Malware Analysis Report

2024-11-15 05:27

Sample ID 240613-b18ffataqp
Target Setup MixHead v4.0.3.exe
SHA256 e8c36d4c8b2974d7f42a0c9bdeb3213bb459f090addfe7b220384bd702ae8c8d
Tags
discovery
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

e8c36d4c8b2974d7f42a0c9bdeb3213bb459f090addfe7b220384bd702ae8c8d

Threat Level: Shows suspicious behavior

The file Setup MixHead v4.0.3.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery

Loads dropped DLL

Executes dropped EXE

Checks installed software on the system

Drops file in Program Files directory

Enumerates physical storage devices

Unsigned PE

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 01:37

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 01:37

Reported

2024-06-13 01:40

Platform

win7-20231129-en

Max time kernel

154s

Max time network

159s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe"

Signatures

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Braeden Rangno\is-85J1H.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Francois Fanelli\is-51E89.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-KHFHA.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Serban Ghenea\is-7PFEO.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-D30HM.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Orlando Ferrer\is-U5OEG.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Francois Fanelli\is-DG3HM.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lasse Lammert\is-MN191.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Alex Prieto\is-48A5F.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Richie Beretta\is-SAUFS.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Daniel Holsinger\is-1OR1M.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Ryan Harvey\is-3GE7N.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-3L9TM.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Daniel Escobar\is-OF2AD.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Romesh Dodangoda\is-DKQ44.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Chris Whited\is-Q8Q15.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-9A7Q9.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-DBQ39.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-DB3CH.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Aaron Pace\is-ET05R.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Brad Boatright\is-40I2Q.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-2UMJH.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-MRVO9.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-VBNMG.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Ari Morris\is-2H5VU.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lasse Lammert\is-TI5JC.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Francois Fanelli\is-L0UUI.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-DEC0T.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-HMI87.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Brad Boatright\is-9VDCF.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Daniel Holsinger\is-THN9B.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-VRD7V.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-AVSKK.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-LK60F.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-RVGSJ.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Mike Avenaim\is-CH2KP.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Thomas 'Plec' Johansson\is-HC9TB.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Toni d'Aquino\is-IHF7R.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lee Rouse\is-G4VL2.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Oleg 'Yorshoff' Yershov\is-2S89L.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-N3FE6.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Kevin McCombs\is-1KC3M.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lee Rouse\is-STDKG.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lee Rouse\is-DDPA5.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Romesh Dodangoda\is-C2FBS.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Daniel Holsinger\is-TUDUJ.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Orlando Ferrer\is-FSRE4.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-QGVRG.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Ari Morris\is-RLB33.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Brad Boatright\is-SIMDF.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Maor Appelbaum\is-79KNO.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Mike Monseur\is-OGULD.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Thomas 'Plec' Johansson\is-0NTLJ.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Kevin McCombs\is-L5PQU.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lee Rouse\is-PJ77E.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Francois Fanelli\is-9TKTD.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Steve DeMott\is-QN2H1.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-UN1MS.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-4PM4N.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-UGF2F.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Daniel Holsinger\is-TLAOP.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Romesh Dodangoda\is-R6FQA.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Orlando Ferrer\is-OTSE3.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Paul Spiro\is-A86SH.tmp C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2996 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp
PID 2996 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp
PID 2996 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp
PID 2996 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp
PID 2996 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp
PID 2996 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp
PID 2996 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp
PID 1948 wrote to memory of 1212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 1212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 1212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1948 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe

"C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe"

C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp

"C:\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp" /SL5="$70120,39143304,121344,C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6519758,0x7fef6519768,0x7fef6519778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1180 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1540 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2316 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2324 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1416 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1400 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3336 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3664 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3584 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13f527688,0x13f527698,0x13f5276a8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3580 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=688 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2972 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3536 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2816 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3036 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1072 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2360 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=1400 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3884 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3984 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4168 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=2476 --field-trial-handle=1248,i,8618372016553615603,17430387665195884982,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.10:443 content-autofill.googleapis.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
GB 142.250.200.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 obsproject.com udp
CA 142.4.216.103:443 obsproject.com tcp
CA 142.4.216.103:443 obsproject.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 74.125.71.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 cdn-fastly.obsproject.com udp
US 151.101.1.91:443 cdn-fastly.obsproject.com tcp
US 151.101.1.91:443 cdn-fastly.obsproject.com tcp
GB 216.58.212.195:80 www.gstatic.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 151.101.1.91:443 cdn-fastly.obsproject.com tcp
US 151.101.1.91:443 cdn-fastly.obsproject.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 151.101.1.91:443 cdn-fastly.obsproject.com tcp
US 151.101.1.91:443 cdn-fastly.obsproject.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 151.101.1.91:443 cdn-fastly.obsproject.com tcp
US 151.101.1.91:443 cdn-fastly.obsproject.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 ogs.google.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 216.58.213.3:443 ssl.gstatic.com tcp

Files

memory/2996-0-0x0000000000400000-0x0000000000428000-memory.dmp

memory/2996-2-0x0000000000401000-0x0000000000412000-memory.dmp

\Users\Admin\AppData\Local\Temp\is-OLANH.tmp\Setup MixHead v4.0.3.tmp

MD5 34acc2bdb45a9c436181426828c4cb49
SHA1 5adaa1ac822e6128b8d4b59a54d19901880452ae
SHA256 9c81817acd4982632d8c7f1df3898fca1477577738184265d735f49fc5480f07
SHA512 134ff4022571efd46f7a62e99b857ebe834e9916c786345908010f9e1fb90be226b740ddee16ae9290fe45c86be7238c4555e422abe66a461d11545e19734beb

memory/3068-9-0x0000000000400000-0x000000000052E000-memory.dmp

\Users\Admin\AppData\Local\Temp\is-H70HR.tmp\R2RINNO.dll

MD5 5df8ada84a16f5dfc24096ef90a5ce3a
SHA1 5e7e9c68119c3a0a1afc92c60674bc8714492823
SHA256 48a9c8c332fde541b571d9d522d0e37834b452f55af8cbdc341b12222e78fb5b
SHA512 661b5219c74dd6e3a8e899a1b1a3002689d148e337d7323a174519366c9548c284ee76e2faa2f9600cd483db21093ee62399f0d7403c39523c654266760191c2

\Users\Admin\AppData\Local\Temp\is-H70HR.tmp\ISSKINU.DLL

MD5 f30afccd6fafc1cad4567ada824c9358
SHA1 60a65b72f208563f90fba0da6af013a36707caa9
SHA256 e28d16fad16bca8198c47d7dd44acfd362dd6ba1654f700add8aaf2c0732622d
SHA512 59b199085ed4b59ef2b385a09d0901ff2efde7b344db1e900684a425fc2df8e2010ca73d2f2bffa547040cb1dd4c8938b175c463ccc5e39a840a19f9aa301a6c

memory/3068-16-0x0000000010000000-0x0000000010061000-memory.dmp

\Users\Admin\AppData\Local\Temp\is-H70HR.tmp\SKIN.CJSTYLES

MD5 5f87caf3f7cf63dde8e6af53bdf31289
SHA1 a2c3cc3d9d831acd797155b667db59a32000d7a8
SHA256 4731982b02b067d3f5a5a7518279a9265a49fb0f7b3f8dc3d61b82a5359d4940
SHA512 4875298d82037ef1fff1ee3c58a9059d8480274326c862729fcc56664ecb49e2692c3838948c66dc8336e4050469d831cbf1fbd79b66565ab673d2a67765109d

memory/3068-20-0x0000000075510000-0x000000007559F000-memory.dmp

memory/3068-21-0x0000000076640000-0x000000007679C000-memory.dmp

memory/3068-22-0x0000000075260000-0x0000000075300000-memory.dmp

memory/3068-23-0x00000000765A0000-0x000000007663D000-memory.dmp

memory/3068-24-0x00000000751B0000-0x0000000075207000-memory.dmp

memory/3068-26-0x00000000743E0000-0x0000000074418000-memory.dmp

memory/3068-27-0x0000000074250000-0x000000007436F000-memory.dmp

memory/3068-31-0x0000000074000000-0x00000000740F5000-memory.dmp

memory/3068-30-0x0000000074180000-0x00000000741B2000-memory.dmp

memory/3068-29-0x0000000075820000-0x000000007584A000-memory.dmp

memory/3068-28-0x00000000741C0000-0x000000007424C000-memory.dmp

memory/3068-25-0x0000000075930000-0x000000007657A000-memory.dmp

memory/3068-37-0x00000000747A0000-0x00000000747A9000-memory.dmp

memory/3068-36-0x0000000075260000-0x0000000075300000-memory.dmp

memory/3068-35-0x0000000076640000-0x000000007679C000-memory.dmp

memory/3068-34-0x0000000075510000-0x000000007559F000-memory.dmp

memory/3068-33-0x0000000010000000-0x0000000010061000-memory.dmp

memory/3068-32-0x0000000074CE0000-0x0000000074E7D000-memory.dmp

memory/3068-39-0x00000000751B0000-0x0000000075207000-memory.dmp

memory/3068-40-0x0000000075930000-0x000000007657A000-memory.dmp

memory/3068-57-0x0000000074460000-0x0000000074472000-memory.dmp

memory/3068-84-0x0000000010000000-0x0000000010061000-memory.dmp

memory/3068-83-0x0000000073F70000-0x0000000073FA6000-memory.dmp

memory/3068-82-0x0000000074CE0000-0x0000000074E7D000-memory.dmp

memory/3068-81-0x0000000074000000-0x00000000740F5000-memory.dmp

memory/3068-80-0x0000000074100000-0x0000000074139000-memory.dmp

memory/3068-79-0x0000000074180000-0x00000000741B2000-memory.dmp

memory/3068-78-0x00000000741C0000-0x000000007424C000-memory.dmp

memory/3068-77-0x0000000076880000-0x0000000076903000-memory.dmp

memory/3068-75-0x00000000751B0000-0x0000000075207000-memory.dmp

memory/3068-74-0x0000000074550000-0x00000000746EE000-memory.dmp

memory/3068-73-0x0000000074460000-0x0000000074472000-memory.dmp

memory/3068-72-0x00000000747A0000-0x00000000747A9000-memory.dmp

memory/3068-71-0x0000000075260000-0x0000000075300000-memory.dmp

memory/3068-70-0x0000000010000000-0x0000000010061000-memory.dmp

memory/3068-69-0x00000000757F0000-0x0000000075817000-memory.dmp

memory/3068-68-0x0000000074CE0000-0x0000000074E7D000-memory.dmp

memory/3068-67-0x0000000074000000-0x00000000740F5000-memory.dmp

memory/3068-66-0x0000000074100000-0x0000000074139000-memory.dmp

memory/3068-65-0x0000000074180000-0x00000000741B2000-memory.dmp

memory/3068-64-0x00000000741C0000-0x000000007424C000-memory.dmp

memory/3068-63-0x0000000076880000-0x0000000076903000-memory.dmp

memory/3068-62-0x00000000747B0000-0x00000000747C3000-memory.dmp

memory/3068-60-0x0000000075300000-0x000000007537B000-memory.dmp

memory/3068-59-0x00000000751B0000-0x0000000075207000-memory.dmp

memory/3068-58-0x0000000074550000-0x00000000746EE000-memory.dmp

memory/3068-56-0x00000000765A0000-0x000000007663D000-memory.dmp

memory/3068-55-0x0000000075260000-0x0000000075300000-memory.dmp

memory/3068-54-0x0000000075510000-0x000000007559F000-memory.dmp

memory/3068-53-0x0000000010000000-0x0000000010061000-memory.dmp

memory/3068-52-0x0000000073F70000-0x0000000073FA6000-memory.dmp

memory/3068-51-0x0000000074CE0000-0x0000000074E7D000-memory.dmp

memory/3068-50-0x0000000074000000-0x00000000740F5000-memory.dmp

memory/3068-49-0x0000000074100000-0x0000000074139000-memory.dmp

memory/3068-48-0x0000000074180000-0x00000000741B2000-memory.dmp

memory/3068-47-0x0000000074250000-0x000000007436F000-memory.dmp

memory/3068-45-0x00000000743E0000-0x0000000074418000-memory.dmp

memory/3068-46-0x00000000743C0000-0x00000000743D7000-memory.dmp

memory/3068-44-0x0000000076880000-0x0000000076903000-memory.dmp

memory/3068-41-0x0000000075300000-0x000000007537B000-memory.dmp

memory/3068-38-0x0000000074550000-0x00000000746EE000-memory.dmp

\Program Files\Make Believe Studios\MixHead\unins000.exe

MD5 b75b5c06d28a4fd3a08c95d8720b6d90
SHA1 787156cbbfe241bcdf0207bb68de32ffca34bb12
SHA256 bfd52c0b71408cf8ec1612a3a255ddbd04594942c61fbbbfb314de3bfdd59f1c
SHA512 05c9497b1c6278eab14411f7d00e9f097889476a8934ba69dc2f46b947fb3dab4e1fbdca430ff3581d23d860588499c6f1a539fb5c5fc29c35bd70b766edf63f

memory/3068-1363-0x0000000000400000-0x000000000052E000-memory.dmp

\??\pipe\crashpad_1948_XFSMAYMWKMCEZKYC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Temp\CabF557.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

MD5 6a16cbefd2e29c459297b7ccc8d366ad
SHA1 40da0213a9e5ea4cb6948f4a8e92b5e8b97e6cfe
SHA256 9462da5aa6e2a762b02a24b7305bac86349e5b5ea182d36fd6a163de550cde60
SHA512 6a9de0231f9987554a20208a89c6c802d28c57ecb6f9e95771c94156b65c61ac1e18298ce6d3f0559d3a08052845cc2014dab335e119fde731d745e4857b7d74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5d2aec8db5981fc87712410c56b2073c
SHA1 15fb8c86af44dce521b7baf5829c0b367e59dedd
SHA256 22a7ea39164561f3c7f630aa33f2651283e9e87e382bff30207720981d5b1c00
SHA512 57ec7c7a47c58c1374f64d1a78f38df5048b7a7bff5ee8f381680fd50dd83809518f09d9528a0089c79cccd8e91a35e35756149014b4414b4123c7b57f5ace4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6fcc21655010f43f0d0378de49d893dd
SHA1 c159d491359e2c2a47ca7430ccd042535060b5be
SHA256 4f99bd1a0822a7bb62487ce9e63ae242c41f4cbeece589b2f9a233366855777b
SHA512 0f65a2aeb60d548811290109404d7256b7973f518bc6f69df329bb5961d26c9cd5186e24c1d728e1896c062dc890743b0c5e1e514b7eaaee00f626527a90970f

C:\Users\Admin\AppData\Local\Temp\TarCB7E.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 b04228ee3dbe4e5960f9b08ec3a74e32
SHA1 e1c119ffe9f8af881feb91e04d0616b4b60d818e
SHA256 12b49bac6bee439c3472f74d21e6439397a812c465a9575a97af0ea18405191b
SHA512 6b8d5af0b04447ab75ac10b3a8e23016ffc035525cf9d57fc4cd7ce5d6d8c40d5774fdc8a9e7513ef71abeda1e7143b7ab4db38f5ed23556ae74e643b9ae226b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cf13a98768594a536b0d23afcf703a1b
SHA1 8dc0c5710131379d7d7d3fd10712541f23253365
SHA256 8c794d25fe12e1cb23490ebe29e1487708476e2c4292f923db352c2914977f1e
SHA512 6abfdc56bc9d2ccc387d4cda9921594e54d7633681b50fe903bccfc4f242f2577f3c7e84986189555ec7e2dbc9c8c837dc1400f8b9ed0d5774eeacff625260e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1afdc2ad51802feb4af8073e1e525206
SHA1 4414c3f0b728c001ca5644736b616497724d986d
SHA256 751680d90f26d594797b7535edda98d909df3f0605cb1061d1327951da75df9a
SHA512 e781bc0a16515be0f8de0e84cde5f965af43c12d245bcd06a6ee04369e774965db1f543d1e74fe956c63eca09d9d6a4d02fc15bcbb33535c94f6bf43084cebec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3c24f69952594043e609b33fcb68a55f
SHA1 ab102e4cbf0a18d1ce8bd35843c893acafb28cea
SHA256 3bd6f82f1a7cc83938a780e29915f8aeb5d73dec830b14fc3519d4e1bf7c42bf
SHA512 f93f9b0e2bfec721a136dfab2bad83d59bbb21d54246780ab19116dff9f07bb25ef289491c95f95b738d0a162d6637407c6604ff396ea4c6d5e810847024d3b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d215bfb92202ee61186f7653f8197b6f
SHA1 04184a8c39b1a3e5f98a7796bac26367761385e6
SHA256 8e8d9cf286e5ed912103f91b0a97b6a05efce6c0a3afcc7d399a5db0a919ffad
SHA512 c9d4baec3ed2c700190c48a5857bb4dcc7aad820b7f3e43c099d46429dcc26a501412fafdc18204c37532a4652630c67eec78bb31f71e1564f5be93b0bdf562a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0f4f0e90c67ec8c515479f21bbf539c0
SHA1 ac50e2aa86710ff42bafed0873545b39bb1d88a5
SHA256 8a5db6a18274a29fb21df06a39d1d7a1b4a2aa376e6a5b7121a1990ef0881412
SHA512 101732e90cc75e5f7cafe7084b9afa80f9641139c2aa8462f90487fed67986cfc6d57722115e023659de5972fb6406ecab003c111abefe77e1f323bcc1fd7312

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 9ee4937cba8358dd68b7446e2b96fa79
SHA1 2037aa9851e674387da88088198d934d8e807c30
SHA256 0b3461e3654ba246cbaf5d469b378e6dcc8b52a7fb15e23fc396a92df75b6d6f
SHA512 5931011126d1f60761a26e1c8e345ccd956fd7014d7ea259a7eec3750dc44b7ed141daba069fbb28fb342700dafc430384ab59d3b2cf669849dc3702673b9b5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 afd0a3d53231038a474b5f4bf510f37a
SHA1 365e300b2734660cc5e91bee4122fafa73f4fd82
SHA256 811b504c2b3842093bad18318ca309d5c35e1dc63db6e3df5a4cb0b62a375fc3
SHA512 84a5c9970288fd7096951555cc90236d241c50d63be6ff5c54eb1c3c87ad3b1ee051045cc97f5aefb928bdea2dfeb307d6d04fbe158cfe178a40bc6ee2581597

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e2795249002daaa3efe2ddcab7288437
SHA1 eb728b08530b3477e11c903e4298007cd4690669
SHA256 390a7c50c9ebd0534eebdadbf3b632af1be7b6b2bae96b29d381e10105acff76
SHA512 d56acb0456c91e6ca7a2ee21063c45d282f7e9e401ee731ab7f732da954f54a238056e5333fef0b098065b67855a6d0d4c2576d3c356eac3176c75dac4d8cbaa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 37a0f4fc056b3709cb8609808048d922
SHA1 5d97d20686ffee2e4d1040944c34aa9cf7161885
SHA256 c1ccd300761261eb3492352b3884dbf1deba57b4c49f42619809faa6ff3b1d21
SHA512 cfd7d33f0cf1d357645228c894531ff86096a246d46a88b4bd8cc9c0e3bd5ad71433cc077bf9283d52721140fcb7f46b276dc957c8ac938b68aa4ec94ccd0b99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b414837fbe7f204889ec5c0e8009df92
SHA1 6649747e60d7989d0989bb8431306bab4651b47e
SHA256 00a253f236eddebf814bbaf18838cefb15f6b00cb26cc64d3026ca18ebe0821e
SHA512 9bec8f3175fb052e4a66bd374460115fb1462809711c9ebfb3670868090fcee37b61243e7c08d9c98bb5817e065f5a2e6e2fc08902f57cae8a53237ef63255ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 14f42db2f4830e44d402281e4de3c4a0
SHA1 549ce6a3233f6d6db32e393736e7076c3d53bbcb
SHA256 9725f67f75d527ebc09b88958f584b0cfd01971b30d04e3f62eae73fc6368c5f
SHA512 54e9831d434d9365d4993b96fad6cfbefbc0e7cd387a03ef12760b9fb08901907aa0dc4b4c8568bea9fd693fd5b3741957071f48c34b41a1b53a110fed0b7c45

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms~RFf785071.TMP

MD5 3daf350c79cd8adbae3148bc882e2f27
SHA1 304dd67b24fea41e1e4718320d2d97a9fb768eed
SHA256 369e9f28837c7ba5f185a8b0bf84ccf2b7fbd7513431f0e314f4e67cee711bd6
SHA512 17676e22137f436768899207af8341b3c129a1c06dee89bfd22aebb48587166f14b9a54f6c5d6c98a44a538bf031e482c4f162487540e563be52662cf8000334

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 3b99e52df6462b66220968f17b64a9ab
SHA1 e9fd416a39e7e1fcaa370277435dffbe05c369dc
SHA256 72c6fcebb9afc5d536bc0370b98d712bed08d687bb3635c345c5e871b4cd1915
SHA512 a932bd86369c17aef11dd3895f3b9c130635599edbcbc64f102552b1477ffd4f6e797fd1b1c5eebdd9717a2054ffc633fd047251e7fc238c3388120a4036814f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1f8b79914c4a720f64b76bfbcfefc7f1
SHA1 e2275ec5a816c31d4e7f551999fa63192f9acd37
SHA256 b4f465a2f153dd07dcd36b880676b2bd6f6f044aa401eaf0754cc0ae64193e19
SHA512 6085475a173c110c5b1b99ae45a15a50cb974ea0326040efabde0c9330beefc07f32cda7017c032fa26819e439e266cb313a767399645cc1db5bdade02cbc003

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd9d171bd30cfd5a3e47ba91aa735ada
SHA1 7b0946bf34e9596e9fbf9c2d09f0e594914cc5d4
SHA256 bca93e4b5722748ef6254d5b8374acf77ad06d851ee2ec08005c96edc7e3dcea
SHA512 ab24907b184cfdcc9ed9f38cc7160750f91a373ae2b559afd6e46b5d4e930faf655b5e079acb1cbd0092d9f02b4be1c0c93add593c41e2fa839f2c72c4f74f85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity~RFf7876e5.TMP

MD5 e7f738b18606eadd1a41d6cd65c8a90a
SHA1 d525e6d9bac420c61b17aee03d0ec8e12ebaa8aa
SHA256 e0c54fad4b950e7863625fa7087bdc9f6c772b28fbe803f5afce06297475ea62
SHA512 ce26d4502f12f6ab96cbf8021ccab083fa435eff31116b9542c3f29c6fffec20cd431b1b111c40491bf4f5dae6bf6e6bb050c6f00ed0daffe3e6be14d67e79a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ed768e3b31c6e8737d3f9e6e687f451a
SHA1 0d77b17ccbdc5acf5fd254b0974180a5d32edc68
SHA256 17dba32af396434ba79d4468a4482795c76811259cfd2526c66ff978cb3b4f51
SHA512 ae63dcd6b4d75d1bb792e771c491e5470d727710904677e08e2cae273917a3d9c9e4e58b59b538063aac2a191c5f700831028cf73adc888eaa29fd2246e70d7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1aa57b7794aaee496bbe9bf182e284bf
SHA1 0946cede9d63e00585defcd9d67553a115ddf23b
SHA256 db3a664cbd65193f4d611e90a9371f52de284c5d6c2d76f60f6d7c9169b2ac28
SHA512 eaa12be7246520866c757fa84bb52803298265d5bd6fcc6a59d02dcbe9e7e80816fb8e1b5a875eccbf0c3db45fb9ff7d8ee78ae3484af9012fa4883e932dcdec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2e65281b7b28bfb5d7e316dcc2ee37b4
SHA1 b4d998127047c0f64a861bf6182ba5aca33fd358
SHA256 c019d816213ee54a7cb5932850e891ae0b6bfcddbea6c24a28416bcd41048077
SHA512 6808a6c76ad9b4a99e07ad4a9b5c86edc435fd97b861bdb2b69b90a03a3de249182f520f9433ed15c5e5d57b6be517509f06278905c65319a3388814a79498ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\467992cd-65e1-4554-8aa5-1be172daa72d.tmp

MD5 d3ca6d8477b4ea82f9ca385c534fb5f3
SHA1 bbc7809f47161c3ded0c38d3de95c9bdbcccea74
SHA256 990b7d14ef88f8ba530c446d5fe2457b9482d97164824e0667b66ccf83861626
SHA512 f93e6ad4a0caf97a8b2fc02d0fd5a2bdcfa0bb153629bb93011a9a2e1a173112bfc271f52c0dad2007f3af4e39374ebb01fa712d900339fe51f6f5243def7eea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4e32da777639562eb05e7a74e866a599
SHA1 23452f86d240de5a923840d81c65b87c3be85d7c
SHA256 a00b214e1052967e0ea32c513e66b7a50fb4eb46d8bc77c764cd38e337e60417
SHA512 48bef83a2a968127e99c7206dd5548ab4c0d9e97737a5a16c1f3fbed0b970137f5094e05fe44651d370462bacbb5258f0b6e16271226ae57159e0f9286ce4373

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e5946968f5e56758c81d0b83b298293a
SHA1 85b4b368f2e9df452f7862c9a05ed5174402331d
SHA256 bc8f09559f94a23ee9f528027aebe07ff48ed1702f5213b33989ce5e05c4b482
SHA512 29b19c06b9b919d3c0b827abfe6368a0e9bca5ef751f4b72ac255340fc5de4a6fabf4591751ed9bb85fc0aaed450245a59693b74a1fc6ac8a30114bb9a57c91a

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 01:37

Reported

2024-06-13 01:41

Platform

win10v2004-20240611-en

Max time kernel

184s

Max time network

170s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe"

Signatures

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Cesar Sogbe\is-0E85L.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Daniel Escobar\is-TIP9N.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Orlando Ferrer\is-1EUOH.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Rick Carson\is-D7PH5.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Brad Boatright\is-EPJL8.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Daniel Holsinger\is-Q0MPE.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lee Rouse\is-42Q9V.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Rick Carson\is-75M7N.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-T0HCC.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Brad Boatright\is-RQTSJ.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Dominique Sanders\is-RHFB7.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Thomas 'Plec' Johansson\is-BB764.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Brad Boatright\is-CP8CL.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Francois Fanelli\is-9TBM6.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Joseph Chudyk\is-8VQDG.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Ryan Harvey\is-M556B.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Ari Morris\is-KT4QI.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Ari Morris\is-8GK6N.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Daniel Holsinger\is-2NI5L.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\David Sustaita\is-UDGP6.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Francois Fanelli\is-8V5BS.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Bainz\is-ANT53.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lee Rouse\is-QKNFQ.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lee Rouse\is-M9BGV.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Rick Carson\is-IMAL5.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Brad Boatright\is-CQUMD.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Colin Brittain\is-J3KKN.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Francois Fanelli\is-C9DKD.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Rick Carson\is-9KOG8.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-FOPED.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-2BO4H.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-EB34O.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Joseph Chudyk\is-SQC47.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Kevin McCombs\is-6L53Q.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lee Rouse\is-0GHC3.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Steve DeMott\is-IH8PJ.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Thomas 'Plec' Johansson\is-V1AIB.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Thomas 'Plec' Johansson\is-836SC.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lee Rouse\is-UD4RM.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-95E59.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-NTT27.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Aaron Pace\is-ISNR1.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Jason Livermore\is-TODV9.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Aaron Pace\is-6FK1N.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Daniel Escobar\is-67B61.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lasse Lammert\is-0N3E6.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Mike Avenaim\is-5AUS6.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Rick Carson\is-T3UJ2.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-1FIHA.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Ari Morris\is-SKNSG.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Francois Fanelli\is-KLO9M.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Joseph Chudyk\is-74J18.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Kevin McCombs\is-3SDH7.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Richie Beretta\is-SFH3S.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-7JL98.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Lee Rouse\is-MU2O3.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-QNGVH.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-KFPNH.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-4PA2P.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Common Files\VST3\Make Believe Studios\MB MixHead.vst3\Contents\Resources\is-KLFP9.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Mike Avenaim\is-FF9IK.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Steinberg\VSTPlugins\Make Believe Studios\MB MixHead.vst\Contents\Resources\is-2A6BP.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Daniel Holsinger\is-OM31A.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
File created C:\Program Files\Metric Halo\MHPresets\MBMachine\Mike Monseur\is-KN0HM.tmp C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A

Enumerates physical storage devices

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp N/A

Processes

C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe

"C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe"

C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp

"C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp" /SL5="$D0060,39143304,121344,C:\Users\Admin\AppData\Local\Temp\Setup MixHead v4.0.3.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3840,i,6522675234395427298,2952738987384583032,262144 --variations-seed-version --mojo-platform-channel-handle=1308 /prefetch:8

Network

Country Destination Domain Proto
US 13.107.42.16:443 tcp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 76.234.34.23.in-addr.arpa udp
US 199.232.210.172:80 tcp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp

Files

memory/3408-0-0x0000000000400000-0x0000000000428000-memory.dmp

memory/3408-2-0x0000000000401000-0x0000000000412000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-6RPPF.tmp\Setup MixHead v4.0.3.tmp

MD5 34acc2bdb45a9c436181426828c4cb49
SHA1 5adaa1ac822e6128b8d4b59a54d19901880452ae
SHA256 9c81817acd4982632d8c7f1df3898fca1477577738184265d735f49fc5480f07
SHA512 134ff4022571efd46f7a62e99b857ebe834e9916c786345908010f9e1fb90be226b740ddee16ae9290fe45c86be7238c4555e422abe66a461d11545e19734beb

memory/884-6-0x0000000000400000-0x000000000052E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-GSROD.tmp\R2RINNO.dll

MD5 5df8ada84a16f5dfc24096ef90a5ce3a
SHA1 5e7e9c68119c3a0a1afc92c60674bc8714492823
SHA256 48a9c8c332fde541b571d9d522d0e37834b452f55af8cbdc341b12222e78fb5b
SHA512 661b5219c74dd6e3a8e899a1b1a3002689d148e337d7323a174519366c9548c284ee76e2faa2f9600cd483db21093ee62399f0d7403c39523c654266760191c2

C:\Users\Admin\AppData\Local\Temp\is-GSROD.tmp\ISSKINU.DLL

MD5 f30afccd6fafc1cad4567ada824c9358
SHA1 60a65b72f208563f90fba0da6af013a36707caa9
SHA256 e28d16fad16bca8198c47d7dd44acfd362dd6ba1654f700add8aaf2c0732622d
SHA512 59b199085ed4b59ef2b385a09d0901ff2efde7b344db1e900684a425fc2df8e2010ca73d2f2bffa547040cb1dd4c8938b175c463ccc5e39a840a19f9aa301a6c

memory/884-14-0x0000000010000000-0x0000000010061000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-GSROD.tmp\SKIN.CJSTYLES

MD5 5f87caf3f7cf63dde8e6af53bdf31289
SHA1 a2c3cc3d9d831acd797155b667db59a32000d7a8
SHA256 4731982b02b067d3f5a5a7518279a9265a49fb0f7b3f8dc3d61b82a5359d4940
SHA512 4875298d82037ef1fff1ee3c58a9059d8480274326c862729fcc56664ecb49e2692c3838948c66dc8336e4050469d831cbf1fbd79b66565ab673d2a67765109d

memory/884-20-0x0000000077840000-0x00000000778BA000-memory.dmp

memory/884-25-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-26-0x0000000077840000-0x00000000778BA000-memory.dmp

memory/884-24-0x0000000077840000-0x00000000778BA000-memory.dmp

memory/884-23-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-22-0x0000000077840000-0x00000000778BA000-memory.dmp

memory/884-21-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-27-0x00000000766C0000-0x00000000766E5000-memory.dmp

memory/884-29-0x0000000077840000-0x00000000778BA000-memory.dmp

memory/884-36-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-35-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-34-0x00000000766C0000-0x00000000766E5000-memory.dmp

memory/884-33-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-31-0x0000000074910000-0x0000000074940000-memory.dmp

memory/884-28-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-32-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-30-0x00000000766C0000-0x00000000766E5000-memory.dmp

memory/884-37-0x00000000765D0000-0x00000000766B3000-memory.dmp

memory/884-39-0x0000000075D30000-0x0000000075DDF000-memory.dmp

memory/884-38-0x0000000076710000-0x0000000076CC3000-memory.dmp

memory/884-40-0x0000000075610000-0x0000000075820000-memory.dmp

memory/884-41-0x0000000074740000-0x0000000074862000-memory.dmp

memory/884-42-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-43-0x00000000758D0000-0x00000000759AC000-memory.dmp

memory/884-47-0x0000000075610000-0x0000000075820000-memory.dmp

memory/884-61-0x0000000075590000-0x0000000075604000-memory.dmp

memory/884-80-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-78-0x0000000076710000-0x0000000076CC3000-memory.dmp

memory/884-77-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-76-0x0000000074740000-0x0000000074862000-memory.dmp

memory/884-75-0x0000000075590000-0x0000000075604000-memory.dmp

memory/884-72-0x0000000076710000-0x0000000076CC3000-memory.dmp

memory/884-73-0x0000000075D30000-0x0000000075DDF000-memory.dmp

memory/884-71-0x00000000765D0000-0x00000000766B3000-memory.dmp

memory/884-68-0x0000000074740000-0x0000000074862000-memory.dmp

memory/884-67-0x0000000075590000-0x0000000075604000-memory.dmp

memory/884-65-0x0000000075D30000-0x0000000075DDF000-memory.dmp

memory/884-64-0x0000000076710000-0x0000000076CC3000-memory.dmp

memory/884-63-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-62-0x0000000074740000-0x0000000074862000-memory.dmp

memory/884-60-0x00000000766C0000-0x00000000766E5000-memory.dmp

memory/884-58-0x0000000075D30000-0x0000000075DDF000-memory.dmp

memory/884-56-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-55-0x0000000074740000-0x0000000074862000-memory.dmp

memory/884-54-0x0000000075590000-0x0000000075604000-memory.dmp

memory/884-53-0x0000000075610000-0x0000000075820000-memory.dmp

memory/884-79-0x0000000075610000-0x0000000075820000-memory.dmp

memory/884-74-0x0000000075610000-0x0000000075820000-memory.dmp

memory/884-70-0x00000000758D0000-0x00000000759AC000-memory.dmp

memory/884-69-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-66-0x0000000075610000-0x0000000075820000-memory.dmp

memory/884-50-0x0000000010000000-0x0000000010061000-memory.dmp

memory/884-59-0x0000000075610000-0x0000000075820000-memory.dmp

memory/884-49-0x0000000074740000-0x0000000074862000-memory.dmp

memory/884-48-0x0000000075590000-0x0000000075604000-memory.dmp

memory/884-57-0x0000000076710000-0x0000000076CC3000-memory.dmp

memory/884-46-0x0000000075D30000-0x0000000075DDF000-memory.dmp

memory/884-45-0x0000000076710000-0x0000000076CC3000-memory.dmp

memory/884-52-0x0000000075D30000-0x0000000075DDF000-memory.dmp

memory/884-51-0x0000000076710000-0x0000000076CC3000-memory.dmp

memory/884-44-0x00000000765D0000-0x00000000766B3000-memory.dmp

memory/884-160-0x0000000000400000-0x000000000052E000-memory.dmp

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-F4KJD.tmp

MD5 a5e9c7d4064e5b660615f5b57031cb12
SHA1 4b9d98245db1941d81df9090b1cdd508a86f81f0
SHA256 889e2aab2582dca7a50fed86badf88565195100d458993bf6f8ebe780aa5091e
SHA512 8be391f7f8a7c1b1d5b4a68beef274d84e940c4f233ac0e7d30949bb24ff28536ad9d64c17237e9543fd3baa77fc3530e6e3110ad629d4bebc3372955da72e58

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-9V3GV.tmp

MD5 d77e9bd8b3ee8b8558415a48f58065f1
SHA1 8781c88e730bcff93f2d76d944e01937261e632f
SHA256 039eb0d7566d282bc6874e9e917320eb466f07ffb30eeb0a80988dc6610d601b
SHA512 5ed357220e16b205b504e203c01be2eac44a6ffb5f7ef0931656d159be37532e504e58d81753ab2337195a1ca11912437f6ffd166eb7c1abdb6223a5731b23c6

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-MJ4D1.tmp

MD5 e9f3d5084e143ad7458ccf4f00d40eba
SHA1 537da2b4cf04561317f397a743602d9ddc5dac6f
SHA256 71ac09a43e3946fd2c87fdb04bfbea8595f0e254957fe9d7d3734658b6c16dba
SHA512 6f64c799e30a16fd22e884cc728c134e0cfef698d42dd7ef5d2fd8abbd8bd9325cdea80dc1d46750b7f563a0b2ee335d7aa9dc0cc9151da0e5fa17ab5e99c0c9

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-OM02J.tmp

MD5 4aa991801f28f3fbe9489cbf1568f3ee
SHA1 c40a1a52f24607b9a6142d4edc069f214dc35787
SHA256 aef3c22543488a8d889261d20d4b71928cfe9981823cee62e97e2612623a4f44
SHA512 17bd5877904f6f4ef34d2af229366d5e81f766c3a8acf7ab48c79cae80ccaa461fbb7830871be0d61447f1b3f2096928a6b8406fe890aabd2cefc8e8d646ef05

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-6F6SM.tmp

MD5 906d00982398d4c040d31cb28dfac594
SHA1 8e01960082966d48d04ec5160a7e34986f4ce6b5
SHA256 b5520a838c78f688708c68e25a611c5750249abb7f27f768822873e57f3a3836
SHA512 419142071d1fdd72075c12a88c95fcb20867dbf75db29216036a3ec5e2c8c8c2a9583c4a3e8751959ccfd04a03fa0562b148737010f9dbbd7c517d61da6e5d53

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-APV6D.tmp

MD5 74009aed03a440709e5a20446c48b279
SHA1 fe584648dbca2a8f68379f6c0782092f19b884cf
SHA256 64afb1d1d2aa82193fc1e6420af754c0a823bcf4c853b1895dd4e0df2aa1743e
SHA512 22f8f6300fe31c1d11af0c274a1ac47dfc593c3d7f0f50e764860d42854a3cc756ad59730ef60ea9a01e407bf3fccb57700eb3b443a5c41b64d9ac4497ac871e

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-EUFR8.tmp

MD5 563fab00495e45a6c7dc3089452c0771
SHA1 56d37a1beb7621abfbbad2d801cb9d05790299ce
SHA256 c5306f2d0c9d557e6a2ecac9da21d1e9be05b085a685300cb54bd46eb6fdcca5
SHA512 591643b308abb4d31e7556ea05e1d2fd5d80d445a3f8b6f1ecc3918ecc197d4fb32a81bfd791fa02c6d8065f3dc07937ac489a68e05c19af0b11aae1da877864

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-BAUOK.tmp

MD5 b7f460f074ec052e4c29d1c8ca24c6b2
SHA1 5e639156466aa7ce65d4e5552e9d293378e9b7e9
SHA256 7fd7aec2321934a6309c33d4758f32df33d54b08fdf188d6d4a8bdb12f9b6377
SHA512 20ebd281f3b42d49a6b4291fef66796c960a4c00a766cdb477e835b4d9fb3cd1e6b04dd95671f893f2b860465a047556368d030ba06a1fb7dbd1270c91086937

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-4JRLO.tmp

MD5 50354e3a32a21cb9110ebf20f46688cd
SHA1 c8a5269f3594298be62e913bde072489f00ab393
SHA256 7f700525d9714fd248b38710d50a39b8063bc14d8027c40a6cfd1f134588a3aa
SHA512 44767f4c097218bdbe87ba70a8430ec25dbddbdd7f02232aec00ee15158c2e85c76c74cb4630541b76cdfbb5d96853ab923cac9cb9bbf0a13cb5a75b0c55d0dc

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-S7FQM.tmp

MD5 b058bd6167471ef966fc31d9d516bc29
SHA1 e44b979d20b63a977bdef9102613b8e6f76d6870
SHA256 435dbcbfdee4e14c1f1dd01c7fa9eb74e81cf0b1a38f0f61131912230c7c0ace
SHA512 9e3d0c0423f89ee8d0eb2b35eb652d2caa968671cf4434d8335c0631d0adb8ff3f2f83d60fbeb966de16ce642aee62c903692cb8699b1435954a7d19d82c55df

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-R8EJI.tmp

MD5 02cfe1144050f11f7f9e2c4c7d4fc3c5
SHA1 a6c92562cdf03c8eded4d613adddb28300ac179f
SHA256 6fce9603512ed3ef20789e7e0d99a0b5c4856c0a0a0856d9816d0be7c9a7bec4
SHA512 1614d32ed8449bcc81881a49989b988812a45d0f1e6b7341f0464939d5c94768c82027c76df298cac84e29b26cfcdfb24d68353792ab6e14c21a10d0cb52fa87

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-1FIHA.tmp

MD5 e27666260ce71f6a2555e39107b391a4
SHA1 52b545f354088af4e06c75018fe4125f45a39654
SHA256 40383f6f753dd6b5351027bdd778cac56e5575afd94f87507b0baffcd76a4c57
SHA512 71b0aeb08f46b30388941bf3a231b4b465b5417b24f610dc28efbd9d465d0b7f95808c1553fe30eae4af4c4a944cfa5329bc6efe79596d362ba091ba59353efc

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-N80CA.tmp

MD5 041a530d28fb768f47d63d1385b80d62
SHA1 2abd63a9a3775740ea47831cac94a2234351fada
SHA256 490011dfd91b22f53344a71f1b27a5c0f581607325bb2cf810838df640f7a05d
SHA512 1d8b2cfd7f45d6d5b5289fc781154726b6ad1782d13c5d49b0253b6d714f0bd2745cb2c00c3af9c66b5a273e96c3e4e49c5adf0afc3b3e1a0f1d0c4aedc59077

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-H20DQ.tmp

MD5 5ce0ce04869a0a49d17fd6dc68d5e07d
SHA1 391d1cf23ccabc1ea9d5e79b67c69fc699460aa7
SHA256 93691b75c45f41b5f1354dd2af457de8513216cd33b1f952774c0c57bd9e884c
SHA512 7c44b80acee073d29f951e0449e6c8ca9b948ab431578d069132a1c9329df034abb3ed2f4e32d22684b9015ea96587413a4a0583cdadb1b5c9b7710637c93a8b

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-POGIH.tmp

MD5 2ad9f4ce7e5ff2bc490ac5ffe75746d3
SHA1 7c815c07f273ec1c9f4f92052fe881a401a0b285
SHA256 3d4baa95810091914542c1c22d1e8706d55354498e79b471de150b54459032de
SHA512 c7dc6c10566d304727665599528b688e549bd5251d52b32f34245cd942aed57324c61b3119e53f2f914c832dc539af4358a52e881d156b2b42bfceae72dbf2f2

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-Q8I3G.tmp

MD5 8da37b3514d2fcdff62c1129bdb55fde
SHA1 8218da25c6bf7ce76f38beb2e04c9a414b61858a
SHA256 67bf713e48bf0cb026ba62ad198ae625bea3c9032d25c757549bb1ca6e7577fa
SHA512 8256582dc29783321e9d2ed1074f545f66e41696565d9f0f0dd879b37c718c0b6424143c24174302037cfd5ee98fae66bd6c1d3cb61661b5897e38e5957d60fa

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-JHUI5.tmp

MD5 c2f151a9127bebbf8613654b6f1ab787
SHA1 9d51ef53816ed11304e6023abe1e67a26eab3cfd
SHA256 beb7c201d55987d0b293f34b9e0e1a996d05513ea03e5a19816d953ffdd4f038
SHA512 ddb33156a1541b7ccfd820c5c152ec81aaab239e1b70c69ced73926c4095fbabb92389b205cb266e0df01ac7baf0ae787ec6b02b474c8db2005214a7dd52caad

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-4M96M.tmp

MD5 a7bd20e0b2c6b12cd815e98ab8e0bc2f
SHA1 108145db32def39cf9228f1768e78fccfadab6e6
SHA256 c5181a0e0178d7f603b7f66167607202d114d9421202fd3b581afacf1aa38a02
SHA512 c8e587104a861e2c481bba821ae05066748d5645a2f282cdaa991e87ed85c74c08fbc1e896a8b26941e638bd2abf4f38f925ac0214ac8cfd04fb224bf7485668

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-3A45M.tmp

MD5 a210bcc7f998814a6669c959e84fe15a
SHA1 a3f1d2c19d07d9f41985f2163b7163421bc7f28d
SHA256 7d02b157cbc0a50d673e72bd44436dd936984c74e1a4f9805bb2ec04d6f8c86f
SHA512 a120b2e04fee931993127d279356d494ed2f7ded3c64fc02844058cdc20afe653c2ed0c716d769bf457194b125708798aa4fc5efb6701c6fc8d06c52e8d461df

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-B4FPS.tmp

MD5 9d8de34a5095f0cdac1e4e75521a9ccc
SHA1 568ca58d4511be979462f7cc1634d86070e92cab
SHA256 e040941e563e29f41d5606781b51a03502eb7399ace044e8f436c8da2335acbd
SHA512 f722e5705a8a6095b2f5a8537d249b2778de9b3ba52e4c85abfff583101c2a3e159e44a34fe79a185202fbc23506d38c87eca6571ddb40c0ce514c97e51b248f

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-DT9T0.tmp

MD5 70da2a3d07bbf9fee54f655fd727bb12
SHA1 7c30e7dde3eb0d5f1030b496616183c281d57ba5
SHA256 374f542d780512613ec9a971deafe1e87f58431e2f210419f64b86ac9c66d5c1
SHA512 8dce6b3b25dbc728ec0a573da7e2456b25fd894ac7446cdaf64bf1852ddf02696243b6b4db846a99c05fe26c218eb640c5dde73ef182c69f2959eef8ce983ac6

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-88K3U.tmp

MD5 aca9e12ee7fa27817015a9e4843bb96e
SHA1 2ece902a19b5f83e01c65d7e6258bf8f478e3293
SHA256 744530870452ac7cea119f99563f9378c59e61161e06e00524f4d48e54920635
SHA512 3000878ec7505ab8005802ba58f5668c4cfdb0c777435661e0a67f464cbd6b69467a5e233d4dec7826406a94cea3301dbcf70c2feea3166c4225eb0c8f360345

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-TCLQU.tmp

MD5 75017964635299f693550d6b64ecd7fe
SHA1 efb3ae120ba21bf52d666c5924ed0428e97645f3
SHA256 9c4748df07b8185f7cb7642dd8476aaa5e62f126ca92c88de74bedec0dc6d0a7
SHA512 915a740913e4f59a7a648ae2dec2322618e4756ed9377af3a8d8edf4851f2608c69917fa7721757f8560f527a00978bf4d34ae5c68273a6d5e27a1de10a99358

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-4MFJ6.tmp

MD5 9b04f67ced44da7284d908ad668afc82
SHA1 880021d395435adc9aeef490885738b85da21196
SHA256 931a0a2b5018bc211510d67b43b3d507fb29e693a83aee76622aa167e798440a
SHA512 9041675b67941e63c459461d7b5bac752e1125e9629afccddeae13294c6afafe09279397047d97c904c70b8e0e1d23d2ff21feb7570ce5877f4247b2b0959b26

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-EH4B1.tmp

MD5 1d6a5795ebb77279740566dc8d6ae280
SHA1 c1e94145024b0a75c72a631dba66f9160535ec0b
SHA256 28a92f043855ea0a3a5645a61d527f9b5d1db95ca8f5830bcb1cb6fc48ae5305
SHA512 43ab9a492e712d401e3178350e47e3806c99e12ff4af54374d187e76f6799ea64cc86d0c5c7a72b9755db78bfcf0a1a8008a98eb9f944731f28195e19c7db56a

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-80E6K.tmp

MD5 2c480d920c32cb1edb15e59959a86230
SHA1 6cb4db46f250c0e13668e9f8c68f1de18b566102
SHA256 a05f22d446c82e3406816e445a9dc025404721256fd4a757e3a9d2fc047cda2c
SHA512 7dfc7164f57c32d3a3415c052dda431c3d91ac4f28dd2deed7203e775bb026fc74d9f23d58152e811ac08b62aa3b486503c57335241d049eb66f74bf46fe83c8

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-HACHB.tmp

MD5 c94e9459c96e4c0a7ae7cd9b914f144b
SHA1 f68e7aadcd6ffa7223930fd50cda4c2a7cc95d84
SHA256 9b66fc09ed4d86377678e66dfe6684935d41d244aca96f372c2764f1f508bf67
SHA512 df208bd9f350827f3efe42d1165f184e15b29bd838aac1d3d164aa4307382827b9bef08f811d2d5d95ff711534bf8909a93235d5a282d5df636ecd18bb386698

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-12TCO.tmp

MD5 0df32ff8ef8d11c8513f74935ca70ef0
SHA1 c427c65528ea2e453ffa39aa2e5c71a2613697ce
SHA256 36ee83bf537fd9360730528abfd0c7c1c4a330e0f30ee76e09ed3efc9c47106e
SHA512 8058d9565d51ecdb693f5896126432a4a8d8e07a7d9793af4042da939bb3aafa5056711e1a33d15ce04b47562233114133293655b39788b5e0a40c11f06ff429

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-VBBGM.tmp

MD5 1fae054a66d001741fabeeb3f5cd19cb
SHA1 054bd51b1e91dfa2a8fb06ad5d2b89ccbeb49d20
SHA256 aa77c81e6639b585a52b089cb51b95e3dbf9c72ecfae09566aba852a9bc0691a
SHA512 a0f4a4c8e28738dc20c4cc7563b372975e7182af6f138ddae57e97a4c183ec06509571762f303112c63c9a480d2148ec7e9c93f48da71e3fc4f3a93b954b4af8

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-NTT27.tmp

MD5 8e9518633570c2224ab1a5c986d3e48a
SHA1 bf58b3f3bd1546212215d001c636b2dbd8e1d168
SHA256 aef97e37ddfdefca4f2d57eaf27de3d519a6d14c1ec2dc3e23796249f7726847
SHA512 811d7f68cf16dca32d24e0b3a56beb9ea63de0a46602f0b2b830f2c8738ee0599577604a0d39281b2083e4e9c6e3f584194ba2d6d0992f00fb00a09ad204cea0

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-B1VTM.tmp

MD5 c8f02f2dfb021af338fab1ae473e0bc1
SHA1 165aab852ccc9d7ce9a8363c70ac1ec6d725b39a
SHA256 9c37bda06e51cb48aae4be59ecd3eb46276567c9c32060029e12c1e3f67ea466
SHA512 368ecbbf81874221f72a1c0819ddb05ae5e77d75d76ac644ee1355517580792e4a5cea2b7280a617c139a88b13f9ec873e08da456fa06f82d8cd4a4ddaec036e

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-RKTH5.tmp

MD5 9cef3d301077d39ed3bdcd061b4ee7e2
SHA1 34b1d77fed06f81cd686d9faaf8fcb1d94760f3e
SHA256 4d88a8d63c53e6e972705fa7cc6af6d4608dd0038e36e3d873b936a0380af0d0
SHA512 58070705053e982d78d6b70b38cdf42947a0770e3a7de3b426d37d2655d696379be64421fd47ab9d49c14e10b0c3dd05900908341820944c6b849b28548c8055

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-PB1DM.tmp

MD5 5770da6bc37bcdc4c1e55b8ea64cd98c
SHA1 d9c9bd7cd47e9e211d5cec37fd2995575fa4a38e
SHA256 0315b9557c85edbe3cb274e6369f695f3289eaf7831af9bfe8a613c808d6de71
SHA512 09857165ebc814295c66ac1cc65a9ee120c827793118aff1339f71500f8f47c5ca0244f03473a85c31e777d86d50c4eeed7ddb072f6b9185d17e4c75ce2d2965

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-OPOGL.tmp

MD5 75abe9115ae9ac4636b9ecf30ef6ceff
SHA1 ae32d3df1941bd5d6690b7873e131910e002a5cd
SHA256 56522ce05699f48b2ca786813e8ef462c1fe74f8f2c4c54fb045ca1ac857b29b
SHA512 c1b87d158018a228ab4806159b6975bc479cad05f49340f5cc7e72c5c7424e64ed4763ab3cdac23c34fda6c667397aaacf101e1f3b73efa76cddf896fd978023

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-7GPGC.tmp

MD5 5342aa967253d275422a7e636b2699a0
SHA1 64e147feb3849ca42aafeff77f768e7ca7fb40e2
SHA256 5881c83248b5b7144dc51fdf1dfffd022c01176bd8bcd0ab9b1c17ba480e7da4
SHA512 7efd1367b3cb78cf84ea54882276e9bf621d7035ee2decead14bc3c8689faaf9d947670375a27df098ad9eeede83f1e6ec892a74864783dff5d92cdac5255f0e

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-GH14J.tmp

MD5 9420f99d5b05d35c09c89a47dedf2fdd
SHA1 880ee780c43cf36ec843569644bcef70c869f3b1
SHA256 836f7860c59e2f4d4d54e16bc082f95f3942f2890df916af5d39bf679423fe94
SHA512 59b01e2432d80d923d0fa9a91c99ff18672d9a570d0eea41f02d06e34c01913ab1531fc25f44ce4a1d47f425a4f81a253b1126f73eeda76c4a74c7944f695363

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-K7MPI.tmp

MD5 d7dd84ab76524c455961f1e187360512
SHA1 17e63f44020e92ce75a12e433cb30ccbd543bd32
SHA256 c217dd153620f12644a4313b7cd1a5cb3070d961a2f4a0db4cfcca560a2e6f76
SHA512 d363e4c4754cdfe771ae31901074d74b0174d9843ee44e33f2a91ba13d6b2f2f8374a8e0097634ad0ca0ffa4941f3463081dd639bff27676132cf86f42400c46

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-A92EO.tmp

MD5 ed94ba833d19d8a402f472f3a1c783a1
SHA1 5e2a4d0d619e573ec8b141dc90911e92bcc32316
SHA256 3860fcab4d797f3cfc7a2b6113ffc0047c0105ca67fff5701dc22b0a45b61f42
SHA512 cd664dca8e48ac84bdaafaeb54b4c5a59afb9fd02417c75ca49ae45712d4b2b34109853d6cd4789ceb3e5405e8b00b37788d0b35b0f6f26187032c62d26377f2

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-T92ST.tmp

MD5 4b83628107bcf5f8804d6dc08c6eb62d
SHA1 bf45b93fff0c1f7326a5de22c3640e8c17d0f8dd
SHA256 fe1711fc0cc3059e4f6c21d6333f14429b7872594b5c2f7f32c7b6ef17984de4
SHA512 421efe676447c5791f1e2a5250eef25eeac1833ac85bd3e06b02a95354bdbbeb3f15e25ce6844ce5313b38467cd919277002d3d556504154b5a07ff7546b5fc2

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-2JBP0.tmp

MD5 44d34e7c099af60ba2ffe4931944d987
SHA1 c38ca2c25fec4f5377f151fa0cb163a9c78f8c84
SHA256 fe50c426c624d05cd847e5a10701c76f694e355c1c0a9c24fe6ba06474bae83f
SHA512 d4e072ed517113db029c3cf7068146fb943573edf5b85c32a1dd45580232e85e04b9de826e2736c92b39607ec0fa0a230fcec214e20c8527a60b55c1381988ab

C:\Program Files\Common Files\Avid\Audio\Plug-Ins\Make Believe Studios\MBMixHead.aaxplugin\Contents\Resources\is-CN1FO.tmp

MD5 951e003f9d6bcef428617b97a679b6bb
SHA1 4e8a82471cf4fa1dbe7d63d09c12962c0afb091b
SHA256 ae2598b1ea88c8550dce5de216f8536a195a162404778091623bafda4e130611
SHA512 0c5aac46e2a519650f9f03e3027e6f24b39758381735f7c561a57cabfd8f6cf6bde91c6259a98eca0f5c026310559929bf6c6a521b92939b6fc82de4f0d9d254

memory/884-1241-0x0000000000400000-0x000000000052E000-memory.dmp