Analysis
-
max time kernel
28s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
10-06-2024 06:26
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://linuxhandbook.com
Resource
win10v2004-20240508-en
General
-
Target
http://linuxhandbook.com
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133624749607564233" chrome.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 1476 chrome.exe 1476 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs
pid Process 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe -
Suspicious use of AdjustPrivilegeToken 54 IoCs
description pid Process Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe Token: SeShutdownPrivilege 1476 chrome.exe Token: SeCreatePagefilePrivilege 1476 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe 1476 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1476 wrote to memory of 4368 1476 chrome.exe 89 PID 1476 wrote to memory of 4368 1476 chrome.exe 89 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 2032 1476 chrome.exe 91 PID 1476 wrote to memory of 3952 1476 chrome.exe 92 PID 1476 wrote to memory of 3952 1476 chrome.exe 92 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93 PID 1476 wrote to memory of 1908 1476 chrome.exe 93
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://linuxhandbook.com1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1476 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff269cab58,0x7fff269cab68,0x7fff269cab782⤵PID:4368
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:22⤵PID:2032
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:82⤵PID:3952
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2248 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:82⤵PID:1908
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2908 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:4872
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2916 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:2336
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3532 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:2536
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4460 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:4364
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4500 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:4688
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4924 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:82⤵PID:4372
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4712 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:82⤵PID:1088
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4208 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5432
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5080 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5440
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4928 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5448
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4684 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5456
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5228 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5484
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5372 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5492
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5656 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5500
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5660 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5508
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5840 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5516
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5852 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5524
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4508 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:1692
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6564 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:5252
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6728 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:3700
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6840 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:2140
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6996 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:3872
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7188 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6200
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7196 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6208
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7364 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6328
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=7576 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6404
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7828 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6672
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7128 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6680
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7888 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6688
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7904 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6696
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7920 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6704
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7936 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6712
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6096 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6612
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7676 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6428
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7968 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6432
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=8484 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6596
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=8624 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6604
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=8784 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6348
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7148 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:12⤵PID:6356
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=984 --field-trial-handle=1900,i,17783277063838680446,14775124741640290383,131072 /prefetch:22⤵PID:3156
-
-
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"1⤵PID:3560
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4212,i,14486271492189381216,15799931579469722648,262144 --variations-seed-version --mojo-platform-channel-handle=4272 /prefetch:81⤵PID:3616
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD55f79225172898b1bd40adf4b5f2e1a2c
SHA1ec77d0ef21351076d1eb08f37fdf8c51a6805aee
SHA256b07c2d3f686d3373dc7700529851ef54acc8232668db8ef935344147a99a5f80
SHA512414548b4d732e00d228641eca8df07d202246fc9d22ffb22a44ea684ef3952c7d26eff6099b4466f730312a1913f80013600b8829e07a6b2f47a379ed09e2b55
-
Filesize
15KB
MD5a89f77de16a3f96bf69a9fc1a2046b15
SHA170b80dc4ce46cdb3fb7b78d67cb381348c1b975d
SHA256baa95104c2803c384ca972205f9ecd18e91cf3cf45d0d7335ef2f36120b02abd
SHA5121ca9bf2f4ce84d09660741e18df328ccef5f3fc7482007050b9e46d60e68b93e48304e7f25916e06c24ac2702f5de88717fa6fa6867e95fefd3e03efb20f8d26
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
1KB
MD57555d9033a8d1a6647e87f4bf8d969a1
SHA10debbaf8a36791481748d22255d5bf9e2ddef02a
SHA256865a81b2a4c7203524352803576bde13d3414bca89fb6c5ad5a0ec917f199a86
SHA512f5ab026fbb6daa4075ecbb4da0763ae63658b1e221a1302480a611d3a89beeab7030c861955c059c7b7d6d038cbbf2b442d41b6a66a6bea8536be2463d843a04
-
Filesize
5KB
MD5fed0a682f77ac480940fdddc793b7c2e
SHA12f2ff29c23526456423ce6b044c6078a7e215d3a
SHA2569307f0c8f63f6677a90f8a39cc4994e11378a1642df7f3b854eb1d46286dc270
SHA512af5718c824dc967b0d77de35ad981b697aab6850c9c8fe147b109f6294c5226b35ffe12e5d7d20d0e218fe59bf87ddc94e3e5785c89f4aa3098180f3720cc9a5
-
Filesize
7KB
MD532c3f6bc998ddb4ec8ebb3ba52563921
SHA11dc9c7ff3c34c075a3fac114f17151d4a42e63b5
SHA2563fc33d08f09055769f54d0d65e4d97f7f0eb38827deb92fa028285539bf7b9d7
SHA5121eef14bf2107ee50f31d1dac893d14a5a41783ef9346928287de18480ca875e2fdff732fb41c60bc16c4fccabccd0de784097f91e606cc44f3eb46898eec64db
-
Filesize
255KB
MD5bc62bbb5d1853ac3d22c33ba690f0290
SHA1cb8df5317bae05cc5a169c31b9e158f4f262557a
SHA2560b0dd1f4ea8125e62354315f53e41d47aafed099de6513e39a3af3b1f71f4256
SHA51210e1ecd20fa2e7a18cefade1f6a65a90743b52771573f72ec5baa1f7c33fbbf2387e0d05ccd973584f4f4a7148eb202558c715dd9469ac92cb0ec0f74c80b56a