Malware Analysis Report

2024-11-13 14:21

Sample ID 240617-2vtcfaxfpd
Target Debug.zip
SHA256 40058264c50c118eae3308775868c6f0b075091a6105fb322076856f77a6780f
Tags
execution agenttesla
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral21

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral27

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral25

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral29

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral22

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral19

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral24

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral20

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral26

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral32

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral30

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral23

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral28

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral31

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

40058264c50c118eae3308775868c6f0b075091a6105fb322076856f77a6780f

Threat Level: Known bad

The file Debug.zip was found to be: Known bad.

Malicious Activity Summary

execution agenttesla

AgentTesla payload

Agenttesla family

Unsigned PE

Command and Scripting Interpreter: JavaScript

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-17 22:54

Signatures

AgentTesla payload

Description Indicator Process Target
N/A N/A N/A N/A

Agenttesla family

agenttesla

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral21

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20240508-en

Max time kernel

118s

Max time network

118s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\handlebars\handlebars.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\handlebars\handlebars.js

Network

N/A

Files

N/A

Analysis: behavioral27

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20240611-en

Max time kernel

118s

Max time network

120s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\java\java.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\java\java.js

Network

N/A

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240611-en

Max time kernel

125s

Max time network

128s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\bat\bat.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\bat\bat.js

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4084,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=1292 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
BE 23.41.178.72:443 www.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 72.178.41.23.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240508-en

Max time kernel

125s

Max time network

127s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\cpp\cpp.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\cpp\cpp.js

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=1040,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=4316 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
NL 52.142.223.178:80 tcp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 4.73.50.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral25

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20240508-en

Max time kernel

119s

Max time network

120s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\ini\ini.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\ini\ini.js

Network

N/A

Files

N/A

Analysis: behavioral29

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20240220-en

Max time kernel

117s

Max time network

118s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\less\less.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\less\less.js

Network

N/A

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:56

Platform

win10v2004-20240508-en

Max time kernel

51s

Max time network

51s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\css\css.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\css\css.js

Network

Files

N/A

Analysis: behavioral22

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:58

Platform

win10v2004-20240226-en

Max time kernel

142s

Max time network

151s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\handlebars\handlebars.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\handlebars\handlebars.js

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3144 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 12.173.189.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral17

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20240220-en

Max time kernel

118s

Max time network

118s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\fsharp\fsharp.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\fsharp\fsharp.js

Network

N/A

Files

N/A

Analysis: behavioral19

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:58

Platform

win7-20240611-en

Max time kernel

118s

Max time network

123s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\go\go.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\go\go.js

Network

N/A

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:58

Platform

win10v2004-20240226-en

Max time kernel

137s

Max time network

146s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\coffee\coffee.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\coffee\coffee.js

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3644 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 23.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
GB 96.16.110.114:80 tcp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 13.107.253.64:443 tcp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 159.185.200.23.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 170.117.168.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:56

Platform

win10v2004-20240508-en

Max time kernel

44s

Max time network

45s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\csharp\csharp.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\csharp\csharp.js

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20240419-en

Max time kernel

91s

Max time network

149s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\dockerfile\dockerfile.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2532 wrote to memory of 2544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2288 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2868 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2868 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 2868 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2532 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\dockerfile\dockerfile.js

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6839758,0x7fef6839768,0x7fef6839778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1164 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2284 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2292 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1176 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1312 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3276 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3620 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3068 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3888 --field-trial-handle=1372,i,8953287358450938374,18282437108864499298,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6839758,0x7fef6839768,0x7fef6839778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1108 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1560 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2268 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2292 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1464 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2944 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1452 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3584 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3772 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3640 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3772 --field-trial-handle=1364,i,13231202251298180594,8714580223585866078,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 rizve.us.to udp
US 34.132.146.171:443 rizve.us.to tcp
US 34.132.146.171:443 rizve.us.to tcp
US 34.132.146.171:443 rizve.us.to tcp
US 34.132.146.171:443 rizve.us.to udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 play.google.com udp

Files

\??\pipe\crashpad_2532_LVUEQSQBRBTBHNQY

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7fb57b8813412a735785ccb351f83e73
SHA1 499cd006ca536e792e5301e1574760ecb059b7d0
SHA256 3365a0b71c352895d456026ba751de45b3e20bf785375702be44848aa1f8346f
SHA512 a8b9d37a3c20966051c7a196d98610104256b5e4f29c0ec59f1969b838e678f293f8b73aa4bcc197727793e7272910653f6fb37f52994bc1d4d8d0b1add4558c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar2285.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 38859aa2c4500117d07ca4b5f0df1c56
SHA1 c64494495f81906bb2715e5717c1c3a6efd1a8fa
SHA256 eac168326ef4fb3f2973295f327c55f46ecb60ae97fcd04db72129c16da0a281
SHA512 58449d071e4cf86fc22d1aedc4c6df889073234ebffb2c262d7fc2462eb1465f1fdee2d4ca4f31f8a02b347dd342667971422eb54e5fa119b1062767f43d804a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6f929d658695e50a63bff5e6bfaffa93
SHA1 fc5ccde42359941304d7e9489061967ee0ce5021
SHA256 a874fce628bae3ed24410e78a054cb545e07e6ed4dac86e4c8d5970ff55c2951
SHA512 c3035b78caf6f58b5d959bde2797af303142cd5716667de96e23fb24022031a5bd4be362806ae7e1b050b69c1804d2855fb07f7018aac392111e57dd28d52480

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\a7836c05-71b3-4a98-b246-aae6f10d802c.tmp

MD5 b652a33f2400aaede694d9c578797c2c
SHA1 d9dcd1a6b1fc7a9095a2bc27703f0ceab7dadbcd
SHA256 4af0193764afe2e5c0ef67f796aa404ad9bb1a494322531d19db9384c19318b0
SHA512 d0e6a12e03cc5619f5a474357ba8a057756669a5e5ae335ec913e94993fda4aca9e14f6fccbe3052ea9e1ac42a3c807eb295f624f4029f4513808ec52315f9a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 9459aa09d99c77cd8234ab590a23f290
SHA1 a22d8eb9e980a15c7fca074d80ecafcbc9d5098f
SHA256 1ec747b8e12f84b4ce533c07f63fd573d066e366e44e3b81e2bc4a5a4c53e77f
SHA512 0415800bcf68d4c096a65aaed32477dd136f3e6a920fc2f96e6d2f849976d5ab0fe03619ac51e25201742ac75e4f72271d26de8ddd80d3e7904ffaf221a2b4cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 9eae63c7a967fc314dd311d9f46a45b7
SHA1 caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf
SHA256 4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d
SHA512 bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb

MD5 97607315bdfcea87cbdb60d674c09f12
SHA1 adbf1f5d1255a6849031f1f13be3f2725b34ae31
SHA256 fe44138f5c7540ef39fac4e001c01e31dceb4bd85db2679a07d6f45853e9feb0
SHA512 c9e5c269df4bfdfa5224ed2c4e38c773b3d64f053982f9a822370a78765a37e8e422496e5fd4623f11dd40124e7d7e98d18e4bafb9293a88cef235a6f3845731

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp

MD5 979c29c2917bed63ccf520ece1d18cda
SHA1 65cd81cdce0be04c74222b54d0881d3fdfe4736c
SHA256 b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53
SHA512 e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007

MD5 1be22f40a06c4e7348f4e7eaf40634a9
SHA1 8205ec74cd32ef63b1cc274181a74b95eedf86df
SHA256 45a28788cde0d2a0232d19c391eae45777fe640790ac0674d6daa5672c444691
SHA512 b8f6f42d375e3ad8015d744fa2814994fa6e588b41cce0131fca48194dd40146b08169a8ce0da350525ff32a59a16edb503c72e0f07254955c82a0d38074856e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000009.log

MD5 80c7ba7465e35fff81e122f6bcd690ed
SHA1 1265ecba27c11eb3af45c8f56ddd703678452ec1
SHA256 a4b2f4788c744d93f94cd7609f5f28e19c744d9bdea839c1b5a4d0113ac181ec
SHA512 37f107781ebf26d3d8f25f854917df498c59abefbcf9a97ebdff7be0a45399b87f0d9c5694d69504f9537918f6073eb59fc4307fb8c707daa42b7063cba534e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007

MD5 b6d5d86412551e2d21c97af6f00d20c3
SHA1 543302ae0c758954e222399987bb5e364be89029
SHA256 e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191
SHA512 5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

MD5 172ba6f07bc8ca6957ddbaa1d02f4a22
SHA1 6efb9f0fb8f737d934dde32d7b5b291325d2a70c
SHA256 4c1257108237dcd0eb6b3d8fa54624e25a55a6b3f97cda56f893c8321b8bb8d7
SHA512 763bb17fc4f5725618718606aac99b9572f4581257fb826eceed84599faf0b1a8ddea4e4468ce1405aeb4433f6f595a322f4b69fde34f5d530b165fe9e4d01a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

MD5 fef66d96c926e8b9d01e5aecf4291546
SHA1 26f3660fde418d0b6d29da9f948998e50befa4b4
SHA256 1323c0a65f8db9717a58f0d7905c761e3af0cfb5773cf768fe94369c0e45e291
SHA512 28c1ee1bada147d7016376cdb455dc1c1af9d6f4c97d62958f011a622e37c9b453a67d1762c9e7016f35970ed9ab725e5802aacd53efbe4065368d3982a73f49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000008.ldb

MD5 62a4b142b1bb26aaa144050ac2872f32
SHA1 58510b1359b43de50f22d2bb7477977a32a8fa10
SHA256 e4cc3ad280a73b1fadaf349bfb105d975c3f005e799eab8bb48f2a48e24ce9be
SHA512 ab8ea567afcf4756b9783c7a9f820ba5cde3b1a21451bb1a33913db00f331220e93f3c09204214ee0d1c9d594f29038a65807702d96eb50385bf08d82d22d361

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000008.ldb

MD5 f00a64efafc72e2256a5b72029e7b57d
SHA1 efd0c00991f54bba6e93968e24f70dc3c70f63fa
SHA256 f84f9f546024ec1a96200eda7adf4f478899e814ff8b1d8dcb1a65b7421e1813
SHA512 2df1c42f6e27632e923f940dfb298a6c66986ffcf3d3491da6233aa56e5beb16a2fde9621ae21520c5abb4230fbebc54af3ad65e66186ef2301e356253fbc814

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000009.log

MD5 df4f8732aa0e2da4031bd6cc1a90c22d
SHA1 e21688901a2223eac908e5ea8b865afcbf439de5
SHA256 cd7ef4442973260fce61b97d61e72d2587f2e9683072acd649641ee7563e4889
SHA512 c780c7148af32929540981b7afd6a39c670eb1f07d7300fc10af9300b053352cabef1c90e6241ec2e5b7ebe8d48d90ad550c251dd0888b4ea9ebaef9d38a95fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\MANIFEST-000007

MD5 1c0c23649f958fa25b0407c289db12da
SHA1 5f6b10cd5a39fe8c30353bcf4cd4e4a60ef35574
SHA256 d5134b804a775cfb79c6166d15b5721d38ffc2da11948a6c1263595d6c2941cf
SHA512 b691e882018833a108bd286bc76c55a140d00d5a266617a3a381af1ceff01aefaef17acef29d14dec931d7051455726cde8974cd04cc07302f1c3cc452fe2f52

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 1fec2dd78889d95048f6d6957d65be2d
SHA1 4d06a384415e5ef3ebc74e5e09ded9e907d33a87
SHA256 6afeadba1833eb458d38f35ce0a02b49931c82afb635c3306e98807272257cc1
SHA512 560a787a44545c1d77ac18a5b94a940508771ea78448599054fab1493a64284b7f50d42d9938e2bc6e007b1703c436ffca9e1c6138eb88520ee5f4b8c0e951c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000010.dbtmp

MD5 60e3f691077715586b918375dd23c6b0
SHA1 476d3eab15649c40c6aebfb6ac2366db50283d1b
SHA256 e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee
SHA512 d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

MD5 fe62c64b5b3d092170445d5f5230524e
SHA1 0e27b930da78fce26933c18129430816827b66d3
SHA256 1e1a9ca70503efd8c607f9bc7131f08aba0476d75f2586dadb4da5485a5315d4
SHA512 924daccfbfb0c0464b4c5fd769e01a8f2e96fe28b635aa27ab4cd91766b05b03bbf941af14c017436107673f01bad815ce1fac2a649e745c76b3c736994b4fd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

MD5 d003cb23d1f67900fa8ab86a5df8f30e
SHA1 accbc3c849e639fa7b42dc0940342d9770d9daa4
SHA256 6be80b87dbecca2b6ab508202ed8faacd06ee1d8b86257bc0a24ade96d5e0bbf
SHA512 be458db38121de4cead48d0d3fdbba1e540cbc95084b8406663ae319aeb57e0202713c59638db667b24dccc9ea192b9277f3e3ce085333efc97a5b6e81dc9bc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 980b79cafe1eb4534423838d10474c86
SHA1 a60221534504ef7713765bf084a6500a54598340
SHA256 a72bd77ead12efe5c60d6fa86b4455186ca3aaad99552647d6c284008ab367cb
SHA512 43fdfb7e2ddb9cdc9451c1f25acb5f459bb06179ab7c6b0ca4b72a98b16b8f9d571fb55c3115e314d8d7ad604083ee2948fdf50ccdd46dad38afbb347a136e17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

MD5 78c55e45e9d1dc2e44283cf45c66728a
SHA1 88e234d9f7a513c4806845ce5c07e0016cf13352
SHA256 7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec
SHA512 f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 cf618a86742e001438a6917c37bc376c
SHA1 a0a17ea2979cb20c730a95f4be5eab2d1c71f27b
SHA256 ceb08514bfc5f4fc4086a466ae3a53a59d6d8e307fc1006465be40c8e0d15050
SHA512 0b5bc4d5c58368fcf83854e146ca5e432f415e19d0597d5e613a1da362d18e83a1bd6e9faded16c31331e8be51ec6c2674ccaf39c0f32ac07bada7d3d1f81def

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000009.log

MD5 dcce1bc555ab72de19ddbac274f89f8c
SHA1 f836bac9042a56e53ced5f68a839b9b1505bca95
SHA256 f0a1edd8b752f58939380694dacef9932a203b2a2260d485399443f7fce8887a
SHA512 c5af91fbf5d23d39d5d5108cd3e92a77c829dd80b2b7ff243530bd0fa903490adacbaebfa60faf61f8c5eb3103fd80c051a38550fcfc9831b6302f1b04e5c40d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

MD5 03d881fc5a4ab4013bd1b30988abb179
SHA1 9ad861569715575d7b676e5683b14dd3cffec304
SHA256 5da7b30f55f920166ad821f532fb95bd11546bf63a228fc41357aa122fcaf5e8
SHA512 29ab8ac2c642a83086266f88ffde8d71c96cd0d98812fac526e0a0adc58d8bc7f99760ad19a71cc38c3ef5edb9ab9d642ef6b665bf4ce336260b0171411e26f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 3746d8a0edc055e17c6c0a912a54f429
SHA1 1717a4caea827d7564c60ecbf0349865eaa7b008
SHA256 65e58a26de2b0472e1cd5077dd3c615ac54ea8d032e78247e6f66bd2cfc29363
SHA512 ce4cfd2d922621ac8d20489d984b38ecb457994ccbfe32c694ee0c6b4233c0b8cf5e1f246ae454625273facd62b88a47abc09d8b6d9410f04789d2172de73c89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13363138600221400

MD5 b5fb9840e8b29ebd745f338ab4eb590e
SHA1 92fdc622649b3a25a2280181374ea24fe242d338
SHA256 b012d86d1e989b0626ae27566a76b5ccaf5b8d3328bca2246d7717e4d1eb7afb
SHA512 360defd8d00b1c3832875aa00782425d7bce685519355fa27c17e17538c528f1c64919f0bd8234fc8e65d810a53bff820f3d9d554b99d566592f4e7bdc57820d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

MD5 22b937965712bdbc90f3c4e5cd2a8950
SHA1 25a5df32156e12134996410c5f7d9e59b1d6c155
SHA256 cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb
SHA512 931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 498ef70a4bc53e5824cd4a3eb0de64a4
SHA1 27be4b95c71a0cb3a9bfc8ed72af150182acbb1f
SHA256 7392ad51e4940a318977fe9a6bfa621c9bc5e2d432138382f60a6bfeee27e716
SHA512 074eea7ae445ae3d487d4bb97e4f651ffaac289951d349a7e6f5eb6cd8c15480fa261a91a0f5d5487815e5dee1a1be8c260dcf36a9144c1e75277358fbc2065e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 ce946d3f915b82fc2843362432caa5ce
SHA1 07855ea25e74fdfa567e433635d1a5c1e5835f44
SHA256 3bf263b47e63b6ecf484bdfe73692a3c3677e582fc953709388fafa76ea5b2ba
SHA512 d5cc445fff35cb1ff8fa2ebfdb0d8e7b7441bc61934ee5c5711719b5a26ccf38d12889254ce06a5ba102279725f1a8d04ab320aa67b69ddf5508433a34e7dbed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 a5536a86b6cd7b24fbcf37335ab6e308
SHA1 7b2c0dd211ba7c1c76685cc19a7dc3ef30d3b3ee
SHA256 4c2a2463d528d7b28cba913c813573f45c1ce52506e2dc18c75fd1b92e2fd297
SHA512 5c3ac7ec442a544e0244808c2e377157e64745b9bd0a816b0d8ab042e84f31671c2c2c3a669b6c023d7ac2f04643dda7dc1067279fede449ab94231c5125193d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cf646a94c4b42c8231b56a871ef12e28
SHA1 9f77091e4eb62f207c50e061a3343146e351be14
SHA256 a9cb433ca643608f60c106c6ccd474f1fe44347f3d3f18cf47f3f44e0a54b8cc
SHA512 3a4f4eb9e69509fabeaee73a53746dfb0ae1a0cf1af4fd6da85618dd3129ebe0a27d9eb2f0eef1a41cd02774f196705609fbbdcb876694f69f3ec30761cdbcdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 e0c56b8c34e2f1f0ec3c6c9139cf16fb
SHA1 2adc9e588874ebaab6eccae681e8099de1b45fa3
SHA256 0b5ac7a5f328a8ea7cb642485bb4b289df7098cd589b2554894dd78b20028877
SHA512 1cdaabd4572a933200f74e56291ee0ea25cc06cf6843cf9e490549ac71fc14d8f6faa6354dfeb5f94c874f99436186a8c64c7f5efd14011a08ecf6873bd4ba07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 44381c78c40913462092797f30884eb3
SHA1 4b94d62b7ec5ad321e04080d3e125c176b80c6d9
SHA256 ef275cb55c63bcaeb31dda582de0a2c0d9f98bd96271f64cff4b90ca13e549c7
SHA512 7d7030969aee666534ef604841bdd9c61e5ca38bb8ab048068e54b953f8dff056b753d2f18d28aeafab5b42f4b6d3b2e6f954e61de94ead4720488673e66ac36

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5591dd2d5cf4ba40b71c94645ee56876
SHA1 650bb74cc1edd71500205aed30e7831655b9b394
SHA256 3a3e7cacfb0c4887fe48782b8b0bd053e25f3564a3077c1eea0f42cc36b76ab9
SHA512 7642a97589020ec9fd0af764e16c8a6bd94dcce0e88e41fe0619ef07de8b0c5cb35cb329d3d9aeec5c25f0536ff7251fafff44847e53ea90da54d24678442ff0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 08faab97496615b472a541f9ece019a2
SHA1 94f49735f17f7ebf2a3a8bcec1eeccac96b9680d
SHA256 af227e09f7bea75270366a05cd36a31f08cc06f93ffe25d278b25945b0e5ad12
SHA512 44e5c47491b52428c3ddb807a6ea48712c28180a19e79cb4faae9ac447c3bb512dce16ff8f2eaf9386a0638ccb772fd309f0c7a635faf8f3f18b1482742aeacd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 bc677029741f2c67ea6c00d5b503bfca
SHA1 1bf9ae135c9cbc6a28954ee4364b17b10c4c2038
SHA256 38e726a2e85b1a6720c5aab6da262d796faa2eeb346776bf1b6a27b20cdd1aeb
SHA512 1306916e910714a083a3796b2ea58b17f2afaf224f4d4674f3241332a1f5b720c23b723fc1355a14fe8b975c46088877f345e31bd406465da8336dbdcd34fe59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 54cb2de60d38fd3d7c68ac989b66792b
SHA1 dc258d9dbeb10aa592d0f9815e1ad48c0ea28328
SHA256 bcf0b72d8ef101080f7a09ea36d617db7504ca75c9c438c08b7d38481b348c94
SHA512 1955c01bd245a8a886a9b03150fe4c65defc43619a736d5cf8b9a6bad047d82f6ad59e3c913761a4021d9f5db4492f980607025cf61d9c5e220a5250ea47a7e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 7d3db9189bec73b71857d528daa3279c
SHA1 072bb34fe9da96f3a0d7ed8c48ebe0728eabab26
SHA256 1ba15140b832ac2fdbd54112b9f4bd5510c4748079ab70885824369df9b00091
SHA512 e86dcc1ce44373844c6caed494c1ba053c5815225e152ce81195c8cdf447460ecf641c0576007ff4424da0d7a7a3d8fc12d9368fd111c69e824e01be29465109

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000008.dbtmp

MD5 589c49f8a8e18ec6998a7a30b4958ebc
SHA1 cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e
SHA256 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8
SHA512 e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b7e277e0c0f169899bef83562f28d75d
SHA1 66f820dde60dfa20f355f74323c2ed3b9796e210
SHA256 e2c51a367faaebe61fad941edb6a609a0488e0a93ad93ccd4f40395b34f23271
SHA512 fd5cec3ff90eaa67da7028dcd6350446e43a85213cdfb757c625f37bc04102cf18fc25124fb37bb7caef34313cbca72075c33a60f1603427bf688dc49e5da73b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State~RFf781cc4.TMP

MD5 0cca9ac203a20dd0b6a9124be6b4eb2f
SHA1 c7ff85cfcdff7d7efbec69cdb3a276cdb4db22f5
SHA256 f353d4317451bb9698fb75ad8a0c3b98b64c4bf25f39e3f7e2e9a6d4d8ca1e3b
SHA512 b8a04b27994b30b1296d6e5d4191fd230dafd6e8e785e200d13ca3f0f816f99efb573efd0c85e9d9e654f3c07b109c5d1a2aebf271bd3300d38dc6fdab5939fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 10ca5d9a7d0416dd3c73d89f7ac7da16
SHA1 4614830296b9feae92e63dac6d3cca8c7fea559e
SHA256 7c5e8a1682d40754b3353d104201b3227f4f4f9abe766d004c0b195695262b69
SHA512 c410fdfefcadb75bf2fd5a7ad4dd43cbb459339400f48bc70ac7510de3cfce3132df961d8ba31af2cd336fa787cf207f3cedac3111252bd3e7ef0ea90cb1ab91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 163ac238f737beac927c89da1663aad1
SHA1 420eec1253fa906e88c8140053bdcacd4aa49070
SHA256 360374a719ec062db5de3c5d782a7be0c0030052e4bc478caf145e573e072738
SHA512 33f995aae16b6a4b01def9d61e62a1320fc617bcb56bea294a344f156ce8ef162ab9c4d218d5ce71e427db8965f4f51a4bff7029a8a349d2dd0bac24ceefa349

Analysis: behavioral16

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240611-en

Max time kernel

91s

Max time network

93s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\dockerfile\dockerfile.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\dockerfile\dockerfile.js

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
BE 23.41.178.72:443 www.bing.com tcp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 72.178.41.23.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp

Files

N/A

Analysis: behavioral18

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240611-en

Max time kernel

114s

Max time network

148s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\fsharp\fsharp.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\fsharp\fsharp.js

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4056,i,8447163055677043976,7218082390179600880,262144 --variations-seed-version --mojo-platform-channel-handle=4584 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 13.107.42.16:443 tcp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:56

Platform

win7-20240508-en

Max time kernel

15s

Max time network

16s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\base\worker\workerMain.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\base\worker\workerMain.js

Network

N/A

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:56

Platform

win10v2004-20240611-en

Max time kernel

33s

Max time network

32s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\csp\csp.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\csp\csp.js

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
BE 23.41.178.72:443 www.bing.com tcp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 72.178.41.23.in-addr.arpa udp
US 8.8.8.8:53 205.47.74.20.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp

Files

N/A

Analysis: behavioral24

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240508-en

Max time kernel

93s

Max time network

94s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\html\html.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\html\html.js

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20240221-en

Max time kernel

121s

Max time network

123s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\bat\bat.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\bat\bat.js

Network

N/A

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20240221-en

Max time kernel

121s

Max time network

122s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\csharp\csharp.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\csharp\csharp.js

Network

N/A

Files

N/A

Analysis: behavioral20

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240508-en

Max time kernel

51s

Max time network

51s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\go\go.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\go\go.js

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral26

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240508-en

Max time kernel

125s

Max time network

127s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\ini\ini.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\ini\ini.js

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=3124,i,15721081447618313297,6839074028983272033,262144 --variations-seed-version --mojo-platform-channel-handle=4328 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240508-en

Max time kernel

51s

Max time network

51s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\base\worker\workerMain.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\base\worker\workerMain.js

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral32

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240611-en

Max time kernel

124s

Max time network

128s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\lua\lua.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\lua\lua.js

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4120,i,3671441404766730751,12082497324212183132,262144 --variations-seed-version --mojo-platform-channel-handle=4316 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 71.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 25.173.189.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:56

Platform

win7-20240508-en

Max time kernel

44s

Max time network

16s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\css\css.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\css\css.js

Network

N/A

Files

N/A

Analysis: behavioral30

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240508-en

Max time kernel

79s

Max time network

99s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\less\less.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\less\less.js

Network

Country Destination Domain Proto
US 52.111.227.14:443 tcp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:56

Platform

win7-20231129-en

Max time kernel

16s

Max time network

16s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\csp\csp.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\csp\csp.js

Network

N/A

Files

N/A

Analysis: behavioral23

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20231129-en

Max time kernel

119s

Max time network

120s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\html\html.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\html\html.js

Network

N/A

Files

N/A

Analysis: behavioral28

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win10v2004-20240508-en

Max time kernel

51s

Max time network

52s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\java\java.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\java\java.js

Network

Files

N/A

Analysis: behavioral31

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20240221-en

Max time kernel

117s

Max time network

118s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\lua\lua.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\lua\lua.js

Network

N/A

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:57

Platform

win7-20240508-en

Max time kernel

121s

Max time network

122s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\coffee\coffee.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\coffee\coffee.js

Network

N/A

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-17 22:54

Reported

2024-06-17 22:58

Platform

win7-20240611-en

Max time kernel

117s

Max time network

121s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\cpp\cpp.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\basic-languages\cpp\cpp.js

Network

N/A

Files

N/A