Analysis Overview
SHA256
bba9ee471147935cf964828b3b3c34baa045207b4fbe1c96743943f8cf71375c
Threat Level: Likely malicious
The file Solara-main (2).zip was found to be: Likely malicious.
Malicious Activity Summary
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Themida packer
Checks BIOS information in registry
Loads dropped DLL
Executes dropped EXE
Checks whether UAC is enabled
Legitimate hosting services abused for malware hosting/C2
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Windows directory
Unsigned PE
Enumerates physical storage devices
Command and Scripting Interpreter: JavaScript
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Checks SCSI registry key(s)
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-10 21:48
Signatures
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral29
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:46
Platform
win10-20240404-en
Max time kernel
611s
Max time network
1605s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\es-errors\eval.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.15.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
Files
Analysis: behavioral9
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:39
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1602s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\cookie\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 138.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral10
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:39
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1604s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\cookie\index.js
Network
| Country | Destination | Domain | Proto |
| US | 52.111.227.14:443 | tcp | |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral15
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:41
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\debug\src\debug.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 34.197.79.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.110.63.41.in-addr.arpa | udp |
Files
Analysis: behavioral18
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:41
Platform
win10-20240404-en
Max time kernel
517s
Max time network
1588s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\debug\src\node.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.110.63.41.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
Files
Analysis: behavioral23
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:42
Platform
win10-20240404-en
Max time kernel
872s
Max time network
1600s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\ee-first\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.15.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.110.63.41.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
Files
Analysis: behavioral24
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:42
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1576s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\ee-first\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.17.178.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral27
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:43
Platform
win10-20240404-en
Max time kernel
524s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\es-define-property\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.16.208.104.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:36
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1588s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\content-disposition\README.js
Network
| Country | Destination | Domain | Proto |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.73.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:36
Platform
win10-20240404-en
Max time kernel
486s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\content-type\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.73.42.20.in-addr.arpa | udp |
| US | 138.91.171.81:80 | tcp | |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral11
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:39
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1596s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\debug\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral17
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:41
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1596s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\debug\src\inspector-log.js
Network
| Country | Destination | Domain | Proto |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral28
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:46
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1582s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\es-define-property\test\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.64.52.20.in-addr.arpa | udp |
Files
Analysis: behavioral31
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:50
Platform
win10-20240404-en
Max time kernel
1796s
Max time network
1580s
Command Line
Signatures
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Loads dropped DLL
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Enumerates physical storage devices
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Solara-main\Files\SolaraBootstrapper.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Solara-main\Files\SolaraBootstrapper.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1340 wrote to memory of 4788 | N/A | C:\Users\Admin\AppData\Local\Temp\Solara-main\Files\SolaraBootstrapper.exe | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe |
| PID 1340 wrote to memory of 4788 | N/A | C:\Users\Admin\AppData\Local\Temp\Solara-main\Files\SolaraBootstrapper.exe | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\Solara-main\Files\SolaraBootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\Solara-main\Files\SolaraBootstrapper.exe"
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
"C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:51256 | tcp | |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.143.182.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:51333 | tcp | |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:51396 | tcp | |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:51459 | tcp | |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:51522 | tcp | |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:51585 | tcp |
Files
memory/1340-0-0x00000000733CE000-0x00000000733CF000-memory.dmp
memory/1340-1-0x0000000000A70000-0x0000000000A7A000-memory.dmp
memory/1340-2-0x0000000002CE0000-0x0000000002CEA000-memory.dmp
memory/1340-3-0x00000000733C0000-0x0000000073AAE000-memory.dmp
memory/1340-5-0x0000000005C10000-0x0000000005C22000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\get-intrinsic\.nycrc
| MD5 | d0104f79f0b4f03bbcd3b287fa04cf8c |
| SHA1 | 54f9d7adf8943cb07f821435bb269eb4ba40ccc2 |
| SHA256 | 997785c50b0773e5e18bf15550fbf57823c634fefe623cd37b3c83696402ad0a |
| SHA512 | daf9b5445cfc02397f398adfa0258f2489b70699dfec6ca7e5b85afe5671fdcabe59edee332f718f5e5778feb1e301778dffe93bb28c1c0914f669659bad39c6 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\hasown\.nycrc
| MD5 | c2ab942102236f987048d0d84d73d960 |
| SHA1 | 95462172699187ac02eaec6074024b26e6d71cff |
| SHA256 | 948366fea3b423a46366326d0bb2e54b08abd1cf0b243678ba6625740c40da5a |
| SHA512 | e36b20c16ceeb090750f3865efc8d7fd983ae4e8b41c30cc3865d2fd4925bf5902627e1f1ed46c0ff2453f076ef9de34be899ef57754b29cd158440071318479 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\has-proto\.eslintrc
| MD5 | c28b0fe9be6e306cc2ad30fe00e3db10 |
| SHA1 | af79c81bd61c9a937fca18425dd84cdf8317c8b9 |
| SHA256 | 0694050195fc694c5846b0a2a66b437ac775da988f0a779c55fb892597f7f641 |
| SHA512 | e3eca17804522ffa4f41e836e76e397a310a20e8261a38115b67e8b644444153039d04198fb470f45be2997d2c7a72b15bd4771a02c741b3cbc072ea6ef432e9 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\vary\LICENSE
| MD5 | 13babc4f212ce635d68da544339c962b |
| SHA1 | 4881ad2ec8eb2470a7049421047c6d076f48f1de |
| SHA256 | bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400 |
| SHA512 | 40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
| MD5 | f8f4522d11178a26e97e2046f249dfa7 |
| SHA1 | 8b591d9a37716e235260fb6b3f601e4ccbebf15d |
| SHA256 | 3c372a8919c28dc76414b2f30da423c3e1018b1a8444527949ce20cc3fc93ed0 |
| SHA512 | 52ea881cad501cf1d5e8ac47355e862ac1bd39cb6e1ff3d362d392b6f2d676e74878832505d17a552aaa3bc8f3977da11fa3f9903722eedd23716fb46ddb7492 |
memory/4788-1465-0x00007FFAA4D43000-0x00007FFAA4D44000-memory.dmp
memory/4788-1466-0x00000292B7580000-0x00000292B759A000-memory.dmp
memory/1340-1467-0x00000000733C0000-0x0000000073AAE000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Wpf.Ui.dll
| MD5 | aead90ab96e2853f59be27c4ec1e4853 |
| SHA1 | 43cdedde26488d3209e17efff9a51e1f944eb35f |
| SHA256 | 46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed |
| SHA512 | f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d |
memory/4788-1469-0x00007FFAA4D40000-0x00007FFAA572C000-memory.dmp
memory/4788-1470-0x00000292D20F0000-0x00000292D262C000-memory.dmp
memory/4788-1471-0x00000292D1C70000-0x00000292D1D28000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Core.dll
| MD5 | 851fee9a41856b588847cf8272645f58 |
| SHA1 | ee185a1ff257c86eb19d30a191bf0695d5ac72a1 |
| SHA256 | 5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca |
| SHA512 | cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f |
memory/4788-1473-0x00000292D1D30000-0x00000292D1DAE000-memory.dmp
memory/4788-1475-0x00000292D1B70000-0x00000292D1B7E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Wpf.dll
| MD5 | 34ec990ed346ec6a4f14841b12280c20 |
| SHA1 | 6587164274a1ae7f47bdb9d71d066b83241576f0 |
| SHA256 | 1e987b22cd011e4396a0805c73539586b67df172df75e3dded16a77d31850409 |
| SHA512 | b565015ca4b11b79ecbc8127f1fd40c986948050f1caefdd371d34ed2136af0aabf100863dc6fd16d67e3751d44ee13835ea9bf981ac0238165749c4987d1ae0 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\WebView2Loader.dll
| MD5 | a0bd0d1a66e7c7f1d97aedecdafb933f |
| SHA1 | dd109ac34beb8289030e4ec0a026297b793f64a3 |
| SHA256 | 79d7e45f8631e8d2541d01bfb5a49a3a090be72b3d465389a2d684680fee2e36 |
| SHA512 | 2a50ae5c7234a44b29f82ebc2e3cfed37bf69294eb00b2dc8905c61259975b2f3a059c67aeab862f002752454d195f7191d9b82b056f6ef22d6e1b0bb3673d50 |
memory/4788-1478-0x00007FFAA4D40000-0x00007FFAA572C000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.dll
| MD5 | 987175c463ec9a5e76bab033cea9d859 |
| SHA1 | ceed36975f4583a34c26150e045a97f5f019e769 |
| SHA256 | 24fca8dd76effd975d230f55eb107e1be6c03d658410274fe6340a2b3ec9075c |
| SHA512 | 9851d254fef3fdfcd7b188893a9a547ed3f08eee82a72c273f13beb7d075beecd32e3c5c51f9e3135d7060fca71a2bf79dbdbb1a136549a9e408a6214feaa000 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\libcurl.dll
| MD5 | e31f5136d91bad0fcbce053aac798a30 |
| SHA1 | ee785d2546aec4803bcae08cdebfd5d168c42337 |
| SHA256 | ee94e2201870536522047e6d7fe7b903a63cd2e13e20c8fffc86d0e95361e671 |
| SHA512 | a1543eb1d10d25efb44f9eaa0673c82bfac5173055d04c0f3be4792984635a7c774df57a8e289f840627754a4e595b855d299070d469e0f1e637c3f35274abe6 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\VCRUNTIME140.dll
| MD5 | 7a2b8cfcd543f6e4ebca43162b67d610 |
| SHA1 | c1c45a326249bf0ccd2be2fbd412f1a62fb67024 |
| SHA256 | 7d7ca28235fba5603a7f40514a552ac7efaa67a5d5792bb06273916aa8565c5f |
| SHA512 | e38304fb9c5af855c1134f542adf72cde159fab64385533eafa5bb6e374f19b5a29c0cb5516fc5da5c0b5ac47c2f6420792e0ac8ddff11e749832a7b7f3eb5c8 |
memory/4788-1487-0x0000000180000000-0x0000000180E54000-memory.dmp
\Users\Admin\AppData\Local\Temp\Solara.Dir\zlib1.dll
| MD5 | 75365924730b0b2c1a6ee9028ef07685 |
| SHA1 | a10687c37deb2ce5422140b541a64ac15534250f |
| SHA256 | 945e7f5d09938b7769a4e68f4ef01406e5af9f40db952cba05ddb3431dd1911b |
| SHA512 | c1e31c18903e657203ae847c9af601b1eb38efa95cb5fa7c1b75f84a2cba9023d08f1315c9bb2d59b53256dfdb3bac89930252138475491b21749471adc129a1 |
memory/4788-1488-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1490-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1489-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\bin\path.txt
| MD5 | f5dded5b39ba125ea8835206bca22024 |
| SHA1 | 6cb4116554cbfa0002214a0d8d01481fcfa5f8e1 |
| SHA256 | 1a45ffff07247ec22a7009b946c71334bb6686f0142aae41c758267cf7c7a7a3 |
| SHA512 | cadf474cb8424c267324475706c3d95f36985c056ad460fb8c78a756f2d8ecb4287be2a411b7f48c80db222b11a2dc35d5addaf254403f70afb8845e994a7726 |
memory/4788-1492-0x00000292D69A0000-0x00000292D69A8000-memory.dmp
memory/4788-1493-0x00000292D6BB0000-0x00000292D6BE8000-memory.dmp
memory/4788-1494-0x00000292D6DB0000-0x00000292D6DBE000-memory.dmp
memory/4788-1496-0x00007FFAB4B20000-0x00007FFAB4B44000-memory.dmp
memory/4788-1495-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1499-0x00007FFAA4D43000-0x00007FFAA4D44000-memory.dmp
memory/4788-1497-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1500-0x00007FFAA4D40000-0x00007FFAA572C000-memory.dmp
memory/4788-1501-0x00007FFAA4D40000-0x00007FFAA572C000-memory.dmp
memory/4788-1502-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1503-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1505-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1507-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1509-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1511-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1513-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1515-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1517-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1519-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1521-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1523-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1525-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1527-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1529-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1531-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1533-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1535-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1537-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1539-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1541-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1543-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1545-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1547-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1549-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1551-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1553-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1555-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/4788-1557-0x0000000180000000-0x0000000180E54000-memory.dmp
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:18
Platform
win10-20240404-en
Max time kernel
1801s
Max time network
1807s
Command Line
Signatures
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\rescache\_merged\4183903823\2290032291.pri | C:\Windows\system32\taskmgr.exe | N/A |
| File created | C:\Windows\rescache\_merged\1601268389\715946058.pri | C:\Windows\system32\taskmgr.exe | N/A |
Command and Scripting Interpreter: JavaScript
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133625297324202768" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\call-bind\test\callBound.js
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff967049758,0x7ff967049768,0x7ff967049778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1816 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2092 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3008 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4476 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4512 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4724 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4868 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5012 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4796 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4800 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5328 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5840 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5208 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5820 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3048 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4752 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6176 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6328 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6200 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6396 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6300 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6728 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=6828 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6872 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Temp\Temp1_Solara-main.zip\Solara-main\Files\SolaraBootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Solara-main.zip\Solara-main\Files\SolaraBootstrapper.exe"
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
"C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4388 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6076 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3048 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6924 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3216 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1500 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5444 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=2248 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6204 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=5744 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3216 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 --field-trial-handle=1880,i,10315407201461375504,17998767276393990301,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.200.35:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 240.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| GB | 142.250.200.35:443 | id.google.com | udp |
| US | 8.8.8.8:53 | gofile-co-uk.webpkgcache.com | udp |
| GB | 216.58.212.225:443 | gofile-co-uk.webpkgcache.com | tcp |
| GB | 216.58.212.225:443 | gofile-co-uk.webpkgcache.com | udp |
| US | 8.8.8.8:53 | 225.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gofile.io | udp |
| FR | 51.38.43.18:443 | gofile.io | tcp |
| US | 8.8.8.8:53 | 18.43.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.gofile.io | udp |
| FR | 151.80.29.83:443 | api.gofile.io | tcp |
| US | 8.8.8.8:53 | 83.29.80.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.gofile.io | udp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| US | 8.8.8.8:53 | 210.242.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:50213 | tcp | |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.69.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.143.182.52.in-addr.arpa | udp |
| FR | 151.80.29.83:443 | api.gofile.io | tcp |
| US | 8.8.8.8:53 | store9.gofile.io | udp |
| US | 8.8.8.8:53 | store3.gofile.io | udp |
| US | 8.8.8.8:53 | store1.gofile.io | udp |
| US | 8.8.8.8:53 | store10.gofile.io | udp |
| US | 206.168.190.239:443 | store9.gofile.io | tcp |
| FR | 31.14.70.252:443 | store10.gofile.io | tcp |
| FR | 45.112.123.227:443 | store1.gofile.io | tcp |
| US | 136.175.10.233:443 | store3.gofile.io | tcp |
| US | 8.8.8.8:53 | 252.70.14.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.123.112.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.190.168.206.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.10.175.136.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | mail.google.com | udp |
| GB | 142.250.187.229:443 | mail.google.com | tcp |
| GB | 142.250.187.229:443 | mail.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 229.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 216.58.212.241:443 | csp.withgoogle.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 241.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 142.250.187.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | lh3.google.com | udp |
| GB | 172.217.16.238:443 | lh3.google.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | ogads-pa.clients6.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | waa-pa.clients6.google.com | udp |
| GB | 142.250.187.202:443 | ogads-pa.clients6.google.com | tcp |
| GB | 216.58.213.10:443 | waa-pa.clients6.google.com | tcp |
| GB | 142.250.187.202:443 | ogads-pa.clients6.google.com | udp |
| GB | 216.58.213.10:443 | waa-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| GB | 216.58.213.10:443 | waa-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | addons-pa.clients6.google.com | udp |
| GB | 172.217.16.234:443 | addons-pa.clients6.google.com | tcp |
| GB | 172.217.16.234:443 | addons-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| US | 8.8.8.8:53 | signaler-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | mail-ads.google.com | udp |
| GB | 172.217.16.229:443 | mail-ads.google.com | tcp |
| US | 8.8.8.8:53 | peoplestackwebexperiments-pa.clients6.google.com | udp |
| GB | 172.217.16.229:443 | mail-ads.google.com | tcp |
| GB | 142.250.200.42:443 | peoplestackwebexperiments-pa.clients6.google.com | tcp |
| US | 8.8.8.8:53 | people-pa.clients6.google.com | udp |
| GB | 142.250.200.42:443 | peoplestackwebexperiments-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | contacts.google.com | udp |
| GB | 142.250.200.14:443 | contacts.google.com | tcp |
| US | 8.8.8.8:53 | 229.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | taskassist-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | subscriptionsfirstparty-pa.clients6.google.com | udp |
| GB | 142.250.179.234:443 | subscriptionsfirstparty-pa.clients6.google.com | tcp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| GB | 142.250.187.229:443 | mail.google.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| SG | 74.125.130.94:443 | beacons2.gvt2.com | tcp |
| SG | 74.125.130.94:443 | beacons2.gvt2.com | tcp |
| SG | 74.125.130.94:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | 94.130.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.187.238:443 | ogs.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| N/A | 127.0.0.1:51500 | tcp | |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gvt2.com | tcp |
| US | 192.178.49.195:443 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 195.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | waa-pa.clients6.google.com | udp |
| GB | 142.250.179.234:443 | waa-pa.clients6.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | signaler-pa.clients6.google.com | udp |
| GB | 142.250.178.10:443 | signaler-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| GB | 142.250.178.10:443 | signaler-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.178.10:443 | signaler-pa.clients6.google.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| N/A | 127.0.0.1:51621 | tcp | |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| GB | 142.250.178.10:443 | signaler-pa.clients6.google.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.178.10:443 | signaler-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | waa-pa.clients6.google.com | udp |
| GB | 142.250.187.202:443 | waa-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | signaler-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| N/A | 127.0.0.1:51740 | tcp | |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | waa-pa.clients6.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.200.42:443 | waa-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | signaler-pa.clients6.google.com | udp |
| GB | 142.250.178.10:443 | signaler-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.10:443 | signaler-pa.clients6.google.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.178.10:443 | signaler-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | mail.google.com | udp |
| GB | 142.250.187.229:443 | mail.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.178.10:443 | signaler-pa.clients6.google.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:51854 | tcp | |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.178.10:443 | signaler-pa.clients6.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.213.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | waa-pa.clients6.google.com | udp |
| GB | 142.250.179.234:443 | waa-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | udp |
| US | 192.178.49.195:443 | beacons.gvt2.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | signaler-pa.clients6.google.com | udp |
| GB | 142.250.179.234:443 | signaler-pa.clients6.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.179.234:443 | signaler-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| DE | 142.250.181.195:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | 195.181.250.142.in-addr.arpa | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| DE | 142.250.181.195:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:51973 | tcp | |
| GB | 142.250.179.234:443 | signaler-pa.clients6.google.com | udp |
| GB | 142.250.179.234:443 | signaler-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | waa-pa.clients6.google.com | udp |
| GB | 142.250.200.10:443 | waa-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | signaler-pa.clients6.google.com | udp |
| GB | 216.58.212.234:443 | signaler-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| GB | 216.58.212.234:443 | signaler-pa.clients6.google.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
Files
\??\pipe\crashpad_4632_WUGAZOHPZNOWPNXM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ee7b1816b7184dd69091ab6f0e9ab730 |
| SHA1 | 14a2f605fad8fc0c4630fb34932b60c19b15e029 |
| SHA256 | 4703f4f157f063726e8873f13f21ad26257e0edf615256cc4277956d79286ad3 |
| SHA512 | bcff943784369db11261efbb13419f89ae2547af272cfb9bc042ff2f6341195f3aea100b6cc110734cd68bd1edae3fb592161b7a229cba8c0c15a70557e020dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5f9752e4701d139ab242f6bdf6948b25 |
| SHA1 | e76ccaa4db4242c232d02d9e8c2b307a6c2adca2 |
| SHA256 | 5740351772c55183c08a90a5a0f87009e6ec2a3ccdd4304a19e2496fc1f2a905 |
| SHA512 | 9d29c270cf995e80592939d9fa4caa87360fb3b05d27f0ead7b08f6f8456a934d820f61c04ce597b1f172abfcf4098eee8b4fb45d986338a718bf7837afbe185 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 86b88e5bf972e5b609b5b5ac3350b9a0 |
| SHA1 | a512a5d01f60339e8013e315b5704e4ae44459bb |
| SHA256 | 0c1724e6f981bbffe1bc72702c9b4e2c16e082aa8893289ad8174e43dcd0e568 |
| SHA512 | e1efdc6084fb0da31ccf64171272051fac6ca7a8674332105540344b75b3b37f719f43c02934aaa46d9b1b30b0d52d5d88daef3a85937489bd73e170797b68ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ccb0dd28177383a49e7fd2c5b8a3bac0 |
| SHA1 | 7e92f46dd56fd59ed180e2de9be94f4323aa74ee |
| SHA256 | 29cf15421f36fa5bb17527611377bae317976087a4d210f1531d25033773fcc0 |
| SHA512 | 30e648c87e802cdb1b524ee836efd5d3a88d2a599e86f39672193f82091dd85103c26a4eb3bdabde063f2a5790606bbc50ba935b7097e60762d095574c7d9177 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b500404aec2271c672c612890ab78c21 |
| SHA1 | c76e71558f0002b5f1c646bcd7a8c89eaa4f7316 |
| SHA256 | 8af16e6d087b0441a4a6e4f0ff65dee0ed41f4f1101ac8b510d68350ef2aa84b |
| SHA512 | 51505b0b5365206ef4bdc9aa1f0b5bf89150ec06376cb5152528a6858262448d699a5f9bfcde79efffb6cd0ed956311ff6e334928f67479940d763734dc020a5 |
C:\Users\Admin\Downloads\Solara-main.zip.crdownload
| MD5 | 6b1d4d347523de7994c30aafa136b758 |
| SHA1 | a900b7520ffabcd764293f15f0a31b5acf501368 |
| SHA256 | bba9ee471147935cf964828b3b3c34baa045207b4fbe1c96743943f8cf71375c |
| SHA512 | e2c7d690856371c378827a986e80fc9c5cca951d1d8df7ab18956140f97b4bb7c255dac4c0da8b8f73a67c7572f15ac5cb0398054d9448febb36de61404aa5aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c664977c371f05ae78b2c19597f54bdc |
| SHA1 | e482f071e7c5a29f61ff5d37b3a71f38f85b7974 |
| SHA256 | 47b6003ae5712fc4d1fa0a24212791008c414c07b7b78434c0844e8a0706330b |
| SHA512 | 9bb897ba4ba5bbfc22b2e518c96cf0e8aece89e13009ac33be0083d961315b07dbd73eed83e29a73d4200161e97a5d150d214e936bb0c7d7b2695c12a7ecaa70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 476e76255b17674cd908377b0a213e88 |
| SHA1 | db741077d1a18d06b80e792e0410a285f5b66e23 |
| SHA256 | f06100a0c7c4529d44c73aeba68cddddd1fd0041dd10dc5bf7823cdbfb0c90e8 |
| SHA512 | 4c2372705d34be05ad570d42fe575cceba23bdaff2106b9db3835cc4e834b2aa226d669ae3f1a66f91738b26694ef089e248fad5cfdabfd78421a6cf7d810a0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e99699612ed02bf27cb7e8adfe9c86f0 |
| SHA1 | 551315652b0089a61cdef3134022e0eaf05533b3 |
| SHA256 | 000e86f7a1bcbf9c79d14b92a265f5cde51a47475cc9f44203c83758276bf9bc |
| SHA512 | bd0cef647d82fad3504c206ae58dd0757c3ddd4bc70b1dec438e7ba03797448fd9e9dae0b8700fede133520c01f379b2bb06b73eb97597916474ee41e98b7ff9 |
memory/4964-349-0x00000000007D0000-0x00000000007DA000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58d79e.TMP
| MD5 | a999d87533d91c4a1f02c9e9f90bbdfb |
| SHA1 | 425c75fa35c8a87ccd1c5494edad3419a6ffc544 |
| SHA256 | 775ada7eef7cf78e270e519a6f485157d62f1d08417ee0af8939973ee0e37013 |
| SHA512 | 04d6ef18de1b8087a73a83104df4d3631c8eead80e73ec8a59a79de2d7a91acfcea12c135d0233a74561a63e8a644a04d3138604e0974860c945b57b06542da8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 48b8e976f804e0de2d041d91577ec8a9 |
| SHA1 | 4131e8a1cd86812293f1a538a1479ef8f3093366 |
| SHA256 | e48a188ad1a1231c568ed650985305bca96e6a26013c2db4527b65ab635f6538 |
| SHA512 | 4e755684322540bf50a76f25225cde7cd6c944be82caa78e8d9f711d5c9d3bbe6264b17d252048e016a1e32e2bba74e9cb79b7959c46c964e3c1286b92895699 |
memory/2304-361-0x00000187F53F0000-0x00000187F540A000-memory.dmp
memory/2304-362-0x00000187F7F30000-0x00000187F846C000-memory.dmp
memory/2304-363-0x00000187F7B70000-0x00000187F7C28000-memory.dmp
memory/2304-364-0x00000187F7AB0000-0x00000187F7B2E000-memory.dmp
memory/2304-365-0x00000187F7950000-0x00000187F795E000-memory.dmp
memory/2304-366-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-369-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-370-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\bin\path.txt
| MD5 | cb160de810bf28a6d8c093b4d2896cc1 |
| SHA1 | 1717c160e3e500a3a4b6440e5b437c6baa8e36fe |
| SHA256 | 6d821feaceabbbd4407dcf4cce233d34d89a4fb1b8b808d74a99a325eb6d2b44 |
| SHA512 | bfc42c3200d3186d605fe77f29bb5a0696fe10ddbda7609c5f1f1008ba35ee061dc92b3a5494ba3cde94da6e4fafc8e352f9a5e523cc8ce1088bb4d3ccb536ac |
memory/2304-368-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-372-0x00000187F7EF0000-0x00000187F7EF8000-memory.dmp
memory/2304-373-0x00000187FCA10000-0x00000187FCA48000-memory.dmp
memory/2304-374-0x00000187FCC20000-0x00000187FCC2E000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8fa120e6000b1741f5e00c97cb9fc1cd |
| SHA1 | 9307a6626cfd75675efe921bc801e4a4575a9aec |
| SHA256 | 570883cc4908b4e68517698409e7740674c8d16da84b8df2b8b0512290a00839 |
| SHA512 | b3629910164a513939bb0031890605193bc964b7a19abd5e21f707868b7e84367cbc662ec0fb5979b8a89488b41cf463a3b33096ed01a7d91f01258313d26f7b |
memory/2304-381-0x00007FF968240000-0x00007FF968264000-memory.dmp
memory/2304-380-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7c0cc1e9ff69d5fd3e069f6a3e115ac7 |
| SHA1 | 58b52706f97d87f018e48d9b54a55f6b818bf3f7 |
| SHA256 | 734056bd9cfb346657bc277fbe8db7ce145669ce22fe15e7249de54b1f0c06f6 |
| SHA512 | 3d46d32a524aa45c41225decd44394bc0021430940d899a55ad3de3f8b8ebd67203f2f2adb754d6fcc8da43afebd6d0aae077d0025ece9e387dc74d8b3dfaefb |
memory/2304-403-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-405-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-406-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-409-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-411-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-413-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-417-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 744e9423abe94da3fe89215592557a5f |
| SHA1 | fbc97c9d87e162ee9506062d7b81e66257350db0 |
| SHA256 | 91d4417385bfd3327c8ea2f9c648e78914f548f070d00e540c65d7a8db1539c0 |
| SHA512 | ba27107680af0c29e9ba163a05ce3aeba2534585a980677887e015b145592d165b72a26a5f99b5f1f93322c2a26f231f82b1ab3e65aed7c63a27e2dbbb2544cc |
memory/2304-429-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a268abb7e7038bd5bc44fd75ddce524c |
| SHA1 | c032aa3769c5c9dcc34818cd061410edc0408c07 |
| SHA256 | 85ad60feecbb6f91f90adfd9d833eec8b0f945d98743562961b9d1464a60d2ab |
| SHA512 | 59c8521faddd5050d092ea18ab8b07108bb2124dc8c0ded2829fc57a2f67d94c6eb1e248c6e664bae04ca16b4c6588abe40ac1a6d91915ec9170bed173de2ac4 |
memory/2304-440-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003
| MD5 | fac49e161e404a2a94033d91245077d8 |
| SHA1 | fcdd095a60d94e7fedb86bf29c784007b4d7e9c7 |
| SHA256 | 782fae8642551618ba67e354c7335e274ffeb931ca0c02698e5cd8ca5931a349 |
| SHA512 | 0a3e34ab9bc45b40f7c2b2c26896ced8869a78992e1a8fae4d0dffd7815216a0168c19661de536b6174f168f88563185ed87929c04a7d8238250960bcf562bb2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004
| MD5 | aa12ea792026e66caab5841d4d0b9bab |
| SHA1 | 47beeba1239050999e8c98ded40f02ce82a78d3f |
| SHA256 | 65fe153a832452e97f5d484440a7047e314d3a83cb61ad2508fed48a820e1de1 |
| SHA512 | 0b2b1bb8851c60c9d4ab1d039b990a4de5799c97c50b45f64e36a21849c14e785f69196f674ac225b1419d7f501338054074cab6203d041361a4fa1ed8802b27 |
memory/2304-539-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8fc2e249edb47428d88cc3368e68bf05 |
| SHA1 | 0f972f10f2093c226c6c290d72086d75df8ec269 |
| SHA256 | d46f580935aeb42b45c5c23d74dba87e7fdb4ae481f81c20def8e9be01f04165 |
| SHA512 | ec67d90a060a50e636a1e228a6f477c15893d19c0fcb27b4737d5d044a4c1952ff3dbaef2b2177e9bb9c88231d134ed61d40113582b2b3d3ce3213c62b8f2bcc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3b15ebc25fda08983eee9b76a261992d |
| SHA1 | 1e23d0a8b452da63067be5b764c9e5e214869869 |
| SHA256 | 6e983dc801568e0d30ca92e216a24d1f4fc4ba12a3ba3d2a2bbf049cba94ac2f |
| SHA512 | a8cf31c587c183596f174fcfa304f17843fc962fe4c5f07d56d890160e9c67de3eba16f7215078d3ccaeb0ccee19fae3a7456533861deec90351229415466b75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bea372ab1bb37f2e794ae0b9c65bc655 |
| SHA1 | e9d1df65ca0a985b08aaacf954886572fc81dc60 |
| SHA256 | baf7bffbc4d740ff9703e15d44d1c9f7c27b38e386345c976cb9344d02ff86b7 |
| SHA512 | 8309ec0d9dece06453c21cd7b2a3a8e76394f7cf4aa246b9853e6f847ecbf5c4a751d4abe60e57dc6f9649b467209358f61f8a5c44fc91121c88fb363e7ff9f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 93d2a4113f9870889eb313e0fbdf85b5 |
| SHA1 | 45c4310cd94127d635f26c6640d39cbf179c9185 |
| SHA256 | fbe8f1242d658cc90aaff03919d812380d4418b2dc7e0e8a7530696053ffc4d3 |
| SHA512 | d226bed0bbc1b173f4545f96afc6402b1c6b0cf8ef72256cd370a6ba0b6664b9f5c1bd67cff89b88c7be5fc2acd9dc3ff44214602dd2fbd9f8a8b1aa0d2be54f |
memory/2304-589-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5afd776c1fac3121e36b676be9ab05bd |
| SHA1 | 0aae3bcc149afcfd7b9993ea2ff417b449eca95c |
| SHA256 | 9ff86b9259debbb8a34c7c7976a5d40c473f1a9ff313a6c9ee10dc7fd3b1c9ec |
| SHA512 | 946afd008a55f771b5fa482ea48905e7184df447b1817d9f7b1adade3ee13ec96f9cf0ded1dccb7b87ae652e638ef2b3cd4cea725dba772f561ebffd95ee41cd |
memory/2304-658-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4632_1560041193\Icons\128.png
| MD5 | 3c32acef7f02a6b39f1225a25f0c5b6f |
| SHA1 | 01d6dab09e215c282e4b938110088edc4ef1aed4 |
| SHA256 | 3049129afe676d733813472acdb588247fbe1a52ea03f5d71780233e0693b33a |
| SHA512 | 69378979b736f6b2a023480d45450b4f4b3c9127cbd0f421cda1dd0e90e4691fbdeac92fe161c3b4e758777909f84658f47eab2cda35dde06e52c5c26423d8c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041
| MD5 | f61f0d4d0f968d5bba39a84c76277e1a |
| SHA1 | aa3693ea140eca418b4b2a30f6a68f6f43b4beb2 |
| SHA256 | 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc |
| SHA512 | 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d71b6163967ce8607f3a456087f9ef23 |
| SHA1 | 98801ed6cf35a62182b870f14f4079080b68d95b |
| SHA256 | e22abeab176b2906e30ec3fcc210fe4c54c9dd111ae86c89c6a4b66053ff0bb3 |
| SHA512 | 802970088d65f8c3110a427b4d3555fffc12b71cd4c5226dbe40c69ac415a360736cd33e691e8b9f98bf678b2897159f4f661eaca4583027387182b9892c2ab5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 93380ce48b61ec1516487a67715bdbb4 |
| SHA1 | 49d5253d9763af9381ed473bdae864f1d27b8a33 |
| SHA256 | 5cd303340965f21992572a57810691ce73d7d47fe73fbf60a8861c178e451774 |
| SHA512 | 21c2d2945de3e9bf0375cafd1727e62126c66a39a62718e5c5a3595cc15f5dcabe7979fc2c169bffa3a05b5e79277fc6722d580e6f3207e0ed6cc2106f466d5c |
memory/2304-773-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mail.google.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt
| MD5 | 225d4e49f60a7247d7425b90b52aba55 |
| SHA1 | f07455d854957c8196c59dc78e3e70382a907586 |
| SHA256 | 1b085f28d382b4381cabf3c4d56083b6ba254cc4d473e82e6bdca384271cc8eb |
| SHA512 | 646617ead5d16b1d14a08e8fdaa6f34b71b08024595c6d5cc01dfb808cc2611d83d278a93ac4b8855e1c169ed06312c6aef62e7cc86645647005cfafed5f6089 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt~RFe5aeb2c.TMP
| MD5 | 017393496dcc308ba3111c7da58dcff1 |
| SHA1 | 642bd8df456b87f5cac8bf35101ac60684eac78a |
| SHA256 | 2acd878e4a39a465a616e67a2f3b2f171b7c51bb8f094655577edea9b9b6edc2 |
| SHA512 | f9ff3f1ac96d6ae30e9b608e1efffd8c489faddcd210993f26517699e3473d651544a7d3986eeb3a54e28fde23ca2f6a8dec79f8c7250ff92a26024d5ace95db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000063
| MD5 | 40cea3ae11a740496b7cae94111d57d0 |
| SHA1 | d7794af7c5b2caa9e171be44c015fc729d9a4e1a |
| SHA256 | 317fdd0b9f10708b23523a03a9fb05af227952e4a17853646b2209c65969b0a3 |
| SHA512 | 0e72decef4d8c7cdbead66e065420e15a6567a3a1bb160c6fe72217986b3de23967465c6ac2c098eb770712e977c0c56dc4c15465cd1c107280873c525427ad0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt
| MD5 | e64928be28672ec7a95f306fd86780ca |
| SHA1 | 51e0c0fde1051d27e660d9148f025bd24425463c |
| SHA256 | fd41d5fd7c68e7d9afd93c4e2e74af69fb4c9e10b42cf8c718d9dd19b58f4d23 |
| SHA512 | 71b63164e6c27e662ab2583c476d474f0f4e1028d078f9af69761a37784f9067f8e3365ed4127331ce4b2269cd3ff6015fdd402aa14a778581ac0a9f2657983f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt
| MD5 | ed90cd2bef2748a084522a6a10a977ca |
| SHA1 | 8bbed28c703d4568f28ddf186493f379df14f0a1 |
| SHA256 | 26ecb50745d41dac0166051526bfa38c30b4db9be30fb20365ef0a1d548a4a99 |
| SHA512 | 43b84809c54bf0d778e5647d9de500d7c0679e8de11076db6c3e153e8c04f2c56ec14fb2ca12873cdee3cd0277fdab9e8e8611c0922e0b176b47b3d0cbc88258 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\865fcde9-844d-4c0d-944d-77559824a05a\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
memory/2304-939-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8b8f363137cb44f254ddec098953cde6 |
| SHA1 | 5520cc435794a57426ffd42c1aa184b77cb72fb5 |
| SHA256 | 3a3607be30279903462075940c797c38aabd4b044961bd4ad1d23ca3fa3839e2 |
| SHA512 | b91ab5d8b4225e7e74dc90400154e1843df4b1c0aa791aff5303f0d1a37a9df9448bf6a2964a7164f36047a9cdf76d5e948dc0b79a0a2b74d8b551ce5dd2545d |
memory/2304-1106-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 60aa54c54d4b4ab841247b83312f8c2f |
| SHA1 | 22f61c8c9e83f9af269e27c53c930a5e82f5937a |
| SHA256 | d89c653354387c1ce2cfea7932ae0eb5f8bb98962edd3309544dd80441fdebd1 |
| SHA512 | 4ae95de485386fb48fd46dbe83d4b0c7cba86b77b7af4705300cfb1cad90cefbe2fa55ed723f21fb16b2e2892e30d797652da7f9948ed389415864d2a06ffed5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b3555.TMP
| MD5 | 33cac73cc13299b267ae168dc1601d33 |
| SHA1 | e85e0461262d037f23d4d61c60e552f71b4f5400 |
| SHA256 | 22f720bf19d592d6b380dd92c55d3d7c388c0b9c7298f91c133d0e74f674d717 |
| SHA512 | 76c56068362fd067ea9ebed299329dc16cb6128919231cc181b5104e3b6e70d615dc03fdd82e881ab84da03965cc8c60ce61c621c4a08a59f502a52cfc5383e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\68a9c35a-b16e-4c37-97c5-191837ff5105\index-dir\the-real-index~RFe5b390e.TMP
| MD5 | e1bddcee65941f4a2c3644ce0e860fce |
| SHA1 | b5655705d1ddf388d4d87ae377826c0c180782fb |
| SHA256 | 4889e3b29952e44afa2327d0c41428560b33ed160cb409ec0d8622aecf057929 |
| SHA512 | e42cfd2f5c5116c8e00bbc4a33ec505e365c2a1d73ba34e1e9b482cdbeae6993829b6ad11e6ff2ee970df21fc05827fa3afb29338d692641964632444a6565b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\68a9c35a-b16e-4c37-97c5-191837ff5105\index-dir\the-real-index
| MD5 | ae416d8fd0c395518912dedd39a2e721 |
| SHA1 | dae77f2488a57c039d76dd191ad9c290be9f2aa8 |
| SHA256 | 470ecb26d9f211431107ee85184e49302177cbe1f7699b7107899523b80847d6 |
| SHA512 | 1ba210d05a1a3e22299ad74f511975207e335a7de73944fd4e009b8dc8e17750dcda4ca8daab1cd6dce0ad7aaf389c69dbfeca18b880421d09883ded3f5bfcf4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\861eba53-8a2b-4ba0-be95-2e65033766b6\index-dir\the-real-index~RFe5b3b11.TMP
| MD5 | ee8de577f8f025e1a55ec387de66033a |
| SHA1 | 0ec897d7bc703122a7adab9ae2354bf348833adf |
| SHA256 | d8af39db9f56d4c7d5b7770cf6ec77af9cb0d68138f984d4824d69a553756a12 |
| SHA512 | b7faccac0170bbb424f6ff18a638075bb3aa95bbf70cb7ab74ffe3bce35f25d0d17f02562bf9218ab89be0d79564a3e08cd96ac6d6a4019bb6234619f9e9803b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\861eba53-8a2b-4ba0-be95-2e65033766b6\index-dir\the-real-index
| MD5 | d75a06dfc8b9d7e788214b1842eb5ee0 |
| SHA1 | 3c70853df662403393115f84241585cbb45f17ca |
| SHA256 | db2077bb1fb214470290c4b1e44f78a10cc8171b2147b948d63375a9d3e28230 |
| SHA512 | 59ab6cfa075d68b10aa044a93551f2528cdd859f29e48df540f1555b594f2699c1ffdeea3ea365eda16fac867d913c7d2bd5c924127f586fbc04cf4d178967a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\f76e416e-5889-4d37-849f-4ee2a01b7a86\index-dir\the-real-index~RFe5b3b50.TMP
| MD5 | 2a2490e7e30e9903760945373999e6fa |
| SHA1 | d29b9434151a57f6b6337aded59435f3349564ce |
| SHA256 | ec09c8469492d8c72249b447ca84c1e4fc2fa4ed7209908b4665551b997b380b |
| SHA512 | e8aa848d9cb92af3e3471c765dfcc8013f56f89e1e22bd9e3693698fd3aa189109541830f5cec2e5391cf2e1463dca81456485c0ab3bb244c3e5556de69f286d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\f76e416e-5889-4d37-849f-4ee2a01b7a86\index-dir\the-real-index
| MD5 | f779a80f22346b142c950c2fe48ef884 |
| SHA1 | 26b4150637458c3dba0854cd36ef4c5ec8185a1b |
| SHA256 | 1ecf8b2eee924569871e07d83b7d9887927831e890fa5dcca8f5144d74f0d7a8 |
| SHA512 | c47e8c9b12dce780d10b19b016172bdf3afa0aed318016daec0204dac31e19d92fc9ce0404a5eb9e4df957abb8278127e5af709b4c00d6951c1f7e511b08a6aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c073908da357dbd369ae372d1fde6e1c |
| SHA1 | d92b098d8fa3c4ce6f7aba7d7169785a9cee8fc8 |
| SHA256 | 62cce5de3ccbaa889ff3f481565915f562eda81dfd88eb5cacdd4bf9204f448f |
| SHA512 | 5efe49f47b66a4c67fe2df5713cbfba2c267734cea2b28783d3486e70b5e7b1a9cc5ed2a161115c533244946b19322099899f5f1f765c08abef0c2cde82bf30a |
memory/2304-1348-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\2a21988f-63fe-4926-9695-dbecd1a6e225.tmp
| MD5 | e879390524602b796e4ad34c57d5ef6f |
| SHA1 | 38eb0570c6480fbf11dfdcb0441a5c0963db0bf0 |
| SHA256 | 367492ced78382b8eb966060d8a507fff3e0c820261132afc667846ad91bc873 |
| SHA512 | 2908e67390ddc64adb71b42bae555e101aa601d6b990ecedd8f2147c73a3081e7b64b84f07981226870307b7a464175d7a1333104c6c168df5549b98ce4f56e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 04a9adc760ffb883b8af6e9d9ae962c0 |
| SHA1 | eeaf0c4beb6d8cd1d457d6be447c194dcb08e8e8 |
| SHA256 | 703d8d702c7bee263e2a15934be97051160edde2dfe009469cabcdc006f33a5c |
| SHA512 | e8401585055b78c039988f49e7336681b458e5f236af92f62bcb536a44526d1e8c58063396240236cdaf1d200c6b643aa00d17b4a8a0f4345a0842355ab89a05 |
memory/2304-1516-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | faf94e6a64a96ad96ea9c5813d0586af |
| SHA1 | 68d62c7e172beeda893e57d214ec5e007f99ca5a |
| SHA256 | 023cad616ce47d42c1036e5390afb178357721f0d3b281b602a8aaead19e77eb |
| SHA512 | f240312412f591ecc120f351cfe1c88a69414784bb9c7b4b5715e64f48d1a34ec6182531994fdce5a255a8654fa980f1e33ac65437215fd4e65471a601aae091 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 88e54ec88d422c185a1d1349f6d08485 |
| SHA1 | 32cf42e4ed1789441072f4f59d97f753f42904d1 |
| SHA256 | ed5b96f17fa9703e0fa46781e7501c8acc9969b62c46305750b26da430a2e3ef |
| SHA512 | b1056a27f6e3b1593df6fadb74a20f39c688259988a3200baa7132f8065e568aacd637011ddd63b8ab5428f9914a2ccbb46cfcb711ede02273cfedd8fa9359cc |
memory/2304-1538-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\865fcde9-844d-4c0d-944d-77559824a05a\index-dir\the-real-index~RFe5bb9d7.TMP
| MD5 | d357dae654995a1db8a3bdafb2e560af |
| SHA1 | 5c9b524fb06c4476f4f953f05784508b6d6b09e6 |
| SHA256 | 232e4aecc96b58ea1306ed074cfa342232467f0480af836ccd2b35e74979d6ef |
| SHA512 | a23e07d80e64fd2a925bb0c7a9733928ffe44cc64c861b1800ad48add133dc6db814e25d1193648aa12f49b71570eaa8bff38237c14c6298ff3a5b4f09e06f3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\865fcde9-844d-4c0d-944d-77559824a05a\index-dir\the-real-index
| MD5 | 3411aed96601912a7d5126b6ef6f5513 |
| SHA1 | f3f39dc174cbee85dff11994e586fea34f0c9928 |
| SHA256 | fd080d8d76472e71f16c016c7ed3f3a89e2f151307823900d8f93e1612543ea6 |
| SHA512 | 08dd1c6d771dd194fc1aedf1fcac811e6606416c9bdf9e955ddb0bc3f22a43d44ad50fc365812f93511da6fb8663d0fb810c158d8dfa170c72aee09f6abbdf9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt
| MD5 | bfb267a15fec05983884f1713c97b6d8 |
| SHA1 | d7821966ac33cad354be989610c31ff70275c67a |
| SHA256 | 944d319d56ca1a5af23f83ba4621d9d7e6d9123161629b15ab3ffda7604aae57 |
| SHA512 | 8a0d9dc87dbb53395d2904997120d51bf9d10ca4c28e78eb4a7b2cf176a537bb91c2ad8bf73b09bc0293f0af72910054f6c974cf3c49175c82855bf12179f3a4 |
memory/2304-1558-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-1560-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-1562-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-1564-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-1566-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 51410b80b4689bf8f54bbe1e2f8de160 |
| SHA1 | 3863a05d122a731a21e7ed713c2497172b9adb0a |
| SHA256 | 3e19bb5634ea212f66da9ee6463ba9dbb26d7cdf9dea4d8555652ade5386d6d4 |
| SHA512 | e3e3b5d3400cabba13736d7231088136282744213535e95dc9fbf27751f8d2a44c9761a0956fc76c2122a500bf08a215990bcba724f2af1faad917df1033be76 |
memory/2304-1577-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-1579-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-1581-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-1583-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-1589-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2ba3b95f3a3d8a6775d4857683c83a50 |
| SHA1 | a640f07763c5ea5ef34ba0bdaf0d41c1f7ec6bb2 |
| SHA256 | 2c3d61ba800663a989f9c3e02a28af357e50a48e0d873d2b81c32e8c458d3b8d |
| SHA512 | 7b5d4b7c6284fd599d954168bbf8737c70a1097cc331efb687bc301d39e93886107e94573979a72eca5ca8ea5920bfe9b5435c50285619de51186672a511dc06 |
memory/2304-1600-0x0000000180000000-0x0000000180E54000-memory.dmp
memory/2304-1602-0x0000000180000000-0x0000000180E54000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dbd12851451e5712fe3ff93ca857c956 |
| SHA1 | 609ffc2272f348fa2209a954b592dbd0e575a30e |
| SHA256 | 2a26e625aee7ae88e238abc9a4464de6f314d71cf48fe4500eb2d66cca798f40 |
| SHA512 | 034b1e7f0cd80b95b7778b44025ed2c7a48423f7dfb92078a7169e6121a78902b10dd555b5badf2b3576215a1ee78dc261db7ef6c77fbb5089fcb33e8fefd364 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 67c613618424b82cd0b9d2643904fa7c |
| SHA1 | d2af7f75c37833ac7422e290e7397b73a64a1ca0 |
| SHA256 | fc36f625617e4091648d9d2d317ca0cb48de4c916aa13b92e2da334d57d41562 |
| SHA512 | 3a90d9fdbab63bbec19716a3bca5b5e4343d4beec2f48b354170921ee2d6c98852c409767d59db30c9f034d182bb38d7076a8e2bdc882296380b8ba13f88ad12 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\882c03dc-c340-4dbc-9947-7cbc43413dbe.tmp
| MD5 | 15990a316c4bd50c29d3bfef0c9de70e |
| SHA1 | 85da4ea4f13abdb7a499cd1307cbd4f96b680137 |
| SHA256 | 3e9585f1976c7c7cd7947a0210b4d1e779003795e36c4e52f0864e6a7b5f4fee |
| SHA512 | 0cf06566f4a02f636ed5891a20b39e3e84a07328ae832813eb2158915102848f244688018c018911932d74bd0d3fe9bff58403adb0aeb188772607ca353154cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f135c5f6d8eb4449cbd08a3423192453 |
| SHA1 | d8d1988a8dcfa6d3b5fab500c5c9729f21f29e89 |
| SHA256 | de86c16ee691a89af93f985bad6716b4e4dac5f89369b14a80efca5824ae5c5b |
| SHA512 | 19edec3ee56a7bc9be03cbe30fcc4931077b1b5c071e6040a8edbeeb3de3448ac0dadd29ebcb1c26a829e8c90226cc5c02db9db8d9aeca2127c3c60dcd3880f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 12212f3d623b5b71beef59ae4a3c2f94 |
| SHA1 | c6861af9a89714ae88ae1317bb6439decdbb8304 |
| SHA256 | 7a7dbe6773e457965aedd01dbc60f091117b8c87bee59da9be7bdf10ccbeca8b |
| SHA512 | b90b5bbc56e7f480023af89b71f6ddc4127388958ab4ea545da284722e1ca7fb0ec544c692cbd32ee40d2ef24e840b4e452909b56c4d207d3eada1d1deb7d4ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ea1b9b67eda9d83bf1ca8a80de4f335b |
| SHA1 | da78b0d24276a91297abb5b1dbdf023c0abe7480 |
| SHA256 | 47bcd156f8dc9b408bf99cb8b6f777901dc302f111277a9ab3d9b075158faa80 |
| SHA512 | ea772b8a7e15b2f73f2ec57cc1b6adb6a0b779416ae1f71bec5a07974b4dad25b429c97e30710e264134578a75b1f5f4f9381e43a90a97dc52954c802f8f5bca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7cf137ee2458674adf83984ed4a6cb7e |
| SHA1 | e07c2c541a54a54211beb5b16602fa3d008ef524 |
| SHA256 | efc30fe2d73da7ccad3304aeb989ef7da47187f98bb151b13a1c938c5b2b3aa7 |
| SHA512 | 98b19f10cfd1093d4ff0601221553fd78d6a980b44eb510c13c672ffe2943bc17322ae18c60c5aa83de8958b19095d796faea87af1c44ce4c171820d4eb903f8 |
Analysis: behavioral13
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:40
Platform
win10-20240404-en
Max time kernel
495s
Max time network
1596s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\debug\node.js
Network
| Country | Destination | Domain | Proto |
| US | 52.111.229.48:443 | tcp | |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.197.79.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 48.110.63.41.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
Files
Analysis: behavioral14
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:41
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1576s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\debug\src\browser.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.253.116.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.110.63.41.in-addr.arpa | udp |
Files
Analysis: behavioral22
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:42
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1593s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\destroy\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:18
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\call-bind\test\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.73.42.20.in-addr.arpa | udp |
Files
Analysis: behavioral12
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:40
Platform
win10-20240404-en
Max time kernel
312s
Max time network
1592s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\debug\karma.conf.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral21
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:42
Platform
win10-20240404-en
Max time kernel
498s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\destroy\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
Files
Analysis: behavioral32
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:59
Platform
win10-20240404-en
Max time kernel
499s
Max time network
1588s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara-main\Storage\Drawing.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral16
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:41
Platform
win10-20240404-en
Max time kernel
377s
Max time network
1597s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\debug\src\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.110.63.41.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral19
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:41
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\depd\Readme.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:39
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\cookie-signature\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.117.168.52.in-addr.arpa | udp |
Files
Analysis: behavioral25
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:43
Platform
win10-20240404-en
Max time kernel
362s
Max time network
1613s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\encodeurl\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.10.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral26
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:43
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\encodeurl\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | f.f.f.f.d.b.b.8.0.9.8.2.0.9.0.8.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral30
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:48
Platform
win10-20240404-en
Max time kernel
615s
Max time network
1579s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\es-errors\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:36
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\content-disposition\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:36
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1596s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\content-type\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:37
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\cookie-signature\Readme.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.173.189.20.in-addr.arpa | udp |
Files
Analysis: behavioral20
Detonation Overview
Submitted
2024-06-10 21:47
Reported
2024-06-10 22:41
Platform
win10-20240404-en
Max time kernel
498s
Max time network
1593s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\depd\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.211.222.173.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |