Analysis

  • max time kernel
    144s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-06-2024 20:30

General

  • Target

    Copped.exe

  • Size

    434KB

  • MD5

    61eb747d9aca2e32df170bfe5cd278ed

  • SHA1

    e7086ca9616727f0d612c12e5e19200f98b35b26

  • SHA256

    2902b2d11793853c4ca9a23168b421afed4aacf0f345cc7ba955b2ae9cd61605

  • SHA512

    6ea3dffbfb9071c506affd7b1c6f4cc3d6c911775b4df31adb8f25c75d99f536c67fcdddf4d107d1f6e969d6155fef738015d756ed8b936ca7f354ba554a8952

  • SSDEEP

    12288:xoZZL+EP8MzMQQWRJ6TvSgR1ExP42u9ODA53:zI86MQQWRJ6TvSgR1Ext

Malware Config

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral

    Umbral stealer is an opensource moduler stealer written in C#.

  • Command and Scripting Interpreter: JavaScript 1 TTPs
  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 11 IoCs
  • Suspicious use of FindShellTrayWindow 54 IoCs
  • Suspicious use of SendNotifyMessage 48 IoCs
  • Suspicious use of SetWindowsHookEx 19 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Copped.exe
    "C:\Users\Admin\AppData\Local\Temp\Copped.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3780
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4120,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=3760 /prefetch:8
    1⤵
      PID:3228
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:1752
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffca04bab58,0x7ffca04bab68,0x7ffca04bab78
        2⤵
          PID:4084
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1992,i,18313428724085478803,3771752768728754615,131072 /prefetch:2
          2⤵
            PID:4608
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1988 --field-trial-handle=1992,i,18313428724085478803,3771752768728754615,131072 /prefetch:8
            2⤵
              PID:3744
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2252 --field-trial-handle=1992,i,18313428724085478803,3771752768728754615,131072 /prefetch:8
              2⤵
                PID:2964
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3112 --field-trial-handle=1992,i,18313428724085478803,3771752768728754615,131072 /prefetch:1
                2⤵
                  PID:4596
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1992,i,18313428724085478803,3771752768728754615,131072 /prefetch:1
                  2⤵
                    PID:4300
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4364 --field-trial-handle=1992,i,18313428724085478803,3771752768728754615,131072 /prefetch:1
                    2⤵
                      PID:3372
                  • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                    "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                    1⤵
                      PID:4548
                    • C:\Windows\system32\cmd.exe
                      C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\UseSync.cmd" "
                      1⤵
                        PID:616
                      • C:\Windows\system32\AUDIODG.EXE
                        C:\Windows\system32\AUDIODG.EXE 0x3cc 0x428
                        1⤵
                          PID:4692
                        • C:\Windows\system32\OpenWith.exe
                          C:\Windows\system32\OpenWith.exe -Embedding
                          1⤵
                          • Modifies registry class
                          • Suspicious behavior: GetForegroundWindowSpam
                          • Suspicious use of SetWindowsHookEx
                          PID:4640
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe"
                          1⤵
                          • Enumerates system info in registry
                          • Suspicious behavior: EnumeratesProcesses
                          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                          • Suspicious use of AdjustPrivilegeToken
                          • Suspicious use of FindShellTrayWindow
                          • Suspicious use of SendNotifyMessage
                          PID:3908
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffca04bab58,0x7ffca04bab68,0x7ffca04bab78
                            2⤵
                              PID:1528
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1980,i,2302763013419692924,4458372834179507537,131072 /prefetch:2
                              2⤵
                                PID:3360
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=1980,i,2302763013419692924,4458372834179507537,131072 /prefetch:8
                                2⤵
                                  PID:4592
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2244 --field-trial-handle=1980,i,2302763013419692924,4458372834179507537,131072 /prefetch:8
                                  2⤵
                                    PID:736
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3028 --field-trial-handle=1980,i,2302763013419692924,4458372834179507537,131072 /prefetch:1
                                    2⤵
                                      PID:4316
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3048 --field-trial-handle=1980,i,2302763013419692924,4458372834179507537,131072 /prefetch:1
                                      2⤵
                                        PID:1284
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3588 --field-trial-handle=1980,i,2302763013419692924,4458372834179507537,131072 /prefetch:1
                                        2⤵
                                          PID:1016
                                      • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                                        "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                                        1⤵
                                          PID:5024
                                        • C:\Windows\System32\WScript.exe
                                          "C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\LockClose.js"
                                          1⤵
                                            PID:4364

                                          Network

                                          MITRE ATT&CK Enterprise v15

                                          Replay Monitor

                                          Loading Replay Monitor...

                                          Downloads

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                            Filesize

                                            40B

                                            MD5

                                            e646991f9b7863013f4543e5deea2d49

                                            SHA1

                                            7d3ab1c249b15c5bc5761baef819fa96b043539a

                                            SHA256

                                            0cc277125b5bd55a7c42e32f351b5bce3ca6003f28bc0646db5bc6b9b5135c07

                                            SHA512

                                            8b7b264f086ee2d1c1ec1199307d6511ce964890e84312a1c12c21a0a1fac24d6bf005a2ded820ecae3b51b58229a8ce724e98e40b03e1f93d3914948025a76f

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

                                            Filesize

                                            44KB

                                            MD5

                                            5c976c8fb95926c51101a871261dddd6

                                            SHA1

                                            f145ff3065154a42065a526f81d61a4255e25528

                                            SHA256

                                            18f7c2022ffd38f89b1cd75baf5843d6595720b92e0ea3a14bc89ae7f24bdd4c

                                            SHA512

                                            e675bc8c5a9b08d725c664238ee84bdf1aff2fb1d02e0614c2463ad0c497c594727e992c266161f828627842e080bf6f801c47652adc63fcd1535f353b65d540

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

                                            Filesize

                                            264KB

                                            MD5

                                            61925a5d29b1182e31684c00b8f70125

                                            SHA1

                                            29a926d430452b3345efdfa4656a566bff7fb062

                                            SHA256

                                            46c6a66833ccfd072bb11c70896b7f0c1c00a3b2a8a9ddf103329409a8479601

                                            SHA512

                                            a1d3e1438cdcadebb7b2ebc7b28e26119fe6046be272eb21fffa98a19f88b850a139778888ab678e7274a1ad30045a6e1eb8ed8c09504783ed4a2a5f1905c5d3

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

                                            Filesize

                                            317B

                                            MD5

                                            14f158c3d06e23f5863472f4f7d41eff

                                            SHA1

                                            df2b74fdc89aec4990fa7ac6dbe43f6777a45469

                                            SHA256

                                            b624015e1144f6669f56f80fe8719f88d7932eff38e412577a2aacf4d2722bef

                                            SHA512

                                            3a96405905f89b855aab6009685906da5140e3483156fa360c4559e26f0d995c5f912b68e0fb727aad46c5f2a2502021cb873e0491123aff7750c3b6f1a6f740

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

                                            Filesize

                                            329B

                                            MD5

                                            38137f60f7c5eebde5a42415052946ec

                                            SHA1

                                            2a8afac6aebf791b67d95eea62c815f39070fea7

                                            SHA256

                                            6467fa1a93d4517aaf8fa2c88f770318a5e0a731176bb90b0f79c162108a2a6b

                                            SHA512

                                            ee15c8fbdac62a3b29429df835f90dee169c066266fbe1049119fd624678a6b990608aaa26e4a419b3e3a4813d28a33b34d4baef99c3428f0adf4c9b25530551

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\3ae64029-765e-45d1-a828-0e2aea977cc8.tmp

                                            Filesize

                                            2B

                                            MD5

                                            d751713988987e9331980363e24189ce

                                            SHA1

                                            97d170e1550eee4afc0af065b78cda302a97674c

                                            SHA256

                                            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                            SHA512

                                            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                            Filesize

                                            810B

                                            MD5

                                            656d025bc38750420cd01761f5a78d33

                                            SHA1

                                            80a092803f458207a174ee987fb7f90637ebd48c

                                            SHA256

                                            bbaf1d56bdc15be59898b39ff06c5d896ee7729243727999d6514b38efbc5215

                                            SHA512

                                            1bb26ea6272d9a84dc292e8baca65e86c9dbbb86975c5f8c8e49588d038f103f12348323504cc7bb1dd154a071bb816e4a483f296f3e396c9f71c124228ebedf

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            51d57e201b27f066ecaa93edc09f8ccb

                                            SHA1

                                            76fbc4ad9e3297f1eec05bf4c82a723e08973762

                                            SHA256

                                            bdeecfa17a9afbdafeb7e99cbd193c358f7942aea3550ac564b376bd9b483f08

                                            SHA512

                                            72e03dfa71d02ee1c1c07dc8e2adfde2ae254838e7393516465d0059c74012eb2bc01407cf0ef7342398867e8c65199b0522566b46f1277b7ca925ead7a03a24

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            7fcc431e49114d23100ef890be8c156f

                                            SHA1

                                            4cb16e20c749ea44e80d5f146884e351c94a6205

                                            SHA256

                                            38c0fc3f6a9bb06d355d24577014568b62977fc78a13fc370b83bdb6fe815e76

                                            SHA512

                                            a5f4cc0070e4923ad6b699b0ea332869370bf8c845f438485db5fceaf522d0c40f3978d4b42e08faf572f496ee3d51dfd05639106d9ec0414b27bffb9afae1b6

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

                                            Filesize

                                            232B

                                            MD5

                                            8a30a1fdd0459d9ea8b1e78a8e636856

                                            SHA1

                                            9d7225e97f9cfcfb225cfbfd0b0bba21d4efdd20

                                            SHA256

                                            88fe1d31608930f2738d102d45c75dc77acdf01a1b69bfb7e7c0281575b75e33

                                            SHA512

                                            b529bce870cd8165bf82f3ebf94f07552467bd0993b9d35145182e54e26fb2ae8e7bb167d88267b632757e2146f27dfddf8867db0c66e5dcc306db12ec6b7bef

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

                                            Filesize

                                            317B

                                            MD5

                                            967e3c4751e1d0bf2b7f05bb1ba4a805

                                            SHA1

                                            279bbedae219ff4e2e753529edf6742d72f6eaa9

                                            SHA256

                                            104d1bb186663d9bef5774eb39fb83fab9be5c06dac41d79ceca02663cf1b519

                                            SHA512

                                            5c57f275cfcbda3ac2ad1907427a9a414cf85803bc1d4e41cf2a8af921b98fd369d4ff2a9d4c55377759baa452544420a14cefbe69821e4219b163da56a4a325

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13362784310890948

                                            Filesize

                                            2KB

                                            MD5

                                            8753d5d8b5339335b6fccd3081250d14

                                            SHA1

                                            8b60880a4e12e0177159f2c76c63e40035b4eb30

                                            SHA256

                                            bc28c44a5c43c135ecf6a5bbe1e66975400d7c44fbfa759a73cf1628febf38e3

                                            SHA512

                                            226e5e4f769b99038eb680a9245556298df94a745742ec90bf29d29e0a559c627f7fceb95796b5c7b8bfdf8b6ca5cb43d29fbf436425734b14369bf213876893

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

                                            Filesize

                                            345B

                                            MD5

                                            2452846d4e3f1f19106052a764f08130

                                            SHA1

                                            eed0e3caf627ded64280fc8aa387ba387d51c83f

                                            SHA256

                                            cc9a555fc06b687efc074af9073ef177808d674fafe3df082aff97e30c243f5b

                                            SHA512

                                            45954e0a174104606da8dd9d6d0367093ea786d7864120d15b43634937f6609b42e413baa3e54445556eb74dd2e5bbf1312a0f2d33e2acb1423158587411d921

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

                                            Filesize

                                            321B

                                            MD5

                                            566f77f4ba93cb69a7e1ceaf747da478

                                            SHA1

                                            1e1d057f8e4f256ea96dd94658c7e40c5ebf8863

                                            SHA256

                                            871a14fecc02840ecfc00548f3af1c25143e07dc5467d46ff0d3db2bba415032

                                            SHA512

                                            9c42976eae8afdcf29195d6ca4dec54de4a87eb2b3e9b92d4d5b73093bbe209cafdfeebcd420a374c1b4e223d0c19bd564effa8e3f16acb5797ba87f453ae705

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

                                            Filesize

                                            317B

                                            MD5

                                            c533638eaea8ddc058a48a5939fb929c

                                            SHA1

                                            847fd9fa5fa5542c8fc0da721e6c0e3db5a568e5

                                            SHA256

                                            3c006ab88564814092c69b2ac04bb3576cc27399b30cc4b0e4df659707e9c1ce

                                            SHA512

                                            4a9eaeeed6dc3fa21702928cec835a7da89ae34ff7c08f095b68003f481b1ad44bf0b89d5560f19c271961beaf212b917a3a0b646ca4343b5b8f2875e8d72c36

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

                                            Filesize

                                            889B

                                            MD5

                                            5204a18c65e33392e3e55d2b05d18d11

                                            SHA1

                                            1e219b31fe9754d5307b30b6d8e29190df3fdcbe

                                            SHA256

                                            340d950fc837f6252f659825d6e161aecfc655c4d2d623538f92c0ab2842aaa9

                                            SHA512

                                            baaac7108f5a026270bb649d9d3fcecf863c381a4280b1cae337e86dbc466579345e6cc184bdf30060296c6f2ed2c997448f000de513877296816e8c3a5f8b44

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

                                            Filesize

                                            335B

                                            MD5

                                            1da7e2fe64103594bfc20d4fafc91f67

                                            SHA1

                                            b0fb2826ff37d6a9bae48b4a846ba7be04119ebc

                                            SHA256

                                            43f9597d01d90eb5edd29f503478e25907b0880b370da2529ecf8fbc6ab14629

                                            SHA512

                                            5fe4d32f695b2fce2a0148023a7e2fe3005f6e6554473dcaaa764ed339b80de06aa2878b55d1f0d703a9913070e19e89a522848262ca67d9a85954d2b3a4af04

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

                                            Filesize

                                            44KB

                                            MD5

                                            04a6090a29e9e74815ad9d6ad3ada258

                                            SHA1

                                            a01e3559bfe1467541c4ce1bcb2d71223ccea1d9

                                            SHA256

                                            598d00f1373a3ca7d99e5f4e07132cbafd9f63701b7b85d29e346fb4015aad8c

                                            SHA512

                                            67607294e8178c28e348b5917d9c8598e8bae95001c287554a447c1a5e28e31515121bbb7146082ae8f8b33c8c9253616f803048b8f1541f1f75e1e40242c1d5

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

                                            Filesize

                                            264KB

                                            MD5

                                            be862818c94890affedaf50b4d91e3ec

                                            SHA1

                                            6f25a1b8ffd66a4af02bdd104c03a28b5569d9f0

                                            SHA256

                                            f29a538413f0f9eccfa7dc763dcc2e3b3f692b4fe774a12cc0c6ea39e44b4172

                                            SHA512

                                            efb9cd1bbcf0dcfdd4ece9716c549df3d31fff4fefcee4f7ffdf74f66c0c1dfba238f6260ebb0ea769835f19b50456f7a81f0c1c89d399ba20eedc8bdae17f83

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

                                            Filesize

                                            4.0MB

                                            MD5

                                            0d90ad00282af3685ee465d55dd24ecc

                                            SHA1

                                            1c4f8a2044101e91452be0b8e9dee8509171b72c

                                            SHA256

                                            ca32860205405328c3e0a49202b2befd9ae06713d2f1026a6cc45130d355738e

                                            SHA512

                                            f4029c8811c27e5f5c9b6c9bb2ec527d63755c24bf0096bde9474358a1e519500ef68b111d14ce9395207ca9f2b25fc56f1ddde98a2eb17afc1d21020fa99af5

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

                                            Filesize

                                            14B

                                            MD5

                                            009b9a2ee7afbf6dd0b9617fc8f8ecba

                                            SHA1

                                            c97ed0652e731fc412e3b7bdfca2994b7cc206a7

                                            SHA256

                                            de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915

                                            SHA512

                                            6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                            Filesize

                                            255KB

                                            MD5

                                            e76e74863ada0919bda153c6aed1ad0e

                                            SHA1

                                            de992ee83a9163b29c93d9c8774982ae5cca6125

                                            SHA256

                                            1e836dfae9b97463e745e05c530f1314e2c2a0f64cf5eaf164807b5c8851ec20

                                            SHA512

                                            7e311f09af2718d206f1763e3600bd01bc67c8014e846563f8082e739950e2b0a7f336a8c4be235cb7524b2ee2caa34c47a008804c9fd17da7022990b3755a7a

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                            Filesize

                                            255KB

                                            MD5

                                            9e12fb74da2dd5fbca4e91ec755d80b6

                                            SHA1

                                            a834704fe678552f3a6faa6533c25e3b561ceb7e

                                            SHA256

                                            6d41397fff39ab0e0f3e2ec22ee92422fb110cadfd1b5d07eaf57453f834fa6a

                                            SHA512

                                            e8d41f10e30371867c7b923ae65c73a7e80245cdd062afde67e0dc4ab7ab96785c327c19e16e9e3af3eff1c0597a041923b307759a9d46718875e269642fc166

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

                                            Filesize

                                            264KB

                                            MD5

                                            f50f89a0a91564d0b8a211f8921aa7de

                                            SHA1

                                            112403a17dd69d5b9018b8cede023cb3b54eab7d

                                            SHA256

                                            b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                            SHA512

                                            bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                            Filesize

                                            86B

                                            MD5

                                            961e3604f228b0d10541ebf921500c86

                                            SHA1

                                            6e00570d9f78d9cfebe67d4da5efe546543949a7

                                            SHA256

                                            f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

                                            SHA512

                                            535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

                                            Filesize

                                            4B

                                            MD5

                                            55d034eb7aa8b40d6aeae9301d0d5744

                                            SHA1

                                            bcfc02823f5ef356dda49cf13040582acb37a6b9

                                            SHA256

                                            3d9f42be2670854b189802b83c4b214101901c9938d134621987cdbaee093c88

                                            SHA512

                                            2648add00eea55a078f0a8865e93ac8d1f3e36593948071ef67f3a515d0ad3f0de0e47aa77c6f3b11edf4c85a9b863ac8a9e9892711af0ac9ee802f05bde7846

                                          • memory/3780-3-0x00007FFCA8690000-0x00007FFCA9151000-memory.dmp

                                            Filesize

                                            10.8MB

                                          • memory/3780-0-0x00007FFCA8693000-0x00007FFCA8695000-memory.dmp

                                            Filesize

                                            8KB

                                          • memory/3780-2-0x00007FFCA8690000-0x00007FFCA9151000-memory.dmp

                                            Filesize

                                            10.8MB

                                          • memory/3780-1-0x00000270D8D70000-0x00000270D8DE2000-memory.dmp

                                            Filesize

                                            456KB