Overview
overview
10Static
static
10Debug/Mona...ain.js
windows7-x64
3Debug/Mona...ain.js
windows10-2004-x64
3Debug/Mona...bat.js
windows7-x64
3Debug/Mona...bat.js
windows10-2004-x64
3Debug/Mona...fee.js
windows7-x64
3Debug/Mona...fee.js
windows10-2004-x64
3Debug/Mona...cpp.js
windows7-x64
3Debug/Mona...cpp.js
windows10-2004-x64
3Debug/Mona...arp.js
windows7-x64
3Debug/Mona...arp.js
windows10-2004-x64
3Debug/Mona...csp.js
windows7-x64
3Debug/Mona...csp.js
windows10-2004-x64
3Debug/Mona...css.js
windows7-x64
3Debug/Mona...css.js
windows10-2004-x64
3Debug/Mona...ile.js
windows7-x64
3Debug/Mona...ile.js
windows10-2004-x64
3Debug/Mona...arp.js
windows7-x64
3Debug/Mona...arp.js
windows10-2004-x64
3Debug/Mona.../go.js
windows7-x64
3Debug/Mona.../go.js
windows10-2004-x64
3Debug/Mona...ars.js
windows7-x64
3Debug/Mona...ars.js
windows10-2004-x64
3Debug/Mona...tml.js
windows7-x64
3Debug/Mona...tml.js
windows10-2004-x64
3Debug/Mona...ini.js
windows7-x64
3Debug/Mona...ini.js
windows10-2004-x64
3Debug/Mona...ava.js
windows7-x64
3Debug/Mona...ava.js
windows10-2004-x64
3Debug/Mona...ess.js
windows7-x64
3Debug/Mona...ess.js
windows10-2004-x64
3Debug/Mona...lua.js
windows7-x64
3Debug/Mona...lua.js
windows10-2004-x64
3Analysis
-
max time kernel
61s -
max time network
62s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
17-06-2024 23:04
Behavioral task
behavioral1
Sample
Debug/Monaco/vs/base/worker/workerMain.js
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Debug/Monaco/vs/base/worker/workerMain.js
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
Debug/Monaco/vs/basic-languages/bat/bat.js
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
Debug/Monaco/vs/basic-languages/bat/bat.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
Debug/Monaco/vs/basic-languages/coffee/coffee.js
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Debug/Monaco/vs/basic-languages/coffee/coffee.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
Debug/Monaco/vs/basic-languages/cpp/cpp.js
Resource
win7-20240611-en
Behavioral task
behavioral8
Sample
Debug/Monaco/vs/basic-languages/cpp/cpp.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
Debug/Monaco/vs/basic-languages/csharp/csharp.js
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
Debug/Monaco/vs/basic-languages/csharp/csharp.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
Debug/Monaco/vs/basic-languages/csp/csp.js
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
Debug/Monaco/vs/basic-languages/csp/csp.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
Debug/Monaco/vs/basic-languages/css/css.js
Resource
win7-20240419-en
Behavioral task
behavioral14
Sample
Debug/Monaco/vs/basic-languages/css/css.js
Resource
win10v2004-20240611-en
Behavioral task
behavioral15
Sample
Debug/Monaco/vs/basic-languages/dockerfile/dockerfile.js
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
Debug/Monaco/vs/basic-languages/dockerfile/dockerfile.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
Debug/Monaco/vs/basic-languages/fsharp/fsharp.js
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
Debug/Monaco/vs/basic-languages/fsharp/fsharp.js
Resource
win10v2004-20240611-en
Behavioral task
behavioral19
Sample
Debug/Monaco/vs/basic-languages/go/go.js
Resource
win7-20240611-en
Behavioral task
behavioral20
Sample
Debug/Monaco/vs/basic-languages/go/go.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
Debug/Monaco/vs/basic-languages/handlebars/handlebars.js
Resource
win7-20240611-en
Behavioral task
behavioral22
Sample
Debug/Monaco/vs/basic-languages/handlebars/handlebars.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
Debug/Monaco/vs/basic-languages/html/html.js
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
Debug/Monaco/vs/basic-languages/html/html.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
Debug/Monaco/vs/basic-languages/ini/ini.js
Resource
win7-20240508-en
Behavioral task
behavioral26
Sample
Debug/Monaco/vs/basic-languages/ini/ini.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
Debug/Monaco/vs/basic-languages/java/java.js
Resource
win7-20231129-en
Behavioral task
behavioral28
Sample
Debug/Monaco/vs/basic-languages/java/java.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
Debug/Monaco/vs/basic-languages/less/less.js
Resource
win7-20240611-en
Behavioral task
behavioral30
Sample
Debug/Monaco/vs/basic-languages/less/less.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
Debug/Monaco/vs/basic-languages/lua/lua.js
Resource
win7-20240611-en
Behavioral task
behavioral32
Sample
Debug/Monaco/vs/basic-languages/lua/lua.js
Resource
win10v2004-20240611-en
General
-
Target
Debug/Monaco/vs/basic-languages/cpp/cpp.js
-
Size
5KB
-
MD5
0a16509e6cd0155fb622e785cfe976c7
-
SHA1
7afa7f823191c43d7a4bdd7d91577495de62c21a
-
SHA256
a7c2bea7ca3d9e203a3a286735945fe010c8f4f8d46620386ee8befc6a78b32b
-
SHA512
2cbc48cb10c467561c6a84f59405e9c2f864640b3a21e6fe5cd14ad1a7ca5667b766b3c0511df26f28205dd17338a878bd1164a4f5875235a73214f3e4aeb49d
-
SSDEEP
96:hFDMgRs/rbV1+gqVV1+/LVb9ZRC2seM6jjz13MwVcEghhb6Yw76wGcmvRBNIs:hZGrTOcVv5M61h8hSeiYL
Malware Config
Signatures
-
Command and Scripting Interpreter: JavaScript 1 TTPs
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes:
chrome.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
Processes:
chrome.exedescription ioc process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133631391382963522" chrome.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
chrome.exepid process 2792 chrome.exe 2792 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
Processes:
chrome.exepid process 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
Processes:
chrome.exedescription pid process Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe Token: SeShutdownPrivilege 2792 chrome.exe Token: SeCreatePagefilePrivilege 2792 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
Processes:
chrome.exepid process 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
Processes:
chrome.exepid process 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe 2792 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
chrome.exedescription pid process target process PID 2792 wrote to memory of 2204 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 2204 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4252 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 2600 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 2600 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe PID 2792 wrote to memory of 4412 2792 chrome.exe chrome.exe
Processes
-
C:\Windows\system32\wscript.exewscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\cpp\cpp.js1⤵PID:2308
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2792 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff84195ab58,0x7ff84195ab68,0x7ff84195ab782⤵PID:2204
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:22⤵PID:4252
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:82⤵PID:2600
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1800 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:82⤵PID:4412
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3044 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:12⤵PID:4632
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3052 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:12⤵PID:2812
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4248 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:12⤵PID:1320
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4680 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:82⤵PID:2408
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:82⤵PID:4640
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5084 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:82⤵PID:1152
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:82⤵PID:3280
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4820 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:82⤵PID:4840
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4896 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:12⤵PID:2820
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5040 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:12⤵PID:4492
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2384 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:12⤵PID:2368
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4776 --field-trial-handle=1892,i,9882061758670542804,2292279864988054530,131072 /prefetch:12⤵PID:1512
-
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"1⤵PID:4580
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
7KB
MD569c440ae3753093a5661eae4b763f39d
SHA139021f5da03164ba3c70ef2d49fe34fa99e62ee3
SHA2565e7daff3828169f39cc7c58a1ae4489e1d45620763783dff85c8c31f1d164532
SHA5126d62a65b8b580d6b7a3e64d35ba420cf075fe34f22e9ef0a5c2dd8c581b98cf7a31e66916695d470f64ff44b63c263c2613ae6dd21d9a861fb078582a51bf0fc
-
Filesize
257KB
MD5afb3308d73758ee6dc7988e694318c0e
SHA13b7a275e47de3e445922a35699115e4904129891
SHA256f8cce6565e684e0e406a8e634de548b606d7c992f08168f046cb31ada2225695
SHA512b97d60ef96ce8c0f4577bbad13e3bfae24eca1cd7f96921c073828be0d1aafa458a6f5b4ba86c4b46f0e4854000ec6480755f6367c3f1716b46b94a5b46bd53c
-
Filesize
257KB
MD5f2d0ed0ef35d6e75954cbfb43cd7516b
SHA12d2d8e67fa1578b879f31875d922079a17189d2c
SHA256c780959ca5f66e75fd5d1b64d15c7136dd1ef3db55e89f6c0effe4dcf12aaeed
SHA51281acbe8e390755a432214b650c01aecc06bdea983c05e37d085c69ac3e7aa20d80a6f2a39fd170f191ee801e54e6655c3cd2696e59dbae48fd59b0ebd35f2886
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e