Analysis
-
max time kernel
737s -
max time network
709s -
platform
windows11-21h2_x64 -
resource
win11-20240508-en -
resource tags
arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system -
submitted
15-06-2024 04:28
Static task
static1
Behavioral task
behavioral1
Sample
You-are-an-idiot.zip
Resource
win11-20240508-en
Behavioral task
behavioral2
Sample
Flash.swf
Resource
win11-20240611-en
Behavioral task
behavioral3
Sample
Google Chrome.exe
Resource
win11-20240611-en
General
-
Target
You-are-an-idiot.zip
-
Size
33KB
-
MD5
4acd75f2bfeb99226a8c9cc721284208
-
SHA1
4c5fc527d8825952a6f45d4fcbab3bdb074e9713
-
SHA256
47dca4e070081df4b70053c858a851dbd720845d4ac579eb5e7334a44ffa16c7
-
SHA512
ba18b878ad12916ae75dd1f5fbee09bbdfef4776d243fa4e9d7b34a113978b529a242c66e868c52cbb0cab4198d0b356e83dc36355f9452e03e7fbd4e0f9f6e0
-
SSDEEP
768:XSAiCxuDCOUT3qQG7VepMaNNo3Bn9JtmqU731RY4EF:CAi5OnTDG7kPNu9zeLEF
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes:
chrome.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
Processes:
chrome.exedescription ioc process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133628998588026690" chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
Processes:
chrome.exechrome.exepid process 3360 chrome.exe 3360 chrome.exe 4540 chrome.exe 4540 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
Processes:
chrome.exepid process 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
Processes:
chrome.exedescription pid process Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe Token: SeShutdownPrivilege 3360 chrome.exe Token: SeCreatePagefilePrivilege 3360 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
Processes:
chrome.exepid process 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe -
Suspicious use of SendNotifyMessage 12 IoCs
Processes:
chrome.exepid process 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe 3360 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
chrome.exedescription pid process target process PID 3360 wrote to memory of 108 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 108 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 1464 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2760 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2760 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe PID 3360 wrote to memory of 2512 3360 chrome.exe chrome.exe
Processes
-
C:\Windows\Explorer.exeC:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\You-are-an-idiot.zip1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffcc4dcab58,0x7ffcc4dcab68,0x7ffcc4dcab782⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:22⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2188 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3084 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3152 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4228 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4508 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4732 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4180 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4808 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3396 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4908 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3440 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1816,i,5066285089980716103,10392401078225995171,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"1⤵
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending ReportsFilesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\PreferencesFilesize
7KB
MD546d40676455eb1e588122ad8e132dcca
SHA19f79a05ca8d46c10a68ae5c2d6168e7781661c7f
SHA2563ae316a723dd7bdceab4f69818c0b619ee63669cdcd9cff10e5b2985cb1e6b74
SHA5126b1339d6c78dc42efdb50535824b7d389aadb150e020cf4dc67be02f45a70b17a5d8c0d996de12c84a17297839f29f6b36a02d858916694d52dc26edba305acc
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\PreferencesFilesize
7KB
MD5ea98c807736aecd5c8c9f3362b3c76a6
SHA1f8cebd94620222848034111e6bd10489bf975710
SHA256b548310bbb7b123ab85d05ddace815c840137fbc7baa9415390c43ae556de1fe
SHA512fb2807aab33e29e39c27ed6f2e4f8c3fe4ea563395a17eedf56443e1cd5129126dd28a8a214a1a9e910bff6aeffb1519000ca5d6339a1e97b3f36bf8eb16d900
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local StateFilesize
129KB
MD58da98de6d5d5ef4dd830343b45632200
SHA1a4f9064f762693108173a332ff730b55dbfa71eb
SHA256a5ac309f31f49cf23ec2bfca81aca0a64d047bba3c34348941b34abcf494d723
SHA51224e54f5de9d8337a5b5c6634822cd1ddaf8e5f70f5740f9870fc2451381f56080679032ae25d7917f163836ea5e1e512a42cc780511933bf6703f99101c2684f
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local StateFilesize
129KB
MD5b980dc617f4469757e18a75fc5e13dbe
SHA1967d2b8bf15f9cb00d7f64285c49becc0a80fd65
SHA256e2c461658f81d21c720785017dbf155db26963253765b50e6b9adc469e281c24
SHA512e02a9997167d53b5331319ca4178fe331a62e358ed6b735853a3f312f09f4c1ae75a0501db3f08d0eaa8dd39413d9a8dc7fc7dadf907c1735e16d3d9f3be4fa5
-
\??\pipe\crashpad_3360_BJKARTNPNTLRNKREMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e