Analysis

  • max time kernel
    102s
  • max time network
    104s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-06-2024 18:00

Errors

Reason
Machine shutdown

General

  • Target

    Launcher.exe

  • Size

    4.2MB

  • MD5

    a599d07e8fa339fa013404055de60213

  • SHA1

    d53dc82745a54d06a0b6de3412078c502e9e5bdc

  • SHA256

    f86c484b6bef1a7339c26e9e0f261794d476883f9b2a69c3f2357500e36c3446

  • SHA512

    4036f9c2d94e1fb3c0fe71316c385b39b856b73646e24faa1e537a73831a0e0f2d3845dbf851e716551fea59a44d395e3c88bb181740182e75b98404c05ff62f

  • SSDEEP

    98304:fl18uQthswNghxlSAVjT3UXVsVppBJgbQVhe2yXSEd:fl189sCQxU0UXeF8GP7O

Malware Config

Signatures

  • Modifies WinLogon for persistence 2 TTPs 1 IoCs
  • UAC bypass 3 TTPs 1 IoCs
  • Disables RegEdit via registry modification 1 IoCs
  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Drops desktop.ini file(s) 2 IoCs
  • Sets desktop wallpaper using registry 2 TTPs 1 IoCs
  • Drops file in Windows directory 2 IoCs
  • Checks SCSI registry key(s) 3 TTPs 6 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies data under HKEY_USERS 17 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 47 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 48 IoCs
  • Suspicious use of SendNotifyMessage 32 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Launcher.exe
    "C:\Users\Admin\AppData\Local\Temp\Launcher.exe"
    1⤵
      PID:1140
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:4436
      • C:\Windows\system32\msinfo32.exe
        "C:\Windows\system32\msinfo32.exe" "C:\Users\Admin\Downloads\DisableUse.nfo"
        1⤵
        • Checks SCSI registry key(s)
        • Enumerates system info in registry
        • Suspicious behavior: GetForegroundWindowSpam
        PID:1516
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe"
        1⤵
        • Enumerates system info in registry
        • Modifies data under HKEY_USERS
        • Modifies registry class
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of WriteProcessMemory
        PID:4756
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8ff7fab58,0x7ff8ff7fab68,0x7ff8ff7fab78
          2⤵
            PID:4460
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:2
            2⤵
              PID:3760
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
              2⤵
                PID:1576
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2248 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
                2⤵
                  PID:3328
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2940 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                  2⤵
                    PID:4584
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3052 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                    2⤵
                      PID:3916
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3884 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                      2⤵
                        PID:3832
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3888 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
                        2⤵
                          PID:2640
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4564 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
                          2⤵
                            PID:768
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4460 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
                            2⤵
                              PID:4360
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4800 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
                              2⤵
                                PID:2008
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4764 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
                                2⤵
                                  PID:1992
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4696 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                  2⤵
                                    PID:4684
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4832 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                    2⤵
                                      PID:1616
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5004 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                      2⤵
                                        PID:216
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4808 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                        2⤵
                                          PID:4432
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3268 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                          2⤵
                                            PID:3280
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5048 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                            2⤵
                                              PID:4396
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5224 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                              2⤵
                                                PID:4108
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5444 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                2⤵
                                                  PID:1524
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5552 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                  2⤵
                                                    PID:3944
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5696 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                    2⤵
                                                      PID:2044
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5880 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                      2⤵
                                                        PID:3016
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6024 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                        2⤵
                                                          PID:936
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5868 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                          2⤵
                                                            PID:4684
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6072 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                            2⤵
                                                              PID:264
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6360 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                              2⤵
                                                                PID:100
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=6504 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                2⤵
                                                                  PID:3080
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6648 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                  2⤵
                                                                    PID:668
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6916 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                    2⤵
                                                                      PID:2076
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7104 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                      2⤵
                                                                        PID:5636
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7356 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
                                                                        2⤵
                                                                          PID:5656
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7532 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                          2⤵
                                                                            PID:5896
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7332 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                            2⤵
                                                                              PID:5976
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7080 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                              2⤵
                                                                                PID:6004
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7112 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                2⤵
                                                                                  PID:5996
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7844 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5492
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7856 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                    2⤵
                                                                                      PID:5568
                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7900 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                      2⤵
                                                                                        PID:5536
                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7912 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                        2⤵
                                                                                          PID:5520
                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7920 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                          2⤵
                                                                                            PID:5512
                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=7672 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                            2⤵
                                                                                              PID:5496
                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7536 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                              2⤵
                                                                                                PID:5628
                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6600 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
                                                                                                2⤵
                                                                                                  PID:5608
                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=8608 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:5540
                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6100 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:6220
                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=6368 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:6228
                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=8832 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:6236
                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=8860 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                          2⤵
                                                                                                            PID:6264
                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8996 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:6272
                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=9036 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:6280
                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=6372 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:6288
                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=9340 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:6836
                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=4884 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:6348
                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=9056 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:6448
                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=7200 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:6652
                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=6632 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:5772
                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=7276 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:5244
                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
                                                                                                                              2⤵
                                                                                                                                PID:6324
                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7888 --field-trial-handle=1848,i,2522593681134875871,18032710945841839572,131072 /prefetch:8
                                                                                                                                2⤵
                                                                                                                                  PID:6500
                                                                                                                              • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                                                                                                                                "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                                                                                                                                1⤵
                                                                                                                                  PID:3356
                                                                                                                                • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                  C:\Windows\system32\AUDIODG.EXE 0x150 0x32c
                                                                                                                                  1⤵
                                                                                                                                    PID:5800
                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\Temp1_NoEscape.exe-Download-main.zip\NoEscape.exe-Download-main\NoEscape.exe\NoEscape.exe
                                                                                                                                    "C:\Users\Admin\AppData\Local\Temp\Temp1_NoEscape.exe-Download-main.zip\NoEscape.exe-Download-main\NoEscape.exe\NoEscape.exe"
                                                                                                                                    1⤵
                                                                                                                                    • Modifies WinLogon for persistence
                                                                                                                                    • UAC bypass
                                                                                                                                    • Disables RegEdit via registry modification
                                                                                                                                    • Drops desktop.ini file(s)
                                                                                                                                    • Sets desktop wallpaper using registry
                                                                                                                                    • Drops file in Windows directory
                                                                                                                                    PID:7032
                                                                                                                                  • C:\Windows\system32\LogonUI.exe
                                                                                                                                    "LogonUI.exe" /flags:0x4 /state0:0xa3911855 /state1:0x41c64e6d
                                                                                                                                    1⤵
                                                                                                                                    • Modifies data under HKEY_USERS
                                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                                    PID:4992

                                                                                                                                  Network

                                                                                                                                  MITRE ATT&CK Enterprise v15

                                                                                                                                  Replay Monitor

                                                                                                                                  Loading Replay Monitor...

                                                                                                                                  Downloads

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
                                                                                                                                    Filesize

                                                                                                                                    24KB

                                                                                                                                    MD5

                                                                                                                                    87c2b09a983584b04a63f3ff44064d64

                                                                                                                                    SHA1

                                                                                                                                    8796d5ef1ad1196309ef582cecef3ab95db27043

                                                                                                                                    SHA256

                                                                                                                                    d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

                                                                                                                                    SHA512

                                                                                                                                    df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
                                                                                                                                    Filesize

                                                                                                                                    68KB

                                                                                                                                    MD5

                                                                                                                                    f0c27286e196d0cb18681b58dfda5b37

                                                                                                                                    SHA1

                                                                                                                                    9539ba7e5e8f9cc453327ca251fe59be35edc20b

                                                                                                                                    SHA256

                                                                                                                                    7a6878398886e4c70cf3e9cec688dc852a1f1465feb9f461ff1f238b608d0127

                                                                                                                                    SHA512

                                                                                                                                    336333d29cd4f885e7758de9094b2defb8c9e1eb917cb55ff8c4627b903efb6a0b31dcda6005939ef2a604d014fe6c2acda7c8c802907e219739cf6dab96475b

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
                                                                                                                                    Filesize

                                                                                                                                    327KB

                                                                                                                                    MD5

                                                                                                                                    dd242f4737b2737ecad98bc2028b544a

                                                                                                                                    SHA1

                                                                                                                                    065a4e6f50f16e5986df7f582d4839e59c4338a4

                                                                                                                                    SHA256

                                                                                                                                    cc8950f8d690094464d97041d919cab9ec3af790437c6e3febb754e245171cd6

                                                                                                                                    SHA512

                                                                                                                                    b393c7f0da53d9ae875743cb564b223b2031767844db1de296b6e652492bc29f8e19bae002b66e987c00b11009ac7df0bff7a36d661f7846e8bd8c9a0957a272

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
                                                                                                                                    Filesize

                                                                                                                                    134KB

                                                                                                                                    MD5

                                                                                                                                    bb82f6b975721f7516c470271507feb1

                                                                                                                                    SHA1

                                                                                                                                    992a23f0dbd86734402fd9a29706436bc76fba1d

                                                                                                                                    SHA256

                                                                                                                                    495e8e7f53579ef9db3cde689bd31c4665ef84d900eed9f4a58887637eb26e69

                                                                                                                                    SHA512

                                                                                                                                    371f71a1b5376e5befc6fbb3d4cd1c2530aea5a87be2da08c8d0efad4b4aab338c2aee40880ece4442f284fc26ee94a8bd11cbd3cf2cc9f80c44a4e0ba9db036

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
                                                                                                                                    Filesize

                                                                                                                                    253KB

                                                                                                                                    MD5

                                                                                                                                    69d3914a712a4610e7237d2df17c476c

                                                                                                                                    SHA1

                                                                                                                                    ef5542cbbd05325e617fde5ce83e65bc01a070d6

                                                                                                                                    SHA256

                                                                                                                                    0783188721ceb7285d463bd29fda050498b301a84f74ea603cf6d364f0c0f52f

                                                                                                                                    SHA512

                                                                                                                                    8ebb53e5e565aba680a2f4ec95c73bcc943504ce17cf73a90ef5dc37bb7d3cea912fba8ea20a45c0aa3b8804d789b044f940b057e9e31a7458f05e322a59712e

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
                                                                                                                                    Filesize

                                                                                                                                    164KB

                                                                                                                                    MD5

                                                                                                                                    249b0de3d74b3884972b196617b574c0

                                                                                                                                    SHA1

                                                                                                                                    cdd95b4e9ab1ae8f29c9ecbaf0ed1989d09b86af

                                                                                                                                    SHA256

                                                                                                                                    38af6a677b432df7570d0811c1ab8f2bca749438ed89f51f301913434e5058cc

                                                                                                                                    SHA512

                                                                                                                                    c9f084f686b0a618b7447c98f9f0162fb2d0e553652aa0cee324cf9b250d2d538d168d57c3617b84cc0cca042a648bb8a18cc242d1cde151e3749bd0d2e7e3ac

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
                                                                                                                                    Filesize

                                                                                                                                    226KB

                                                                                                                                    MD5

                                                                                                                                    04de8a9fa3884e240a8163f2b4e999b9

                                                                                                                                    SHA1

                                                                                                                                    569a0b316bc74e30267ab711dbfe8140e1dae774

                                                                                                                                    SHA256

                                                                                                                                    f1b83275dabc5d7f03019a987abf0e6ef5bc18675799d81fb2348ce3ef29be32

                                                                                                                                    SHA512

                                                                                                                                    1c6d557868e2714fea9b90ec05c1f4c10aa2704e5e6df60e687ac9f9e51f17101fa50cc47ead698e4073c5f5e508fd246b6a7d9073bea38e17c800c966fa53f2

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
                                                                                                                                    Filesize

                                                                                                                                    41KB

                                                                                                                                    MD5

                                                                                                                                    e83d2cc3ae5aa608538432695f2812ec

                                                                                                                                    SHA1

                                                                                                                                    76284674c3a38a313fa0234df4872e1120a3bce5

                                                                                                                                    SHA256

                                                                                                                                    87ddab4115f08954e1037a7d4a6b94c5c8528122eed7b90d007b91f057030e55

                                                                                                                                    SHA512

                                                                                                                                    994340836cbfc52b4244ee1196adaf0bf19f987e3ea064f1faad3aef0ba7dbadc77a3d4d08c70fd73dbfa03140ffce15ad5f8bd67179bf492ed4127aceafa6bd

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028
                                                                                                                                    Filesize

                                                                                                                                    46KB

                                                                                                                                    MD5

                                                                                                                                    3dda883b89b1f31dd1e8e0be2d4250e9

                                                                                                                                    SHA1

                                                                                                                                    ff69000e8307afcb2b4db7d6117b47975f9de06a

                                                                                                                                    SHA256

                                                                                                                                    e60268695e6c66a62ad318850e45954bb22d21f2ae62fe9f0c5490dcb1e69f9b

                                                                                                                                    SHA512

                                                                                                                                    25176c5acc9cf658129508ccc1b7fc8e93777cc59a404caf06a0e0eeb7c10b5276923aa51d56a99ebfd45d9f05b16f598794fb31ea0aa39565770b3c3b8c8c43

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029
                                                                                                                                    Filesize

                                                                                                                                    19KB

                                                                                                                                    MD5

                                                                                                                                    9e3954e384c5af053acffd96b63a7289

                                                                                                                                    SHA1

                                                                                                                                    74be79c98f6daafdff906e9a2fb3f44246fb94da

                                                                                                                                    SHA256

                                                                                                                                    3cdc949b2b68103b862b14487c5cb36e138ef9bc7cbf23b2a90849c28cf606c5

                                                                                                                                    SHA512

                                                                                                                                    b16235a6be76e0281971ad173bb782b9df275839e15267ce54e45c40d30836055b2be31c7f273a91203ea4de94ade39b0f11d7e9c57bfd0d38f4054ab7f53fc0

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a
                                                                                                                                    Filesize

                                                                                                                                    96KB

                                                                                                                                    MD5

                                                                                                                                    3e0379fa3f0f53026f5db1397280925d

                                                                                                                                    SHA1

                                                                                                                                    c0e0f3c1456fdf51ccfee7412c2fe8d6512a368f

                                                                                                                                    SHA256

                                                                                                                                    c5aa76c615cbb43f20f84d8b941f99700669670ce344ed0347db9ce7c2571f18

                                                                                                                                    SHA512

                                                                                                                                    2b198f0f5defe2f494326af7c3e06ce5daf588eb386c365cb4b39a8d9fa8c91fc9872290fe8bcdd114ec178634a9e15e381f78d3a46d82e7887ce8bd566367be

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b
                                                                                                                                    Filesize

                                                                                                                                    805KB

                                                                                                                                    MD5

                                                                                                                                    71d7561833574cd74f345b379e31948b

                                                                                                                                    SHA1

                                                                                                                                    add3759c792417cf250f76fd34fbd6184842bf37

                                                                                                                                    SHA256

                                                                                                                                    262b061e49d4d14b6a48151e1c5d3424df2231ec2d2d8d21bb64e0182b1aaaef

                                                                                                                                    SHA512

                                                                                                                                    800c7427953168d44f550b3d8d7b5e82419615b87feac9f2efeeca2c7d7e6dfc1e74a4573dc4d772d8cc6dcc2241bac33964fbda3318aa5ac947cc73788a81c4

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c
                                                                                                                                    Filesize

                                                                                                                                    32KB

                                                                                                                                    MD5

                                                                                                                                    03230dd42f79a152d4167da777b25930

                                                                                                                                    SHA1

                                                                                                                                    5fb12828c21013decbdcaaa6a0b172958319a4b8

                                                                                                                                    SHA256

                                                                                                                                    b38bb176acfe61a3ebaa9dd41cf299f0ebfe364762b213ef8281f750eedcbbb1

                                                                                                                                    SHA512

                                                                                                                                    79a24a7c52a0023e285266b22dbe9e53aa276f8dd1db93545eab857510d6bfa7f1bae76d3cd09910e9362e32a341ea679d54fe1abca6965976c204279eb2871e

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                    Filesize

                                                                                                                                    5KB

                                                                                                                                    MD5

                                                                                                                                    f325365ecb6e3433ffccaf4a2da594bd

                                                                                                                                    SHA1

                                                                                                                                    92d9016a1f7c1e5836831907009c1134980c8a0e

                                                                                                                                    SHA256

                                                                                                                                    77690e32da6b807c7173bd12bc60fdee693ac325aabb5190c4b830712b8218e1

                                                                                                                                    SHA512

                                                                                                                                    a01495f4275520d953c2b235bf425d8e96ac5fcf4f7d7b4167b8a5f5e0600d8103c84b3e1d5003205c79d735835bb180e38df2749c9ff0b4f796fb1663be46b1

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_spinpasta.fandom.com_0.indexeddb.leveldb\CURRENT
                                                                                                                                    Filesize

                                                                                                                                    16B

                                                                                                                                    MD5

                                                                                                                                    46295cac801e5d4857d09837238a6394

                                                                                                                                    SHA1

                                                                                                                                    44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                    SHA256

                                                                                                                                    0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                    SHA512

                                                                                                                                    8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.fandom.com_0.indexeddb.leveldb\MANIFEST-000001
                                                                                                                                    Filesize

                                                                                                                                    23B

                                                                                                                                    MD5

                                                                                                                                    3fd11ff447c1ee23538dc4d9724427a3

                                                                                                                                    SHA1

                                                                                                                                    1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                                                                                                    SHA256

                                                                                                                                    720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                                                                                                    SHA512

                                                                                                                                    10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log
                                                                                                                                    Filesize

                                                                                                                                    45KB

                                                                                                                                    MD5

                                                                                                                                    3f70b55c0ea959b562f18b8f9f26e65f

                                                                                                                                    SHA1

                                                                                                                                    a234b2720f76579c941a1e33cd5ad0428f4966f7

                                                                                                                                    SHA256

                                                                                                                                    535dd40fa42901d9710dd0a6d44f88625b8c82707372c117d21ad6a02869a1bf

                                                                                                                                    SHA512

                                                                                                                                    610c26d97744e3593874e7b4e4cd0e5d3b8f6e32ae31cf90302f8d63eedc44bbd7d2515200614eb90e62ce71223117538198c8d781f3e149412dd825d0eba8da

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old
                                                                                                                                    Filesize

                                                                                                                                    389B

                                                                                                                                    MD5

                                                                                                                                    35880824832550b8dfc4170289777e3d

                                                                                                                                    SHA1

                                                                                                                                    ad6046e24722e7ccd38d9660af6038114cce895f

                                                                                                                                    SHA256

                                                                                                                                    3d5607f168bef1281ad4a8304a0fb9d5b6676ead26d2f119f72e85a2fb7b3713

                                                                                                                                    SHA512

                                                                                                                                    d06c3e56e5e5e789d2e16e9be1820a07f4ebef0848d5e127155f32b4d362b2c37fbe8ace53234e4e9437d158a40e82e52f078eed0fbb2b99024f1f358301918c

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old~RFe5854e1.TMP
                                                                                                                                    Filesize

                                                                                                                                    349B

                                                                                                                                    MD5

                                                                                                                                    ea25fcfd3ba14ab8a729f66b0e5c276e

                                                                                                                                    SHA1

                                                                                                                                    2a05c2e6e367e21ebd064e41700b757e45cf8d4c

                                                                                                                                    SHA256

                                                                                                                                    b268651cc246f88c96ea74f31173819998320408122fcb726ce0d9ae705e5a12

                                                                                                                                    SHA512

                                                                                                                                    c6ae6dd9a0c7bd6487e14db6a5723601602d94c72436364acefea2b361c2472f8021f03545ce3349aada61cb0f11b0cf322e0b485ef503c44f28ead9ab1704cb

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                                                                    Filesize

                                                                                                                                    23KB

                                                                                                                                    MD5

                                                                                                                                    3f92f0ea742a7ba7b861b7a33c23d374

                                                                                                                                    SHA1

                                                                                                                                    ee46e5df1b7176a077a6dfdb5f9fa819d747998b

                                                                                                                                    SHA256

                                                                                                                                    60f2c1ef008d4f536d46f36b9949c0b85e7d7c88f8032056c5be49bc203ea04e

                                                                                                                                    SHA512

                                                                                                                                    c21ff7be6b8014a74e1c8d8ee34fa2253bb377995a979015402121ac56c1ddf91bfd4d071d4912e6f6c2289592f421b61d33451fdac1d62c0f9ff40d6191b157

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                                                                    Filesize

                                                                                                                                    2B

                                                                                                                                    MD5

                                                                                                                                    d751713988987e9331980363e24189ce

                                                                                                                                    SHA1

                                                                                                                                    97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                    SHA256

                                                                                                                                    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                    SHA512

                                                                                                                                    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                    Filesize

                                                                                                                                    356B

                                                                                                                                    MD5

                                                                                                                                    45badd3af8d121f36f5df6e12fe7ae5e

                                                                                                                                    SHA1

                                                                                                                                    9359ed33de366d604e1750e420086c0793bbbc5b

                                                                                                                                    SHA256

                                                                                                                                    3916ed3db1b215300f9c86ab67bdd9c960c71638a6941f06c86aec7299ba7fb1

                                                                                                                                    SHA512

                                                                                                                                    c3f9592eb6733ff05aa759cd5b99a099f8bc1be73757c4fada52154c5f905fc529df18c3f97c21a50706a655b65800343c0142249052a2d2f566455fc8b1b07d

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                    Filesize

                                                                                                                                    859B

                                                                                                                                    MD5

                                                                                                                                    aafb44bc777ce0be2f07c91cd83cf71a

                                                                                                                                    SHA1

                                                                                                                                    1958f15e9e0f68ac3082acac954e09a420a56d92

                                                                                                                                    SHA256

                                                                                                                                    9974a01bd586baed11e9252891ea26d6d7ba67d6277bf2f5305a466632cca74d

                                                                                                                                    SHA512

                                                                                                                                    baf60e235c908d1e4dc37b4224a8952db22802f50b9d6fb6d84b4e6576d63ff854853b9b03dda46a546a8ffac33084be671fde89e60b392ee8ee1435b561b161

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                    Filesize

                                                                                                                                    7KB

                                                                                                                                    MD5

                                                                                                                                    1e7dd88886f06b2f969b40ef95983de8

                                                                                                                                    SHA1

                                                                                                                                    ac742da9d884003cb740ecb05ca776214fe4ce3a

                                                                                                                                    SHA256

                                                                                                                                    981b10e95d5cfc5d8ee88fb734eb0ef18bb3ea94182f5868a4cbeb9ca48f804d

                                                                                                                                    SHA512

                                                                                                                                    8789a5bd6b1866a3407093eecdd9b17fab1c99fb1aaf806fd9df4324f779c5585ae743c9a5c61a2eee90d883d1a1444bac193a0a71c818a1315f2a40c2494cc6

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                    Filesize

                                                                                                                                    9KB

                                                                                                                                    MD5

                                                                                                                                    04dc9ce89307ac6a8c982447f93726af

                                                                                                                                    SHA1

                                                                                                                                    2a5974d0f7ca4f2d21692c06c541fa564b9e04c7

                                                                                                                                    SHA256

                                                                                                                                    89b198f360999a8609d13fd0063c2dffe1324fef09c183d158509d4fce6061ba

                                                                                                                                    SHA512

                                                                                                                                    f2ee0ea1e827a9d598e8f3b28dc76764dfeb782b8d7192503ba1aa0cdf6fc3e2c62876744b482414f02aaed2a13d904e3d185c53631a48188903158f80f549b9

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                    Filesize

                                                                                                                                    9KB

                                                                                                                                    MD5

                                                                                                                                    6734d9b7f9bbb56f51bdfd69f637b8a3

                                                                                                                                    SHA1

                                                                                                                                    204a9ff72fc66316fe94f3ef7ffe4875c42dc284

                                                                                                                                    SHA256

                                                                                                                                    e2d296163da88899bd43710ddb1e54fedd92322827966cfd23537b39f3a91695

                                                                                                                                    SHA512

                                                                                                                                    c54703aa57a40b2a0bd108ae7c5c86390867c28e978dac485cc735636355f1c04b7e8841ce11b8838e85b86e181f2a4dd9d033560e7b406f4ddb23509ba9e56d

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                    Filesize

                                                                                                                                    7KB

                                                                                                                                    MD5

                                                                                                                                    b63cc92621a9cf46ba432faee64402f5

                                                                                                                                    SHA1

                                                                                                                                    636ac3728a8a6ba040c7d9e3295f57011a51ff9f

                                                                                                                                    SHA256

                                                                                                                                    5ec160f0063c26f4d6f224a2a840d10be6420b12fa0badf6dbabc27a6b455501

                                                                                                                                    SHA512

                                                                                                                                    85ace3fc015b1b1835ddbe4526f65fe4e7dd47efb78e1b9858692c00dd80165e59fb110a1811e19570c0eb320f583b27ec884ca4e6806d443309a3b9eed0090d

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                    Filesize

                                                                                                                                    7KB

                                                                                                                                    MD5

                                                                                                                                    6e21e16e1d447243ab839f74bd71e234

                                                                                                                                    SHA1

                                                                                                                                    224f3bd358b5d25380e5704e0a81f4338a011044

                                                                                                                                    SHA256

                                                                                                                                    d73b4ccf53a2b6ef4c4e08e7f96dea67fc5c8bc2480dececed0e70dfe7a654e4

                                                                                                                                    SHA512

                                                                                                                                    08339d7420afd3b8a5f66d2885012bd083beb039379d555e198459ef73b5f633ba4b671e3d2107ce4c0239ede90d789bf744efed9920b66cf72ab63adf76f48b

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                    Filesize

                                                                                                                                    8KB

                                                                                                                                    MD5

                                                                                                                                    a2fb95c0a5240286c41e7ab7f9b25f56

                                                                                                                                    SHA1

                                                                                                                                    f548cdda65469e2e60e54603f0c9062698386bae

                                                                                                                                    SHA256

                                                                                                                                    774ca39e552a2a950323050633d84ab9ad05cf0cf9b0771d9113542e64110642

                                                                                                                                    SHA512

                                                                                                                                    181ecd2b62559b12d56e3706c9ac71c2cceef0aab7eb16d62cbd4609ce0e51c2fd9325bc24315c1a4d5dbbdef874e1e45cde53b1f052e12e2bcbb71e53a7d67c

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                    Filesize

                                                                                                                                    7KB

                                                                                                                                    MD5

                                                                                                                                    b3dcabcb795ce9f5aa6c3ee1ebb25552

                                                                                                                                    SHA1

                                                                                                                                    304f263a6880e17f09df4aabe9ee757e6d5d4551

                                                                                                                                    SHA256

                                                                                                                                    1acbd6825621cc76bb0d33e95fb4cfc8a520e3cdbebaedad9d8d48e01fb46b79

                                                                                                                                    SHA512

                                                                                                                                    a7ba007a6e78e254cf9df22035d80a018b08d45bedf6eed81716c686a1fd6ba2e4499e3b599574ef44284621b77bf5ca7aea61620c11ca43cd556ddc383aca72

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                    Filesize

                                                                                                                                    7KB

                                                                                                                                    MD5

                                                                                                                                    10a00020fcc54d69bb2f0c801467b458

                                                                                                                                    SHA1

                                                                                                                                    5b7c7945292c409ffe38e49daf9bbd50917d6cc5

                                                                                                                                    SHA256

                                                                                                                                    c6fd9428dfc81078e4c28ac6c0237c1f09c78f6ed9526006b66e893fa0ad943e

                                                                                                                                    SHA512

                                                                                                                                    5d5e65a66312181f9d38daadb4b019598752782f6bfea2eb97a77a3367c4017f4ca81f371f8fbbb1f0b270d9f351c7a918e82e6fed37542fcd6a05c70a5b81c0

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
                                                                                                                                    Filesize

                                                                                                                                    16KB

                                                                                                                                    MD5

                                                                                                                                    b702bb64be7e5ff85214a8771dea56f3

                                                                                                                                    SHA1

                                                                                                                                    ec3d98894f8749da1526f092c24cef4955e3e786

                                                                                                                                    SHA256

                                                                                                                                    0db6cfe661a7d52d77295d6e46688e71e818c435987171b9190eac322a8f72f7

                                                                                                                                    SHA512

                                                                                                                                    88f61c2130ddef13347c2d3598e4f770cc3a79433de835aaf9144c355fde3da86332b017eeb5388e39be716e018f763f3d25e52130038ee4c7b17282177d3077

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                    Filesize

                                                                                                                                    56B

                                                                                                                                    MD5

                                                                                                                                    94275bde03760c160b707ba8806ef545

                                                                                                                                    SHA1

                                                                                                                                    aad8d87b0796de7baca00ab000b2b12a26427859

                                                                                                                                    SHA256

                                                                                                                                    c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968

                                                                                                                                    SHA512

                                                                                                                                    2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                    Filesize

                                                                                                                                    120B

                                                                                                                                    MD5

                                                                                                                                    e05b8519a5a3a9c4100669813061a6d0

                                                                                                                                    SHA1

                                                                                                                                    bdfeb1d65fb7658e0e70ed6730532c6f99d99598

                                                                                                                                    SHA256

                                                                                                                                    a63eb7e41b13918b6ef104c0b1bb55dfb07720bb313d23400b56cff497659bce

                                                                                                                                    SHA512

                                                                                                                                    2d310dca30b7c83c9aa7baf496cf5ef009d125871dc00b0712835cf5e2dd383295439465dc20951f786f57b9ef716826d68546ff401548b4f04b9c22f36699ed

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                    Filesize

                                                                                                                                    120B

                                                                                                                                    MD5

                                                                                                                                    e0fccaa0e570df54fd0e81d3f3716e4c

                                                                                                                                    SHA1

                                                                                                                                    a1af40d357ea21debaa565be33a74f5fd9937c52

                                                                                                                                    SHA256

                                                                                                                                    4b92450597fbf7d2087825710c3c47b09b5bfea3e00ece83062b87763ee7e7de

                                                                                                                                    SHA512

                                                                                                                                    726793d1632a4b4b0c3c15a0864ab611b32017fa8d07129f32bfaa0f13238648b0066d113185c0ed92ff20c2c1e089ae1fefe069840c5d4a27ddd2967cecc042

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57e01f.TMP
                                                                                                                                    Filesize

                                                                                                                                    120B

                                                                                                                                    MD5

                                                                                                                                    ced5aef99b2431207d9a96b3f4556749

                                                                                                                                    SHA1

                                                                                                                                    f2d9ef184faae3ef6ad82da93fdef8b2d1deed98

                                                                                                                                    SHA256

                                                                                                                                    0d869480844f3577ce8e7d4def3ad3ed9359048870ccd94dc61bfb5c1f71ed5d

                                                                                                                                    SHA512

                                                                                                                                    125b57cffe72572353704932a6a0ba6e2612e98dcde2f78e6116f86e3392bac39168ebc496d6dab212f90da83fb0afdc1089f8b0e6349b3c6ccb305efc5b3cb4

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                    Filesize

                                                                                                                                    276KB

                                                                                                                                    MD5

                                                                                                                                    11341f2a41c77f00731df66a12d25096

                                                                                                                                    SHA1

                                                                                                                                    8b2b4374e6e3b56756982abf1e1ebf77aaf21d86

                                                                                                                                    SHA256

                                                                                                                                    860ec690bf9215a07f74b8cdc8592fb69c1ebc6d6d499df56d7aef34b5b3a01b

                                                                                                                                    SHA512

                                                                                                                                    e3207ff83c0cd53c1c66f2f4d763655a4553e96ac89b02169bdacf60f19ecf9fb10ad3ae6f90143f5206ce686b6d763f7fcb3f36258bb2f042e78cd339978b33

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                    Filesize

                                                                                                                                    276KB

                                                                                                                                    MD5

                                                                                                                                    cd513588de64e9b727f13d3fa33f7aee

                                                                                                                                    SHA1

                                                                                                                                    a723ef2c517d4ac749e09f22a6bc16ed91d29a4f

                                                                                                                                    SHA256

                                                                                                                                    d396b1611818e43f37273b231a6b26e96ba8116c91db074d1e07de30ecce9018

                                                                                                                                    SHA512

                                                                                                                                    bb1b76b2e4fc6ad07d0d1114601303df9577a2ffabaaea1b45b293f94f9e56a67ed4d1c7c43baf6a4e3d2a38b15c8e08fc97d82787ec88da5250da94b19510da

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
                                                                                                                                    Filesize

                                                                                                                                    91KB

                                                                                                                                    MD5

                                                                                                                                    fcc96cae3b271628475e31290298ea6f

                                                                                                                                    SHA1

                                                                                                                                    d248210290717be34a932275c1d05464cad9ead4

                                                                                                                                    SHA256

                                                                                                                                    2b91b24af59041ebb3e0cc33fb734ef7c0dae9ce8ceb3429ff68f83460a41fa5

                                                                                                                                    SHA512

                                                                                                                                    8e91a711dbf62fec91f816291fbd73e492b1fbebd3bb1324753bc5c634089a7fecb02f6d9e10ac717281fa55e5019181140cc04c5b6f7bc4bf562d92f8bc456f

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
                                                                                                                                    Filesize

                                                                                                                                    100KB

                                                                                                                                    MD5

                                                                                                                                    7cf05f969a0c9cedb849a8f6d18fd83a

                                                                                                                                    SHA1

                                                                                                                                    11119cfb27f850c996ec1c20338df07170373f8c

                                                                                                                                    SHA256

                                                                                                                                    ef0df563b6199d409a29a5d44b8b01e1b73d6c41eccf22b0248fc482f3961ecd

                                                                                                                                    SHA512

                                                                                                                                    98387867b76e8e05d38211472096d32e33e41d2e02e69b9e84b38ca856fdf657fa1482354af0262240b962f9de8751d1ce1ee3728201097f721bd074a0d5ce87

                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe583505.TMP
                                                                                                                                    Filesize

                                                                                                                                    88KB

                                                                                                                                    MD5

                                                                                                                                    09b697a56d9f4b4ffc0e739193620ed4

                                                                                                                                    SHA1

                                                                                                                                    1cbc8905f1ceef993c58d6e87475dae2a5bb77d2

                                                                                                                                    SHA256

                                                                                                                                    9f18c6b1ea38b704204a5cbdc06f87307b238db41241c3df33d6710b636b7923

                                                                                                                                    SHA512

                                                                                                                                    2ecad2832d18d4f11cc703881b19d03b010e5a9863520abfd950ad3e2cd85f553e519200759d2796ec894214adc618b466aed6687e7b9f6b8fbd736381b7310b

                                                                                                                                  • C:\Users\Admin\Downloads\NoEscape.exe-Download-main.zip.crdownload
                                                                                                                                    Filesize

                                                                                                                                    13.5MB

                                                                                                                                    MD5

                                                                                                                                    6da84fd648c8811cc112f4fffe20a24d

                                                                                                                                    SHA1

                                                                                                                                    ba4f8d7fb51ee0a31b068cca51d5e5388c4b081b

                                                                                                                                    SHA256

                                                                                                                                    7b55dfab141eb69abbe47267e396fe8ee6bc4054fc8d4a5d91049b950c7d84aa

                                                                                                                                    SHA512

                                                                                                                                    0ba4c4379b77b465aa13af7ec295a9e7cc1421cff76e735890f46228af2f500202f879468322ad59b6d6ab06710828536ffcddee23093adf82498a365fee6bdb

                                                                                                                                  • C:\Users\Public\Desktop\ᅸᒥᢉ≛൘⒫ၒẩᚦ⏡ᳩᒘዋᰰ⧳ᬓᨅ℧᭲፜⍫⌁ጧ൦ዏၵḈ៸♷
                                                                                                                                    Filesize

                                                                                                                                    666B

                                                                                                                                    MD5

                                                                                                                                    e49f0a8effa6380b4518a8064f6d240b

                                                                                                                                    SHA1

                                                                                                                                    ba62ffe370e186b7f980922067ac68613521bd51

                                                                                                                                    SHA256

                                                                                                                                    8dbd06e9585c5a16181256c9951dbc65621df66ceb22c8e3d2304477178bee13

                                                                                                                                    SHA512

                                                                                                                                    de6281a43a97702dd749a1b24f4c65bed49a2e2963cabeeb2a309031ab601f5ec488f48059c03ec3001363d085e8d2f0f046501edf19fafe7508d27e596117d4

                                                                                                                                  • \??\pipe\crashpad_4756_JFRBHDBAZRZILIPN
                                                                                                                                    MD5

                                                                                                                                    d41d8cd98f00b204e9800998ecf8427e

                                                                                                                                    SHA1

                                                                                                                                    da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                                    SHA256

                                                                                                                                    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                                    SHA512

                                                                                                                                    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                                                                                  • memory/1140-1-0x00007FF72FBF0000-0x00007FF7306BE000-memory.dmp
                                                                                                                                    Filesize

                                                                                                                                    10.8MB

                                                                                                                                  • memory/1140-0-0x00007FF72FBF0000-0x00007FF7306BE000-memory.dmp
                                                                                                                                    Filesize

                                                                                                                                    10.8MB

                                                                                                                                  • memory/7032-1241-0x0000000000400000-0x00000000005CC000-memory.dmp
                                                                                                                                    Filesize

                                                                                                                                    1.8MB

                                                                                                                                  • memory/7032-1446-0x0000000000400000-0x00000000005CC000-memory.dmp
                                                                                                                                    Filesize

                                                                                                                                    1.8MB