Analysis Overview
Threat Level: Shows suspicious behavior
The file https://launcher.chlebeekclicker.pl/ was found to be: Shows suspicious behavior.
Malicious Activity Summary
Executes dropped EXE
Loads dropped DLL
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-13 17:37
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 17:37
Reported
2024-06-13 17:39
Platform
win10v2004-20240611-en
Max time kernel
108s
Max time network
110s
Command Line
Signatures
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3665033694-1447845302-680750983-1000\{240EE384-BC11-4ABF-8920-A822B00481D6} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\ChlebeekClicker.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\ChlebeekClicker.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 864 wrote to memory of 216 | N/A | C:\Users\Admin\Downloads\ChlebeekClicker.exe | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe |
| PID 864 wrote to memory of 216 | N/A | C:\Users\Admin\Downloads\ChlebeekClicker.exe | C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe |
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://launcher.chlebeekclicker.pl/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=1428,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=4504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3848,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5308,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5464,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5476 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5480,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5556 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5896,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=6100,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=4800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=6096,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --field-trial-handle=6184,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --field-trial-handle=4764,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6792,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5448 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --field-trial-handle=5412,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=4548 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --field-trial-handle=5060,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --field-trial-handle=6920,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6972 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --field-trial-handle=7104,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=7132 /prefetch:8
C:\Users\Admin\Downloads\ChlebeekClicker.exe
"C:\Users\Admin\Downloads\ChlebeekClicker.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --field-trial-handle=7280,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7652,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=7640 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --field-trial-handle=6968,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=7664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --field-trial-handle=4884,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=7712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --field-trial-handle=7120,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --field-trial-handle=5416,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --field-trial-handle=7752,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6784 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --field-trial-handle=7772,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --field-trial-handle=7760,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=7324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=6224,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6296 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\ChlebeekClicker.exe
"C:\Users\Admin\Downloads\ChlebeekClicker.exe"
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe
"C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | launcher.chlebeekclicker.pl | udp |
| US | 8.8.8.8:53 | launcher.chlebeekclicker.pl | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | launcher.chlebeekclicker.pl | udp |
| US | 172.67.140.141:443 | launcher.chlebeekclicker.pl | tcp |
| US | 172.67.140.141:443 | launcher.chlebeekclicker.pl | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 172.67.140.141:443 | launcher.chlebeekclicker.pl | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 141.140.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 13.87.96.169:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 13.87.96.169:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 104.17.2.184:443 | challenges.cloudflare.com | udp |
| SE | 23.34.233.128:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| NL | 23.62.61.185:443 | www.bing.com | tcp |
| US | 104.17.3.184:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.2.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.3.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | launcher.chlebeekclicker.pl | udp |
| US | 8.8.8.8:53 | launcher.chlebeekclicker.pl | udp |
| NL | 23.62.61.121:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 121.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | dl-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | app-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chlebeekclicker.pl | udp |
| US | 188.114.97.2:80 | chlebeekclicker.pl | tcp |
| US | 188.114.97.2:443 | chlebeekclicker.pl | tcp |
| DE | 54.38.158.139:80 | 54.38.158.139 | tcp |
| US | 8.8.8.8:53 | 2.97.114.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.158.38.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| NL | 23.62.61.160:443 | th.bing.com | tcp |
| NL | 23.62.61.160:443 | th.bing.com | tcp |
| NL | 23.62.61.155:443 | th.bing.com | tcp |
| NL | 23.62.61.155:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 155.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.155:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.0:443 | login.microsoftonline.com | tcp |
| IE | 20.190.159.0:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 172.67.140.141:443 | launcher.chlebeekclicker.pl | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 188.114.97.2:80 | chlebeekclicker.pl | tcp |
| US | 188.114.97.2:443 | chlebeekclicker.pl | tcp |
| DE | 54.38.158.139:80 | 54.38.158.139 | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| NL | 104.97.15.58:443 | aefd.nelreports.net | tcp |
| NL | 104.97.15.58:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 58.15.97.104.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
Files
memory/864-0-0x000000007516E000-0x000000007516F000-memory.dmp
memory/864-1-0x0000000000610000-0x0000000000696000-memory.dmp
memory/864-2-0x0000000075160000-0x0000000075910000-memory.dmp
memory/864-3-0x0000000008850000-0x0000000008858000-memory.dmp
memory/864-4-0x0000000009CB0000-0x0000000009CE8000-memory.dmp
memory/864-5-0x0000000008B30000-0x0000000008B3E000-memory.dmp
memory/864-6-0x0000000075160000-0x0000000075910000-memory.dmp
memory/864-7-0x000000007516E000-0x000000007516F000-memory.dmp
memory/864-8-0x0000000075160000-0x0000000075910000-memory.dmp
memory/864-9-0x0000000075160000-0x0000000075910000-memory.dmp
memory/3424-10-0x0000000075160000-0x0000000075910000-memory.dmp
memory/3424-11-0x0000000075160000-0x0000000075910000-memory.dmp
memory/864-12-0x0000000001090000-0x00000000010A2000-memory.dmp
memory/864-13-0x00000000010B0000-0x00000000010BA000-memory.dmp
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\PresentationNative_cor3.dll
| MD5 | 61d5bea0ec706ff402f9793b46d10f8d |
| SHA1 | 60e1b35590cc507994c602de8cc9edac9ebbf405 |
| SHA256 | 06fbc002e01111fefdf2153961cb715d71eb6ff9c86630511b1722997b0847a1 |
| SHA512 | 8d1d3e3e8a38361ec487118db585be6dc9d16854eca01d1490590903c603af69d7890761ca2904f35678dd9640624873f96cfbc14f318a81ea063d2a42b3065a |
memory/864-102-0x0000000075160000-0x0000000075910000-memory.dmp
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.dll.config
| MD5 | 5ba77878f86cd71dcf8a9ac8082515c2 |
| SHA1 | a75eb068ee86d8dc958818c49f0b5d99824cd849 |
| SHA256 | f373e20c832a72997570cca0984a97cb5675bfb0111dca6f6c4a8acc0a91e0e1 |
| SHA512 | 1bf082254df8cc8199466b847e98b69c3a407187d94a7fd8493f0bf1cb5791125e73efd67874ea84ddd619004fa26116a7cb087be14d1d04027e1c4d1cf540e1 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekCore.dll
| MD5 | a770736f3bae216941c87df55a22b5a7 |
| SHA1 | 4aebe1792ab45f9cf2600d6e2e65867ab0bd6700 |
| SHA256 | 2be7c068e9b03a9e90e503c63d557aced1d778ae45ca23ade439cbdef01f0479 |
| SHA512 | f2fddca8982e566f5d56cc5124fc65d575a62569d75d15b237099a1e3b7c62376f40771f461fcbdb8d105bca6346c00a75763a93da3fd931a60d7e7d1e613c65 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\libcrypto-3-x64.dll
| MD5 | d36c59bb1d520154398d5827e37a84cd |
| SHA1 | 0b93178fedee13623f9faccf643347e4db917dd3 |
| SHA256 | d57af867f90b9ee52170d286a35993f57906059ffbcb4b2d5c9eef80a594080d |
| SHA512 | f4a05eb0953ebb2aa7b0acb3c9033530b6d6c145a7a0d76b0463850a1c3adfe14de97db2b467fcd2bcaa8bec7cc3de95f25a7420643a3b01695bca8681790433 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\libssl-3-x64.dll
| MD5 | 2d327ae980275e96d05de72d5aab526b |
| SHA1 | dd5a145d57720f73fb68cc1ffbf6f535eb2e5c7a |
| SHA256 | 8f8445ef584c3a5722f6871c9d756be6a597e2130ba5eab127bbcac144184743 |
| SHA512 | af06c30d90a118d878a57dfecfcaf0ba454340c7455923b6e12a8b82b8d6f3fbcceda2a0a5ce769eac4053f9c610422326093ecb7ac6f3d4968f3a6602c6ace7 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\WinDivert.dll
| MD5 | b2014d33ee645112d5dc16fe9d9fcbff |
| SHA1 | aa69498562d350f2de06954b133e59fac1e57002 |
| SHA256 | c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2 |
| SHA512 | 37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\apple.png
| MD5 | 92db5a641f687c92eb6f74d8fd71b9de |
| SHA1 | e1060ee5fd285270b6772bcea5673c95eb7e7765 |
| SHA256 | d3270615d87067d48f4cc661652bd14a99843a78b6dae32a36871787564244eb |
| SHA512 | eea249c4764265eb6008d268eb1d1787627bbbd8b0054f44c3edb6a0d386b4dabbe310cd88cba15d6825de54f6f9faf0d64ddbfa72c50cb092dbc7e62f04ed06 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\book.png
| MD5 | 64fe056c95cea27c989ac56bf22bf116 |
| SHA1 | 4df534939a0bd8d11fa37cbb092754f805027bf0 |
| SHA256 | f85fbce67dc8c74bd31e843c7f8d18c1aa91fef478c74a05a47640a8cde304bb |
| SHA512 | b0f963d2f9076b25004b5ab73b3b8bb97a83f2ac0e382172adfd2f5debfff0d0089fa52d4aa295f1e485ba50c739750cd4a9e5b662daaeea62d356a1cf5dd727 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\cactus.png
| MD5 | 44798b49d72a899a2011529dc978b1d5 |
| SHA1 | 895fec6e51fd68d227d64882ff47a54c0f0e528a |
| SHA256 | 23c6964ffa21f9754e1880baf1920117c70af0125ab5dc69cff783c7bbb43768 |
| SHA512 | 75e10da88a0dbae9a4c2994a1858cee1feaaea76ce5154313a4479baf0db8875f2076bef76a2ca6f71aacde66d523b9c2c9af29a6791f439627bd85edb561bf0 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\bookshelf.png
| MD5 | 85998e721864417ab02211bf1a2aad3e |
| SHA1 | f3dd93bd00b067b50d23ea14b11c94c9fc950e7b |
| SHA256 | 41e06a768fbff49eb906b6aae2fa8cb2b6d476948fae8bb855bdcd76cc2fc0ef |
| SHA512 | 8629a7038551b3b45ebe0ca17b806202ed63f7618622950e44859989233da92b787b7f9efb9557008593073293e29f75f9142e3cbd9fdf5b4c80f03fae68edf0 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\diamond_block.png
| MD5 | ecce272b9c9ccefbe8aa0488bd397db2 |
| SHA1 | 4c8936b21cb2ab38627ea962ed0d0528935742a7 |
| SHA256 | 919dba5a40f203dbe8b46d516ba48b8c8962bb2a8ded945756e332145378254a |
| SHA512 | dee09e32b205a3a0107392aa893aedbee7b8134018dffb458dd456d637905b9aa62efa9a84f3e0d7c3cb4577095a1ba526b3700c4e96dd217131898dadc131d1 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\ender_pearl.png
| MD5 | f2132d4598781a0165c861d2f797606a |
| SHA1 | 2538df57600191db4d2ca0d1ae097d0832fe1bfd |
| SHA256 | 1455df6d49173e28d1ef00f26c7295ad6e61c4dc1855c24a434efdfb37f0f785 |
| SHA512 | 60d3da4e681fab099d5ed2256c25c0c943793676dc3eca5eb74a16beb12552e6f19e971efa37e830912afc9b82ac988d2646f1bdb9f31c3ee6cddda0b9640bc5 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\sand.png
| MD5 | e210753a3442b9c5f2cdb2dfe22b9a9c |
| SHA1 | 9ea23583d8c6f5a86b0fa7f362139a9fe8b5c582 |
| SHA256 | 19cb81359b09fc5ef7e4110a333e24eab511fe2e0059caa5757b3e72d62958dc |
| SHA512 | 7e2146b14122adf60b8051c7620e214e0993c55d903b8e99e2d70b54f6c7d607ce11bbf96a1f2e3762fb52f8277e1a46d1f34b4c74f8a79de71d60fd10e558f4 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\obsidian.png
| MD5 | 094315e9755a5e6eb573bd9df7e8cb2c |
| SHA1 | 58668fc8af6c94a5376258fe5b1aca8230151f5f |
| SHA256 | 636f7bf71c3a77b69262b5c7884033cf9a6666b03a968632c689f742ed3089db |
| SHA512 | 6dec548ac96d3a0b19905add72cbb33cae30a571264b0c9a7957326b2d5292092ca8fd189d2b7da002dc0e174f068251b23ff31bad72064c17eea9c9f4f80b11 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\mossy_cobblestone.png
| MD5 | d61fb1cb2e9110c3830b7a006cffd1ce |
| SHA1 | 8e59f3d309770d35ec210a69a0e434226c2d27c1 |
| SHA256 | 22a086d50cd17f900920cc77899fb8900173e86d4e29e0a65501fc7cff19d2b3 |
| SHA512 | f0cf0c3617dd7298d6bde517b15ee548d35d72d42abb58231666e64abfc5b159e5cbc91b205c32e6294bcd91f853013055b3767bcf1c1305901a700517370d8f |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\iron_ore.png
| MD5 | 16e7c584e2f0aaa47ac0511c7f3ba260 |
| SHA1 | 3dd12e74d8d7c8f4496b8b13c6a48084086fde98 |
| SHA256 | c62e8e8313d93151eb4c17d65afa388329fac3c5018b6dc602f5adcade87f901 |
| SHA512 | e69ecb358b64594c3b830f40ecfead08f18175f20539caebba67f79a133a5e0b160ff387e6078aaf324dd8e4edb47f526d8920c3eb2e5899d6654ae8395cda7c |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\iron_ingot.png
| MD5 | 53ce17b2f17d1ae258fc94f3ed71102d |
| SHA1 | a0db8cbc9d1c1fd365058d1cb878a3fbae70444a |
| SHA256 | d72c09f22add35e813047dd799e2fb999ee58ff9924768418628f3c79faaec33 |
| SHA512 | e706a2d2131d925b1d17bed23643fe7734fdffdf477d445db54d8803711d288d2a6c38978850c24e86d686c65d3cd66f6aea9ed4f8197f1d5bfedfdc993bd4c9 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\iron_block.png
| MD5 | 6043c50efb0b2cb52434fe024d0cacd9 |
| SHA1 | f8eead7b1cec7385ff052dc75985782d083b39c7 |
| SHA256 | 4bbc72dc951c48860fa7d1a129eed2106e0f2339775bb8d03182a8816c760609 |
| SHA512 | 11ee469270667889cd40e92981c87b23522d2964eb80d3ef323287385474280ddb416efa82a933968627021290ca28c447f539cc1857e31d7cfb66f44ba42738 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\gunpowder.png
| MD5 | 02ca409664ba047021f8136464ac8c52 |
| SHA1 | 8b93b88f5dcda23597d50a48e27bf01243763e8c |
| SHA256 | 84b83bf91d13beeca02825173ddd3df350844aea6121ccae5bdfb012f051b544 |
| SHA512 | eb2bf1479e1eaddee2631d22de790743dfebf6cb4e6ae0233dafbf939c500ea0f9a0de7f5fa8686307d3e4df570fe3567f87bdfda080a0ca964569dce1274692 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\gold_ore.png
| MD5 | f66294930d33b804248defce6d2043ba |
| SHA1 | 3ffba28a40e162ac1f59fd95313e9a46ca2f73ea |
| SHA256 | f90814bd972ad02c466456b8664f312c2039b3eb6b8df0f370f25982e91856cd |
| SHA512 | 1dd2748c1e2fac5dfe490f4d22acbef66fb6ec21c16ee8bb092c8c4162378ed0d0a9853668047e9c61447b102a8cbaebaaff8499af4cdbc951e584192134ab42 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\emerald_block.png
| MD5 | 155c45ecf7dd34bcdefe95a252bb04ad |
| SHA1 | ff4f232bff1b6ffad65e50e675803bc177d9c3b9 |
| SHA256 | bc8bb8ef96a6b914c4cc9e1c33346f4991905592ca1b58b0f9b907d2a6231fec |
| SHA512 | 8b9258261e8f95452e331ace3c794579e6822fb1fa433493b5c68c0a9354dfeaa55b9f359c9d5ed095bf2bdf265ef297c6a3e51ccf8dfe70df662ce26a0b84f7 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\gold_ingot.png
| MD5 | eea2062d3dc06ef0234c65e28b2a6c16 |
| SHA1 | 8d783d5d48319c8e0f939c5aaf43f3d95c9a1c82 |
| SHA256 | e1ceb6788ffbc6d745e256737a47ea732d1e63819cef75e4647642bc2e92d105 |
| SHA512 | d80ec3f7793ec800fa05ab4e048b441f9cb4c78ef3aeced48d9f3afb9c62461141ba56f740f4e580c8aed9908b5f5aa2a9c55b75333edc24635e9bfd72fa0cb7 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\gold_block.png
| MD5 | 00a2ccd3b3d5aa63668d344b5e714778 |
| SHA1 | d3894e73206c3a72fed2ab158224489e86e80e05 |
| SHA256 | 66515d8632a17d8dfb8db907ad7971abcc27f3c2a85b26673374a8d44d37365a |
| SHA512 | 6c4b16415871e34af4bd8b8cf25e108e8321b4e03f068b14f3624c2d65a00f122344699e3b4d6edbb7c8b96559e2bbcdf91573f89ed5d167e44f3d5734ae6368 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\emerald.png
| MD5 | 8f5df2afc9ea304279521ba6f996f806 |
| SHA1 | ab803b92aca7a016a9622603c5535738c92a2956 |
| SHA256 | a482a71c7d57fe975781215190e4063b51afe151be92f5a5fd9ddd4c0a1d270f |
| SHA512 | 74e7b68680779e35ad5d37589af7ce65122d4e67f8c22489c49983310c9fa104c6f4854bf3a7eaeb0212cc64dcf454bed76d0d029f36dadecffc99ac8a113581 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\diamond.png
| MD5 | afad6ac77201f06af90310c9705cd20b |
| SHA1 | 209886cb88aba22fa674461fd50d6c2df87a12ad |
| SHA256 | 62167844410cbd8b04a7eb772f97b3c2ab8d9ebec814ca49dbc3a8e3f2b8e1ea |
| SHA512 | 42d1fbf3ddcaf94418c8455ab04ab87942b3075e59007c04132fadee411a96ee808e82623454c9955e84908fe72b3a222ebe1c70d379c04bb50c787e8dd68f8f |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\chest.png
| MD5 | 978b9b5c3beb4d660342dcf60bc88238 |
| SHA1 | 8422efee22c84caef2c0e0f60c5ecdb90d1a4a0a |
| SHA256 | 1641fbd3aef6ed89e5c59e55b23ebc2f5678ce9929a9559702449ac2c22ac0d5 |
| SHA512 | 912eceba44c053bc380310c4dfbf3f5a20dafb88bb70574c25c0572b42b729299345823277538df090bca21d9c44501093a88baa9fde85f8cdf7b728bd8e690f |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\trapped_chest.png
| MD5 | d123578d983a96effb96d71d7433e8b9 |
| SHA1 | 088a9d8798339908d4a7a362cd16edcedd54cc2a |
| SHA256 | 7efcea4c8ec83a28392f54b8331bcf6100e47ec0850da3e30d8e240c5f8f369e |
| SHA512 | 0c5c89c44ee17a2d431c693a67ad4f4533b3e526a2645182986319533288907f68362b0b12fd8663a4831637f103dbcd1d52d043a173526380f6589ab83411b6 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\tnt.png
| MD5 | 6e19a4abd0daf74b54922bde20bb7a3b |
| SHA1 | 4e94c26df8b8c3fcd921e5f0393c2959bbc5b775 |
| SHA256 | 6a8cb3bdede6e500d9d92d8bb1c7b6eaea24589496fa73f9736740d6956f846b |
| SHA512 | e82d39c961e5db132a4c87d52bf48a8e28f4579b2bbcbcc42d6c66e342158338518710cfc9dbf17647a74a0d1856cc6749a18269626fb33f8c50eb795009ab44 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\wpfgfx_cor3.dll
| MD5 | b228a7b107355d1aa376ee7d95280fe3 |
| SHA1 | dacc2f058018631ab5fbc553e9d361daeae32980 |
| SHA256 | 1b00d3d583934dea4be4dc043fb630cebbe0be4cd400f874f626f921e823c035 |
| SHA512 | 554900f8e542dd87a7a38706b70220eecb6cef97162c50393bfe430385c6663aac39dfd1044d9ec17d78320683a756a7bb25420da482faa5494cbc6f509c56f1 |
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\D3DCompiler_47_cor3.dll
| MD5 | 03a60a6652caf4f49ea5912ce4e1b33c |
| SHA1 | a0d949d4af7b1048dc55e39d1d1260a1e0660c4f |
| SHA256 | b23e7b820ed5c6ea7dcd77817e2cd79f1cec9561d457172287ee634a8bd658c3 |
| SHA512 | 6711d40d171ea200c92d062226a69f33eb41e9232d74291ef6f0202de73cf4dc54fbdd769104d2bb3e89dc2d81f2f2f3479e4258a5d6a54c545e56b07746b4c4 |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ChlebeekClicker.exe.log
| MD5 | 9fc9901ccf928631cdecbd3ce59c4e7f |
| SHA1 | 96a2cea5acd6a724019fea78f6fe1bbee63f12db |
| SHA256 | 708554f8c886284af93ecb6e1d1fc1329cd45a0725e5532c38579361011f5a93 |
| SHA512 | e3b21d3ab9c5774cd8681c27be974cd4f9cef579a5e34f7db6c4002a5c8b3ae737f62d4d7224d31b86c2346aa2d73431c738b9ceff5aace3bf0e2962c86a3dc1 |
memory/3424-140-0x0000000075160000-0x0000000075910000-memory.dmp
memory/216-141-0x0000000062800000-0x0000000062813000-memory.dmp
C:\Users\Admin\AppData\Roaming\ChlebeekClicker\vcruntime140_cor3.dll
| MD5 | be8dbe2dc77ebe7f88f910c61aec691a |
| SHA1 | a19f08bb2b1c1de5bb61daf9f2304531321e0e40 |
| SHA256 | 4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83 |
| SHA512 | 0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655 |