:4304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4932 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4480 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4032 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3588 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3296 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4284 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3348 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4576 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:4368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4368 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4776 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4436 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4908 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5328 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5192 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5828 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6080 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:2484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4384 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5944 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=3092 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:4988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5388 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:1
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5932 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:3288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4508 --field-trial-handle=1916,i,4835556017997591829,10117163937860364954,131072 /prefetch:8
  2⤵
  PID:652

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1904

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1460

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\26ad0f02-a4c8-4c58-bcce-2576c294dfc6.tmp

Filesize
94KB

MD5
a6dc0b1e8608c56726f394f81d22104b

SHA1
a1bf7dd7f71dd942c85a3e7234554d284b96bfb4

SHA256
f4e0cb24baa6a33d6c8b211d4355b1e624ed5e3805a0ba7edee2200683da6a8f

SHA512
9dc23db7bcb1d0ebfc73de3bafc07625a4adbcd16109c3d86dc33d4927dd19f14313010cbc057e0b72c09a11980a7d22b5943b3a7992c6227a7671bf60ed8033

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
59KB

MD5
fac49e161e404a2a94033d91245077d8

SHA1
fcdd095a60d94e7fedb86bf29c784007b4d7e9c7

SHA256
782fae8642551618ba67e354c7335e274ffeb931ca0c02698e5cd8ca5931a349

SHA512
0a3e34ab9bc45b40f7c2b2c26896ced8869a78992e1a8fae4d0dffd7815216a0168c19661de536b6174f168f88563185ed87929c04a7d8238250960bcf562bb2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
207KB

MD5
e955953b801c04327c1e96c67dd3c618

SHA1
f9061d3780f153e863478106bf1afd85132bccb0

SHA256
e8965a2d52ef25918ebee58ab6971745d396177a7943acf1ed53a65bb4dddd45

SHA512
6318ff1eb838954dd73dab5ed891d47f4f39089fa5e899d30183c32269c5620bd09d169af4cf8303e3d5c2ebab23cfe9ae5d9fa5c3281023abb009f66a25782a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
40KB

MD5
aa12ea792026e66caab5841d4d0b9bab

SHA1
47beeba1239050999e8c98ded40f02ce82a78d3f

SHA256
65fe153a832452e97f5d484440a7047e314d3a83cb61ad2508fed48a820e1de1

SHA512
0b2b1bb8851c60c9d4ab1d039b990a4de5799c97c50b45f64e36a21849c14e785f69196f674ac225b1419d7f501338054074cab6203d041361a4fa1ed8802b27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043

Filesize
69KB

MD5
4f9d58547367f284c0fa5c840c00b329

SHA1
afdf5a998830ad8bea4d57ad8cb3882ac911b43f

SHA256
3104d7911ad5190e95f4bcc647740dcc286325ca7a57f46510cd7970aeced0cd

SHA512
7d21bdf059b4cbb5a1203c8c7333ea91118bab3b6d935f59e7e89637eb31d2a28d69033ce8501431dfbcccdb6df1f05d86cc4d99af01c68270a5577b795eb350

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044

Filesize
327KB

MD5
c8833d412a1bb5261fcab30ac740a5c8

SHA1
df313263e64731124c70334c9e1ba6feaa6558a7

SHA256
1b8ed9e038213303270b20e1a24548692d3f4696fe37f0e919ef6b5a208a3572

SHA512
b6d100b4c837cc23635fe4827e977bab04857d04e7cc5644fb94cd5421a4730ec35cb1f9e5a5d9fa9d20dd2c69dda0f05826d504cdead71ede6b8b6444d06535

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

Filesize
133KB

MD5
a6f1dc318aadf451b1e62263926ecddb

SHA1
e81878fd945c46f1d5065ec064ab96b31ca95577

SHA256
ea6f6cd6af14dc5c999f9127ea663b5c22e32418c8c96eeb998af7bc23907971

SHA512
96f3bc23791af94f7f4ae1bb39c78fe2f101b85467041227dc1e288e2713fe826fece758f30a91c0d46e27e739b91d2703f150f4fa1a650ebbb3b136c3fe6ee5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048

Filesize
28KB

MD5
e2affe6ea13109856f5e336393f537e7

SHA1
46d36d64ee0b5ea4b8302d224a5ed5232894c748

SHA256
a7aa4cb6c268555cd0669857183522ad824842421a2891a09c2cc63ed1a4f492

SHA512
30f9c9492fac821fc95420119cf4daecbce9743a209bbdbf23f96c00b8254d998facb1a93a7749fa84a5209234f18e8dd018a521a724f3bc62aadccda45a62fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000049

Filesize
46KB

MD5
09d8c48a30039770adf6aae77a483fa3

SHA1
7f33770abfc75582ad61b8a990786b383f3ddccd

SHA256
6809894b9fca107f00ab417fa4f5b36dff504ca1e03491a74d6be9e89e2112d7

SHA512
8ff0e92f11e166a9267b99a14f562f9167432b4233e9853bc08c44c6bcdbf7696639bd4c2554abc69e8411819ba37527335fdd6889e6a3dd23f6a935dbf1f87f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a

Filesize
19KB

MD5
21c6e2bd4712ef5ae850eb353c7cec9c

SHA1
421faf243f67485e9be1453b09ca76ecb556ceb6

SHA256
06b6623e0e916bbc0cb60bd79ec2751bb35e84f0f620ee25514beff6f3017a35

SHA512
a3214dad965fbd42bc90ed51f57cd4e0c5c9f1b36cdc68b6490eab761a308d3367c174e8205e7514a8da5c058d6d67fca781577f8bb754f5d9287947f0edfdcc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

Filesize
96KB

MD5
d19f357145a2ee96291ea0f34504aa36

SHA1
26ffce889eacbee5c4e96fd8b61c2ebd84cd1730

SHA256
f085d23e60e753705381c1861cb512e90305651e4107b9a3db6529367e7ccce6

SHA512
25987b8c3d8c56b26039c6f1e46eba6161739c93b81434822b0c85282310b63387e9c2f9af5de6dd7812ddf1eaf1491b10467c8fb1f1c285783ffac2f3496efc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c

Filesize
805KB

MD5
590169a4ec71a93ce3a728a6f02f32a0

SHA1
31e0f86f34f3863e6e9d76d6f9dfe2e13e5b495f

SHA256
898ac97869833e1908fc793d7712f16e9aa543f5e4ff5c95c3cc71d05bc9b978

SHA512
5e19ac561b0c959d0d432e7edbcff3a3d720fcb290d5b08d9ab3923211a35831ea0c797d4631b7abde68153cb1858fec33d630c4050c0c9fe8656847038f019c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d

Filesize
32KB

MD5
2f966b2ba9649b4bc9ca1ee645cdca08

SHA1
2053343e06f58f5ad2c185f68a0b99d674375578

SHA256
4683af1321483200a6f8d541102d425b6af841e7a9f01151499acb2f35bb203f

SHA512
0e76ccd92c61cd7794568cb990d0db38b7b9c672a59332ca2b6662cfb97adc78aa33bfc651feab4dd44686fcc4aae91ccc11a1c96f26586a5e4f686cf39c70a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
fbe42ffa7eeee9f733f9a12d8025b1b9

SHA1
50f64df7924acaccba85bce4d2f422bc94fd4508

SHA256
22b0d4611cff530948fd2f3b52ece0a1a75f555fa9f41c6fcb0ac3e8fed5365f

SHA512
72261a84f5a73c22cd9276eaa6eb30afa903e8df0469b539d798c07562bc67d1e6797f1889ed78c79f1ca9766292adb117ca7f04ffab0715c69674e0661cee22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
9181741e92bdc8291e5648a6d75e0b77

SHA1
9829848ed063dc6ddb72a21df9256a8ea3a2193b

SHA256
831dfab375e64b62b339f98f15b0ac66ed97045cee3b9899d53ed9372155c697

SHA512
257c45b35c655b5e10b318306c120ceff80145698d568a1dedeb0a7f5450142280939ca72c3c1c3cfd1dd8144d8ba530175f3c7a15a597ad901a576453af5c90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
166b4c144acbf24ce4b1adce2b76005e

SHA1
15f544d8bad9dafce12791ac6ced99a43d7dc107

SHA256
b8eac68741c74c1bdd9f62ac467c71f85c84894f7fe598cee38a845fea9ae7c6

SHA512
3514a5a36b608cfcb4597cd4193e5480f9f8845ee9289abade8f77a9aa3b77b85e481babc1d12b432f5706d36a36b56ef39cd8d491d4c53e49375da49760c2d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
3de2503174d39a5f8c3887066e7bae23

SHA1
28a98e0b09a65d5b5f6962a9f3143779ca18bad8

SHA256
06817dbca8ce0413dc0dc6a0742afcc94bb7aaa6792e4240a9ff3e035fc6cf04

SHA512
50fa78c1b9d2c288f8c29cedfce6fedfabb0e849b9228f84ec7b51c4d234da06d53e2b7279b2b6d7be42b492af17a875b8f97923b9104ad844b356140a850bda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
e8d965f0a1b489ec558ee7ba5473e1b1

SHA1
c2a51bdaf7b022dbbd1577829c406fc78ca33507

SHA256
f9a086896cef61964d09652b3c2904e3b05a7f71e45aaa31a510c199ff5b36b1

SHA512
f6207cd3148f31abc623a34d82eb594a765702dd0e8fe32a5019fcbd36cbe8641f956afd8661a345a023bc1859bef960475e262fda1cab553df8263d9bfebf7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4de185f1b5e0b7d6e820c7a7b9bb0aa4

SHA1
4ab5c8484876ffd9296c29721056f45f0730e58d

SHA256
63fa38290a945a2345f884e33965075fda81cb9f4e62a764ecb245906280bf06

SHA512
813d550dfcc9b26f5b65332177aed52679681ef4c76ed641419ee39f624f75aaf9387f2cfb9be8b01c3f6366118bc72784d9fa764734257b9145bd334768cd8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b119aa1bea3d7837fb153e3082e19256

SHA1
57bd9421d55c53ac3e9384ce1c061c6990a0b5d5

SHA256
223ae05ac190f922ed932d081be8bb3c55b4d66d8af7590871e88876aa468df4

SHA512
b818ffee07682b2cdf5760cc6a92ca9a605fb2d0784eaf41bc61a47b8cc9a01e11a47a701cdc984ba9811bad11b42ae30bf061e0f96ec195ba08c43a8ad6a83e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
75c726cc4a5c451dfa3615cf5be25d2e

SHA1
d059995acf8494b4a50949351ba178b918309746

SHA256
5a97eada033b301a85e317491462d2766e3baede147b34d17f177e53a834af09

SHA512
0f4021685417ed7bb43344a04869ca452e47af09dc01e16ac2e0ae250052512eed81b2ad26aaff3a35286ffd760b4a745d1d215a7ea80f2a58e0b4b591de232b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
1779f3034fc4300d041aa44c531dba34

SHA1
5941e5c34cde51153bfc55185788896df8ce54b7

SHA256
77966db33cde97167cf4aefab181cae44176401d7ed3b59af422b6654c109b92

SHA512
111c1f900c4a9a26d1e53a0b575a80f9b4e2a710d0eed66949597878b16c26432d95c97ea0be6a731dd49c56be05042da468fb484e0f594a9a3b37227c4e850d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a456e0a8aaac6d57146e2a587961c993

SHA1
04e7ae69c4da0b8e0b3baa4e0012a3e37d102c5b

SHA256
f3e52724b2c3df675c3ebb19338fc76dcba56f7112831d93628bacc382589cad

SHA512
80760c3f46e6e5c243df58bd8ca7e6257602474314f989456660a9cbc1e6c9e961142949060992dc5d4830bc36a12dcee7546ec9a163b2c7abd46d6af7254d85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
f79bbf03443320617b8ed0990d0282d5

SHA1
c68d95d69af3660279cc96ea6593a82148092d7e

SHA256
49da698349905798d71626552d2ef8667f4ec3630ded893dd4414d1d93a57984

SHA512
86fefe88ea4e075be5453ee3a71bf4b711a65f765968f86692781ff5d39b65b3623b80b1ad7dac6df0afc8817204f58a2ebece3add793675cb7dd76713b90514

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
09cbd3e6effb2690c6fcfe4a37b38b96

SHA1
04edb7e6e886be61ccd7bdc137467e240046e156

SHA256
985e894180a1b0dea8d10f73f97706c605164d1e9ba875b0acf4153262f52cf9

SHA512
bc3e91ed4ec6e05da2b5ea3fbb0425733b72f83d32147ac60bfd5be9d4920606285ca12546d6daa1591a10c981fc54c9dc84a9dfbe44ede0449bbb7999573419

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
9dbe005561bf82c6b58f46565c2e11dc

SHA1
35406c1981a3c7bdf4db545cb85181a3290fe315

SHA256
b3ceda8fc9f63792e9a2d552111bcd5461851f899ec193487b3bd4a9d4796ccb

SHA512
8b02729fbc88ec45b798b1ba36188bf9fffd23b0eb31d213cfa1d70e6799cc22c21687979218fb6ad295c640eb890fb21ab261d5257b33703f68e820639904e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
41326eda3f8aa9f388549d686c9455ca

SHA1
fce3705c88a3de6f7284b897aa166d73c342b072

SHA256
883cab8d2bc9c271a818739591cc1ed23288a60c895443cb3764de8cb0426a9a

SHA512
40f035fb880277486195e577a64d3c9d1b5a7e4bae84fc6a7f82ab30e9ba371a4106aa68b8638e1ef75204bf5ea8acb325f183fc58dce6a1ae73c6a91566eb94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
52b73268de9ee02cfad412ff034c153f

SHA1
ea1c1a64d54177f71083c0f5fe9ac96c2d097409

SHA256
8bfbb55a89c7402c72732e5a24eaad42aa11475d1314f497d6d951305dc84342

SHA512
081da024a071025ea4692950427bb21c68bc27a041b11e6f1f5b4ce9c18144be8edd29ac6850256a1923ffde84a4bc7f8cdb32833ddeb0532acea0ce38e2cef8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
a3f58f5ca886daf37fad94a5c95a58e0

SHA1
1257ecec9d93975c554020fd68c930b623d6bfe6

SHA256
79bc80aa085310b5c938b296bd6c0fb40ea785d19329ff82bbdb8b43d6114963

SHA512
c95df4e58a547b0e7bde25d92cc59ef785518e37bf0fcb22426483d73889572b16cf021d1c12c6be13c9ccfb29e675f7d5991d4f4abf86dfbbcd12c10bb72119

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
501e3692ed58984041285431e596621e

SHA1
c323088101b55bdbb98ac6978533b000f7fecff3

SHA256
79455c8ac83cbd7469f115e73bec33e241c74b6b95724d3dd443e104d190f67b

SHA512
ed674a1fb688966ee8317f9be92d8782c30d1c21b0f44bb38258ce898fa0fc664d9c5a3f2bde02fb90247f3bebd8144826d61fed865a78eaed02f835f82fe2d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
be4b0a1b38686e51a7eb636a5a463cc1

SHA1
736127505712e14c5611e0f3ad73d0a9c09bd1c3

SHA256
edf56ef9dff81247d10d0ab24bb9baca93ac8f2edf42c1125a4563b8e4db06ed

SHA512
dcf78951714712632504a024363fe2fe49bae7e2c9da085b945f675c0114fe37401f23631110e1549c945ed2805fad179737243b42c3642e02f4866e1313d734

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
436fdc7b009dd7dd3fae36e21703cc5d

SHA1
78b1876a84126aedfa5a5ebf59c0898db767b957

SHA256
315921db6ae7691582ee9177b3c742ec88057b12747ab78470a777bea3fafb14

SHA512
d66fb2600fc562493f96c93b479b50913e2a08011b93a008d955fd2f1dcd032d4b3516bdd76a60df59cc4a379bed18392ac888ccaf5cdfdeb5d366006657afe1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
94275bde03760c160b707ba8806ef545

SHA1
aad8d87b0796de7baca00ab000b2b12a26427859

SHA256
c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968

SHA512
2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
06e7f2d401f7f97175e59aa9cd2bd3b4

SHA1
5053ff741bf0805a2d6dc8d357a4fb904a52b0cd

SHA256
d51e48d9811e2d0a6ee821eabd7adcf816f6751ae1baeecba98499a525c4a9b7

SHA512
e1e101730ac1b2027655f9bf8110500a90c9ab126c0787d658f0dd062bd3ae4d916b8eccf4d2b8dc11bfc7060819665bbfbad28981a861b1824f1e66bbf132c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
c64c6c4057244f4ef863696aa255665c

SHA1
010cc6dcae6de02828527252f0e5e717cec0d990

SHA256
66724f791624421248fb2d8a0c3022c96f0bda7f65ccdaec4fcf9b85496f128d

SHA512
243381fa514f7b9bbf6e8c2acce459b516f0345f417aff08ffc1ed7ad5edd7180d108a1ee7019b5c65d940814de8e1caac39bcdbf43862e29737932c294ab254

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
205a67707ae90e848f4023549afbf5bd

SHA1
36d0f9ac2eca0f968611fe1f46e0d7a54c3d0a8e

SHA256
8c769268e7f69492e69cd38bbf4f51166e7a6d19805fb426a89acd6eeec81f03

SHA512
458b401a97b9369e45196c8e7240c9bb4af9c3b681337fa908e371faf1b3a42085fc123f4ee9ae91462a0b4e8f7d2cc8714a669f0c0497e54eefba7abdf81044

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5883a2.TMP

Filesize
120B

MD5
a94e0f6793a68e8b7fbdf9dde1b2123f

SHA1
cd928eb7ad90d490fc4e6d2f6f4fa26dd58df36c

SHA256
e51ef4f32bcee2cdc5cec30eb221f0bd0cd314e751d30fb00e5d5bf224f410d4

SHA512
c4a22da86f49738e8b6afa978727fcb2b8207df14cfdf674d3e7d78d7f556c8e0005688358e5d7dd78cccf6adc3d42ffa7b5b38d81baf1b5d2915ccffe5690f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
261KB

MD5
18ba659a672ec5b0364a80a6be3702c2

SHA1
640456b11d79323d7c2de3d3e42f8f0a1b73bcd1

SHA256
c1e06df4af572179155062702d8bf78c2cfa1b4f94d53652f92a3ea3ab8f6b5e

SHA512
2d02a1761e45df1b579e3b7960780023e900c8c6f20bbb31789583e278400373e3fad8821a6b6232b2bcff1a0f62ca5161fb3cc64e58ce90a572b882296db9d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
261KB

MD5
866e16fe7dd7fd4c65e7900ff683e2f7

SHA1
cc1237383284b12f32c3e1a4577260743039ebf6

SHA256
702c4fa341ad46a7418c990a5c21bc95777be6dd43853b80cb1026ed3a8ad143

SHA512
dce0b626214226d71b4517b05aa5062f8d8c9d723e8d31954159f3d82ab99dcaf04fb3d1e16efb7135bc3a533e4eca78908b289b419d17b46cb449c95381e5f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe588b53.TMP

Filesize
88KB

MD5
091a38020707a4a179509140a482fbc8

SHA1
53cfdc9ca54457ebea578be000ea743ad67ce614

SHA256
d23615df043c62b611cb050ea2398ddd9693d92bb3ff771bca53ced3adc29ff0

SHA512
8a5a05d24474314479e624d6c349dfaa5b1d5e43f2ac5896f907853e6defee10428c4298f7886c9d07c889b2148c2a17783a3089a8cdfa9cae45c98acd985187

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
8KB

MD5
ea9001e198523fa46d8617f8874a34b3

SHA1
10df3fa55051c8ead3f7879b83b09da4f8fcb523

SHA256
f16890750cf75a7353e2aaa294216a91072be5a08b6408470e7c82e2edc3ef08

SHA512
46a6588e1873f382a83d69a211e7b8c9790e2ae6bfc2e4ad35c340d8af2ab68f1ed8a15e590c5c03e62ea3c59e8e46ced32d4ceb6a54eaff382e1edfe6f52c3e

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
10KB

MD5
630ea05784303fa38a243d2cbe5f7620

SHA1
512cbfd427942b87a54e28138b33b841499b13fa

SHA256
bc91ddccdf37bfa5174be94b3011416840da594b5c77de8f70f112085bbc11cc

SHA512
dd6b10ae2b6bfa81a866cdbfd69ccd13db1d34a325107ef83c20da78de3312684060635285e7480601cad61a96cd6729fcd6bc66661ff6ff6dfcf329659fba7a

Download Submit
C:\Users\Admin\Downloads\anigame_fusion-main.zip

Filesize
15KB

MD5
82fe42b8020335eba880ff95f0953d28

SHA1
9006c8e21de3e2e36da2971dd77ecd393bd1eae1

SHA256
e38d77b4030231329782a8ca21fbf32d83626342658fb9cb7a2161e3caa93e79

SHA512
f146af673860b578b6e312fdc5ba2a9dfdf3d29ae490abdec157e87e6bfb8555e11f98add7bf095257edeeaa96afe36ad23bb0ec5267544975bb6304687f3f5a

Download Submit