hxxps://krnl[.]vip/

Analysis

max time kernel
10s
max time network
621s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01-07-2024 21:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://krnl.vip/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133643422430987905"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3204	chrome.exe
3204	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe

Suspicious use of AdjustPrivilegeToken 18 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3204	chrome.exe
Token: SeCreatePagefilePrivilege	3204	chrome.exe
Token: SeShutdownPrivilege	3204	chrome.exe
Token: SeCreatePagefilePrivilege	3204	chrome.exe
Token: SeShutdownPrivilege	3204	chrome.exe
Token: SeCreatePagefilePrivilege	3204	chrome.exe
Token: SeShutdownPrivilege	3204	chrome.exe
Token: SeCreatePagefilePrivilege	3204	chrome.exe
Token: SeShutdownPrivilege	3204	chrome.exe
Token: SeCreatePagefilePrivilege	3204	chrome.exe
Token: SeShutdownPrivilege	3204	chrome.exe
Token: SeCreatePagefilePrivilege	3204	chrome.exe
Token: SeShutdownPrivilege	3204	chrome.exe
Token: SeCreatePagefilePrivilege	3204	chrome.exe
Token: SeShutdownPrivilege	3204	chrome.exe
Token: SeCreatePagefilePrivilege	3204	chrome.exe
Token: SeShutdownPrivilege	3204	chrome.exe
Token: SeCreatePagefilePrivilege	3204	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe
3204	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3204 wrote to memory of 3648	3204	chrome.exe	89
PID 3204 wrote to memory of 3648	3204	chrome.exe	89
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3232	3204	chrome.exe	90
PID 3204 wrote to memory of 3492	3204	chrome.exe	91
PID 3204 wrote to memory of 3492	3204	chrome.exe	91
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92
PID 3204 wrote to memory of 5076	3204	chrome.exe	92

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://krnl.vip/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa3fc9ab58,0x7ffa3fc9ab68,0x7ffa3fc9ab78
  2⤵
  PID:3648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:2
  2⤵
  PID:3232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2248 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2832 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2840 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:1196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4348 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4104 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4820 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:2460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5040 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4460 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4436 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5204 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:5968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5132 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:5976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5012 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:5648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5712 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:6084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5836 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:6092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5992 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:2
  2⤵
  PID:1796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=2728 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:1
  2⤵
  PID:6124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3232 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3560 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:5172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6124 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:2528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3296 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:2060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4680 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:5424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5488 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:5404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1900,i,15920152446753096905,5823373336105651329,131072 /prefetch:8
  2⤵
  PID:2308
- C:\Users\Admin\Downloads\WaveInstaller.exe
  "C:\Users\Admin\Downloads\WaveInstaller.exe"
  2⤵
  PID:1836
- - C:\Users\Admin\AppData\Local\Wave\WaveBootstrapper.exe
    "C:\Users\Admin\AppData\Local\Wave\WaveBootstrapper.exe"
    3⤵
    PID:5124
  - - C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe
      "C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe"
      4⤵
      PID:5096
    - - C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=gpu-process --no-sandbox --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CefSharp" --cefsharpexitsub --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1988,i,4389514340804511402,16192531034873335690,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=2020 --mojo-platform-channel-handle=2008 /prefetch:2 --host-process-id=5096
        5⤵
        
        PID:6020
    - - C:\Users\Admin\AppData\Local\Luau Language Server\node.exe
        
        "C:\Users\Admin\AppData\Local\Luau Language Server\node.exe" server --process-id=5096
        5⤵
        
        PID:1336
    - - C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CefSharp" --cefsharpexitsub --field-trial-handle=2748,i,4389514340804511402,16192531034873335690,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=2764 --mojo-platform-channel-handle=2348 /prefetch:3 --host-process-id=5096
        5⤵
        
        PID:3260
    - - C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
        
        "C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"
        5⤵
        
        PID:3788
    - - C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-sandbox --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CefSharp" --cefsharpexitsub --field-trial-handle=4444,i,4389514340804511402,16192531034873335690,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=4476 --mojo-platform-channel-handle=4464 /prefetch:8 --host-process-id=5096
        5⤵
        
        PID:5576
    - - C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-sandbox --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CefSharp" --cefsharpexitsub --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4548,i,4389514340804511402,16192531034873335690,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=4552 --mojo-platform-channel-handle=4544 /prefetch:8 --host-process-id=5096
        5⤵
        
        PID:4220

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:5008

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4168,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=3924 /prefetch:8
1⤵
PID:2816

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4816,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=4828 /prefetch:8
1⤵
PID:6080

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5096_1056492617\LICENSE

Filesize
473B

MD5
f6719687bed7403612eaed0b191eb4a9

SHA1
dd03919750e45507743bd089a659e8efcefa7af1

SHA256
afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59

SHA512
dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56

Download Submit
C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5096_1056492617\manifest.json

Filesize
984B

MD5
0359d5b66d73a97ce5dc9f89ed84c458

SHA1
ce17e52eaac909dd63d16d93410de675d3e6ec0d

SHA256
beeab2f8d3833839399dde15ce9085c17b304445577d21333e883d6db6d0b755

SHA512
8fd94a098a4ab5c0fcd48c2cef2bb03328dd4d25c899bf5ed1ca561347d74a8aab8a214ba2d3180a86df72c52eb26987a44631d0ecd9edc84976c28d6c9dc16a

Download Submit
C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe

Filesize
249KB

MD5
772c9fecbd0397f6cfb3d866cf3a5d7d

SHA1
6de3355d866d0627a756d0d4e29318e67650dacf

SHA256
2f88ea7e1183d320fb2b7483de2e860da13dc0c0caaf58f41a888528d78c809f

SHA512
82048bd6e50d38a863379a623b8cfda2d1553d8141923acf13f990c7245c833082523633eaa830362a12bfff300da61b3d8b3cccbe038ce2375fdfbd20dbca31

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.Core.dll

Filesize
915KB

MD5
100c32f77e68a2ce962e1a28997567ea

SHA1
a80a1f4019b8d44df6b5833fb0c51b929fa79843

SHA256
c0b9e29b240d8328f2f9a29ca0298ca4d967a926f3174a3442c3730c00d5a926

SHA512
f95530ef439fa5c4e3bc02db249b6a76e9d56849816ead83c9cd9bcd49d3443ccb88651d829165c98a67af40b3ef02b922971114f29c5c735e662ca35c0fb6ed

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe

Filesize
7KB

MD5
516ff62b2e1f4642caa954c0968719e8

SHA1
e349d0ce82e2109dd0d18416d9cf46e8411b7f15

SHA256
19da58849cec5933860116e60a1e94b08e30d90e0f955768270b47998d612045

SHA512
7aa4a0c87b29c2a84f585a884d8208fc2352a43f2cdb549c100e3b121837ad5f8dadb1101f57d1d3fcb7ebec9d9f22e07dc14239b7d2e2d25793c999becf288b

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\CefSharp.dll

Filesize
272KB

MD5
9ca06a8f9e5f7239ca225ab810274023

SHA1
e1a219f567a7b7d3af9386df51b14c76e769c044

SHA256
5fd00ae3e83e6ca156647ff6df87b49ffc7cad47c23fe3ae07c067c5adf6f74a

SHA512
430c9bceed5439b987d5bd4840cfe32411ca61594f18597aca1948aa39a22c9d70beadf3bb9b1dd0373f81a94a25dcba17fa8e8c73abf06cba28d0971d5614c5

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\LocalPrefs.json

Filesize
755B

MD5
1d187fee67a15f51d917942105b13fd3

SHA1
5e39f1bc38ffbfc7b504471e246fbe29bee63d26

SHA256
e5170dd56862f70b3c61ac4961d23b24d68144d0ef5384723ff2f981bfcbade2

SHA512
241f7ade151170ff803dc3e94a8f82c6c7b733d75ca0c773a9dc35ceb77aff00117bfadec525262c72dac7c03e2bced8f9c839f8dcc08309a75a7ffa4fcac72c

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\LocalPrefs.json

Filesize
643B

MD5
4fab993a60b932ab2740f3275cb76c21

SHA1
e1333ee66cc9205a67a1178c03a59f8e008f46ce

SHA256
33ee8408ae187f5d945f751f69783fd915c61c76cc0ffdb167da4ce9b0761b53

SHA512
096d1f15ce10e8cdb4fea3becd428c5c89c5dfdda4a793164fe562e6cb825f6f769ecf768795a556c21057bb482358e80fad0f2c938131583267492c70b4961f

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\LocalPrefs.json~RFe5d9a10.TMP

Filesize
434B

MD5
107cc2de592d035e75a8bcecf8365e4e

SHA1
eb948cdf5509396ce1c675082a03c11738540965

SHA256
d46b53d5ef112b6af2d03a965094b2f7fd0eb72b8a333407758e425cb171b139

SHA512
a173b1bdb457fb082bd373493d8c064b4247c5cddb3253eb38f98f245fcb5b471803a4700145181b28608133d0c87932dbb7ef32bcad16d656d27294d5728180

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\chrome_100_percent.pak

Filesize
667KB

MD5
ae195e80859781a20414cf5faa52db06

SHA1
b18ecb5ec141415e3a210880e2b3d37470636485

SHA256
9957802c0792e621f76bbdb1c630fbad519922743b5d193294804164babda552

SHA512
c6fef84615fe20d1760ca496c98629feb4e533556724e9631d4282622748e7601225cf19dfb8351f4b540ae3f83785c1bcea6fe8c246cf70388e527654097c1c

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\chrome_200_percent.pak

Filesize
1.0MB

MD5
1abf6bad0c39d59e541f04162e744224

SHA1
db93c38253338a0b85e431bd4194d9e7bddb22c6

SHA256
01cb663a75f18bb2d0d800640a114f153a34bd8a5f2aa0ed7daa9b32967dc29e

SHA512
945d519221d626421094316f13b818766826b3bedddab0165c041540dddadc93136e32784c0562d26a420cb29479d04d2aa317b8d605cd242e5152bf05af197e

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\chrome_elf.dll

Filesize
1020KB

MD5
7191d97ce7886a1a93a013e90868db96

SHA1
52dd736cb589dd1def87130893d6b9449a6a36e3

SHA256
32f925f833aa59e3f05322549fc3c326ac6fc604358f4efbf94c59d5c08b8dc6

SHA512
38ebb62c34d466935eabb157197c7c364d4345f22aa3b2641b636196ca1aeaa2152ac75d613ff90817cb94825189612ddd12fb96df29469511a46a7d9620e724

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\icudtl.dat

Filesize
10.2MB

MD5
74bded81ce10a426df54da39cfa132ff

SHA1
eb26bcc7d24be42bd8cfbded53bd62d605989bbf

SHA256
7bf96c193befbf23514401f8f6568076450ade52dd1595b85e4dfcf3de5f6fb9

SHA512
bd7b7b52d31803b2d4b1fd8cb76481931ed8abb98d779b893d3965231177bdd33386461e1a820b384712013904da094e3cd15ee24a679ddc766132677a8be54a

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\libGLESv2.dll

Filesize
6.6MB

MD5
8803db5b167fb5a5f8a8c595c4e4d7c6

SHA1
7fde861151f3bea66c65b6c2487a30728048811a

SHA256
52a58d25a41f4bd31cdb4a0d306217862e04ebf7c1925cc85330054a5523d719

SHA512
2fa9a0eda221982896e41eb387b5e156198615ac1a1fbac0acffd13008919368b41a240df416c1fce2e48c20a14cd7af7cca9fba476ada5e64a0cadde84a44b7

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\libegl.dll

Filesize
359KB

MD5
7dd6b0e4a31d35a0fae5ff425707073c

SHA1
fbd12e9f8e2252c52ce555c2ebbd7f07e62a0140

SHA256
8762d8001fc3ddd90e3129dfea172817e8d09b9936eaae391957de4326c8c906

SHA512
726968df6b83ab5f589276672250d92f532fe2dcea2176e42031a7f1dcecf578b0320cfe2a7d88bb9883ad99387d71c6ebf1e9968272bb5e62850ef09abd2648

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\locales\en-US.pak

Filesize
456KB

MD5
4430b1833d56bc8eb1f7dc82bb7f4bc9

SHA1
dc15e6306625f155683326e859d83f846153c547

SHA256
b44ddcfac9df4934007e6c55a3c7f5e7f14c7e5e29f35c81de917fc3b22aabbc

SHA512
faf93bf371b2a88c1b874a5e2c54e4487fd152ad19c2a406a46f55ae75ecd421a779888c2e4c170857b16bfb5d8744bc1815a4732ed50b064b3cbd0c5ffad889

Download Submit
C:\Users\Admin\AppData\Local\CefSharp\resources.pak

Filesize
8.0MB

MD5
4933d92c99afa246fc59eef010d5c858

SHA1
98d443654e93c73dd317f9f847f71fba3d5b3135

SHA256
62f4674daa15245ee081920b8ee191e72f36ca8fe24f6b986a832f45676915b2

SHA512
a3a69523c8e7310716daeebc06c2ba4fce673eccd1958e824ff179b82f4502d0ec095190179bbb387342e4150f952ea7533182fb6ba90377d17dafba8f4da623

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
52KB

MD5
7d7d7946d74c08302b1f8cc6b640dd28

SHA1
6061bb42ca9b27bac43dfb16d25a38d141d8a90e

SHA256
52730dd32fe693cc00b2d3223e6e5d4d233732e6bf84cc2de40da02bc9e98257

SHA512
cec70dec60e02aff82913db53a4b595d3063a6fcf51bae8da3848e466a28c66683405d2abdb6fe6f5bd0834f067052bf4e59f2cd023b6cac3d6159325d8c079b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
143KB

MD5
52ee1a022acece300f5f7f11295d26c0

SHA1
9ea0b8674706f9918849dc109ef4ce579fcea309

SHA256
bac7665a92920067af23ff886d910b28db3fb0b993867c0147f4678f5407a03d

SHA512
3d93ea3e755bb8857c0b8fb93b282a363311a20c6541e624b39510a58041d140ce9094fae905e456ee7d31e66a4c11407cd195ffa0d9e8891bdccfb9de852b04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
74KB

MD5
d0202a1b81ae66552fa2f0d8e6f218c8

SHA1
09a51b914d24a6393745592c60a0c20eecf4ba41

SHA256
f9a3e359ad5d4dd3c349d42c126f566d8e1f2d152063f9dc734278d9c02c7377

SHA512
af1887e700e1a39738bab9ee75cb8c6febc945aa481f2b89856d32ef8edddef2e63f59349fbeaadc53f370ad2988058f7a660aba181271ebd8623895c3a9d374

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
67KB

MD5
e0227b9f6da754f85019943ab37676e7

SHA1
60ece67cf54a510fff6c6d7a5e5be94570be1d9e

SHA256
5003d1a18c0d5df01c68291fd2e3a177235ac471edf6b8d434b05cfda2480411

SHA512
f3d3263a7b92ad9d557a5fdde9db86961422c3dbd98bb3b510eaeb0b6f3826229fe98d705624950e79636d9e52cc005673e489dcfe472afa5ffa0491a6ab5420

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
89KB

MD5
b0395c5f815275914932696a4d07f809

SHA1
ea9ac8d9672fbf18441dd73937c6e2704c9c6ebc

SHA256
553a9cf763e1cb34c6fcde3819b3549d576adbe404592de82e6b77f2a553c7f2

SHA512
c02f3486fc11f763349a0d7db70b0d9a018da863c5804d2f4f36f5cf61a86e35acdfad3ade627c383ae0b564127476a6e053c5a5f7fd0385ee46a11c689e7a91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
62KB

MD5
1721006aa7e52dafddd68998f1ca9ac0

SHA1
884e3081a1227cd1ed4ec63fb0a98bec572165ba

SHA256
c16e012546b3d1ef206a1ecbbb7bf8b5dfd0c13cfeb3bdc8af8c11eaa9da8b84

SHA512
ff7bfd489dc8c5001eea8f823e5ec7abf134e8ad52ee9544a8f4c20800cb67a724ec157ca8f4c434a94262a8e07c3452b6ad994510b2b9118c78e2f53d75a493

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
32KB

MD5
1ff50ed3e3d9b38133624de8465c58ea

SHA1
68e97210ba9c1c1829c3e86ca3efb39ed397fdb7

SHA256
d8631ccbd84f3e84bc43273c51df256094c4c24047df4723e78ce46dba1cfd55

SHA512
e53a17b1d962773517c8fa6cb2e9070f59e743a79c22d8fc516713f5385ee7b13e57276049aa18cd287c83754f324f0f123e74438997b19eebef24f07e1b16c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
19KB

MD5
bb30ea3b46964f49ba85f475efd1fb6f

SHA1
1bb4aae7781af8b933e1dd4dee56879a3ef92d38

SHA256
7a5bfdc2463dfde6b169ca4555ce9f5a0fb21c15c3ac807967590df27dd800e6

SHA512
bc52e8de4712d416aebf1d403d6ee8dcb6386a93dfc6727613af487f73de69db90913a9e9781660d8dec121d720ceec9c84b260c76f0f6f565ae80967eee7474

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
33KB

MD5
1aca735014a6bb648f468ee476680d5b

SHA1
6d28e3ae6e42784769199948211e3aa0806fa62c

SHA256
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

SHA512
808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

Filesize
1.5MB

MD5
c822ab5332b11c9185765b157d0b6e17

SHA1
7fe909d73a24ddd87171896079cceb8b03663ad4

SHA256
344700d3141170111a9b77db100f6961cc54a2988d964d34f7e1ca57aa42aa2a

SHA512
a8612836fb4714b939d03f7fe08391bbc635ca83ab853fc677159e5db6b00f76b9b586bdae9c19d2406d9a2713d1caf614132cb6c14e1dddc6ac45e47f7e5a5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\264f42960557fca5_0

Filesize
3KB

MD5
78b94ef72f1ed4e4c60156dfa095789b

SHA1
abc51363665dde91b08e9b152948261fde52b047

SHA256
69d0f9d1ef471744c2012ca411289a12f60e171a159683c0b32d58f06e689115

SHA512
585585caf960f18ce967e5bbbe695810f45723c237c3af5dde8e85cca786ffce2854ee02a4a13cac818f26788fea4cace4dbdfa8858e311c2f646e16b8c420b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3e83b06c51f231a5_0

Filesize
3KB

MD5
948c2a2029d45ec0bba88645afffdaa8

SHA1
1cd10b6336a4b5497820c87c648fb589cda0a660

SHA256
40215e64e1405e0772aba06aa8fbeb7276ddef66914d457c07f528a1dd1c182f

SHA512
a5526d8b6feaf41e2bf5e192abb6a01fd106657180b7e22e86f3a4792593d702716f814d60214323bf89e511caa28fe9cdcd745ab9083891e781f8b2d1a02bbc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\79339bbca662dcce_0

Filesize
292B

MD5
582cb7b76a9cb5065039c5fd121d29dd

SHA1
6c277824560ce747d199822bd82efe91fef637f7

SHA256
473f3baf15a9aba93143b4cc26692a43e6e2763e30e44ce79affa397a21a95ef

SHA512
70c6d5de3ca7074dd91fdb4b71dab16ccfd8e1a71c499b0d396559b3ce12ab3de7be48d2447da05637cea5f4d40a046e9f4ee5222d00841b4f95c00dfedf0afe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bf57e9d6313017be_0

Filesize
33KB

MD5
dc2018b7a066fc5c77a86b9a0dbae744

SHA1
4600d1916b3fe34efe4e7ef196543fdf3266b998

SHA256
cca374f961f4bc4c0d1e6df6d570fb8cbdede0b60d9705c0c513bcedaf227668

SHA512
2f712b8d4c9e0c32a11871ab33eecd9c4e7b90b9b07468c3c5d2b4bf673f6e9c1e83204c0bd85e135ead06be3ca56d00395e70b762737311e1aee701650565c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
be72f0e7a5a9cdfdbe5d2f0cb7e6d9cb

SHA1
0bbb1f2bb90cd79d9ce1fd17fb3c664cba44f9ce

SHA256
52dec9c2e945c38ca9c8e63b2f595df2a85ae46dbc64ab1df2444c0d76e17108

SHA512
b6c6b16350e1d2a68bed1d428538b57a86bcb9a66466c878305d6d5f214b52ed6c36722a12d7070edb9c2120beddcc6de87f923db343abfaa29bd7873a36b393

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
6373c3b7f86ff4a3011fb6caeb67c0e9

SHA1
84184e7bd3875572b56983a0e087c73768f5a104

SHA256
b4a61f2bab93fe8cb3c0028f4aae5502503b2eff1bf021f12fc5535c32605123

SHA512
65981e8ce09ce1ef350cef9f904322ae230f6a68d191056019d773195794855b46bb7ca738e1046f04941dc2be99eefc42773bc20353c26d620ef32a2dc79660

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
a868fa0d931a3e7a8502abf6da948aee

SHA1
22dcba42d0ba2fbc979e47cc97a01c6b83885660

SHA256
6f4934f246ce26b1dcab5a1a256435c86c089503ead67c3d5bc3aac86aed1ae6

SHA512
9b69ae8570c3a72eb6c77917b3c9e5e1c8901128e45499026e9043f5ca7b3a6ed8175c7259c3832c08a191f38eb37fca797e20175a16669e4321ebc8cce2f6ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
d7c4a3dc82d30cde0506cdbe4468a2cf

SHA1
20a9f00a44bce2e0149a864695b6249ed16f7eb5

SHA256
d7eb14c2cf20a0bb8bdff1956bb34333df4cbd58157b6dc5b6ebe84ab951104f

SHA512
0aae54dd21756bc5d6db3446cda72c29a7d22c2cd6531b9a35490b23c06851684ec89a54f5375b2c7c60d4ebc713d2312436571783ff6a1810f5114f80352896

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
dc680da099f0e4f171a02d6bed04e02b

SHA1
68495308a18fd1b0616f34796510908bdb51a96a

SHA256
f38e84acac5cc9a99e9930e796af04145b606ba34dc223ac07136a03cdeb295c

SHA512
c92d7073c43e10a15a15a78ddef65a3bc64cfa61fca5a4b6e5b8b479d503f3852c973ef06a3a4bdcc128a980da56f019d76cee8612467c780259f24aae7fb1ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
a327f62c58398c4a6be645006c51369c

SHA1
00e1a862e1783d6b5ff5db17813524514cfff24e

SHA256
1d8c91f5805779af2855101184e1085b38d710a5c4180bd50942644266cf0132

SHA512
e024c34e89d93cda98f5e1ca6a3a7b21bebea45d720d75a2a3123270aee82a4334b56218baabed1c7cb537e3f3f1bc1fc3cd98b6b4a3433566b2d34c7c460d52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
eb5aecd6317f39b62d454c02818ab6a9

SHA1
e8d7d05efb322023460473d7b1080aafed40a7b2

SHA256
d3b8fb3157ce9d755cfc623676a0cfbfcebf66d054b06580287893949b03f842

SHA512
dc558694f5a8eed7ee49cf58e03d37bc5e91733961f83bf2589e6d41b86cd0b2a955620ee8b0e07e5b01c784b968f78f1e97acb911105aeccb06a4a9134d0f73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6d596050ef9598d1cbacd8d26fcf515d

SHA1
24615b67daf746a4b0b5c4ef3572420e467c2397

SHA256
034d3c2dc4a245ea32cab764e4161de5534acb710fe0b4274b872a160ce1efbc

SHA512
bffc5e1132d99f65d4cffe0dc80277568a6a7a2ca3bc7a383db6be7de89da13f85762903be6ba21aa4d7310b1fa8f5d79d36faa372fab33d852c34d9dd3f7d15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
b8f756c17781e2eb37c98377a5c7f551

SHA1
d2a5ea270ddcd56335d4c46eefa6e9661645b7c1

SHA256
dd08212d0bef0374e80fe87e4a9c302b083bdf68be5d07a8026fdffa978a9212

SHA512
57160fd0af2ebe44116852aafd183cd21f6f71bc0fa470ca48374214121ed977a8b6a2d075ce1a8dae0b48ca365290de445a655dfefe1f22eb427e9482e4a4ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
da9fea40f9e0a085dbedcf4440a82525

SHA1
2b38e84a7175ef22086d36ca8ba8c40edde332d4

SHA256
21d6b8cc4b3964f86a58b546d7783c13bf6f2c50f2bc2fac7d4448419fad4be9

SHA512
df6a9c1584831488adcedbc61ddb0dd3fc84a3ae64a6f5dee5447fa3d5ce17c8a028532392b7b4d40cab3d39b8e4c0886f69410622f4a5080cc6f3d8f7348953

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
d74d5aa668a9d984deea5e528b1242e8

SHA1
ec33ba71afaca639008d0333930cb4606379b8e6

SHA256
4812d8bcea449693fae43cba4dfa08c49cf3c358ef70b264ac3c33b3277674cc

SHA512
0e911e9b83970471ca64e1959b1bde926099c36f71a42db164400ad42c9bd9a12d0756cb6c717b53f955ad7a21fa294104136a0a099927db73e4162ed5b5fd86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4047e73f29648f6f2cc83515caadc7ba

SHA1
fc844e930ba54477143dc0239d2b92f1a06b7f01

SHA256
112cb08200ad64f02c226b072447581c10f6af194c53951bdb728dfd9cbcb204

SHA512
5b65997463548854c07976ef26a2f4f937e786e830022483ab65c85818ec6c9cb8fd31448e310b63d733e5e805c6eedd3adcedf38c705c7d725bd3f9739d4fc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
df26feb840ff8e29b78fbae29f29be4b

SHA1
09fe1d79d1d925392372dce497edfe4b16d77264

SHA256
ab598c6ac96422e0ff9ddf9c9ea2e67051eef7aa566f13f3b56403b56e07f550

SHA512
c70735ac5284bdb256d7600ab9e3642dfac33c3447f23b8de7e920e89019c63c3ff87af4ed5712654179c5077039bb0ae7e7d549a59d6197541bf1393fa08c3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
bce2cb44edf6aa6f4da93e33c4a01eb9

SHA1
7e7089a332ca0b93ba7ab7baa1940482f7cbf2e2

SHA256
56ff172ca1b7953b4fd31fcc42616db37cb23142c992a4f569f809bb2dc75ede

SHA512
38beb48ee399f5fc02dd9d2bff9c94f6fa47b88f1fb8decd3290104f5700159c975e5135c2221b49e04b616ced44cf2648823a68989debbafbd0e5d39bbca2ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
3630acff53373bab91f012851a27c232

SHA1
b5e3a60e9eb7ec3713a3a52bec2dc8212f1b9d36

SHA256
c8d7d0c4082f7a9340b405a46421181dc2d1bc609a519e446635c6af8921ab29

SHA512
698b9681b290b1fe452e7024cd648747ef6c15872ff098483e46e94a2ad7a27b4a2003dfdc9949ff5d613aa20a6be20bd684e740b95f42788def741a1f040277

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a1ea33272e9b7bda91b9edcfcdaca1b8

SHA1
10ff0082d36ffd2a0b06d66c30d6ac99ebd8fd0c

SHA256
7bd846db2c3a978832f73094b7879040756b17b3d51f540a42a4a47c3891e4c4

SHA512
57356b23d49bf8aaffebe31ff7e8190d8f4a387be29fd38bad13d5e9d90a6e93c3302de2be4dbcb163b32ae13ef5e2a82e7cf40793b6c4c4e0eee1aed4e39ae0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
854f1b9b5d1333bb83541734570a313b

SHA1
f996a40b07a199fc6814276d8cecd61797841424

SHA256
149dbcf2cdde5ffef07e3d18055b100425fe853d758b4ef5ecc761fc27ed78c6

SHA512
79d4db8321012e1f832ae622c97fc1047f97f75b2e2118aa1ae8270fc5984e8f611915eff2eaac64a1f089c5307bb8d3f763535e29b6c2615e1d1de3343a8456

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
937daa4eb5f67236c8f2f954831ff602

SHA1
b2196e9b8d3617df42e735fbd3f824109c6cb658

SHA256
fe99fb4c77ef0de51486d0ef81566067316849dab4cf0d41a39c9efb666e851d

SHA512
3ce50a1e8c35026fc85dde679e6981678d570d1424e068c37c22193ea13da0d625ce965654bfe74200c40898e5f14dbbc72693080dfde1ee01f9a7658b39936f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
77f5edc07134fce934894cd9d88f7728

SHA1
7db5c20a12298a30149deabcaaa1d875608b4959

SHA256
22959953b6ad208af82dfa1121afd9bbde08bd703033e66c21c73091602bc17e

SHA512
ab3791895bff88f6685cde776e7c151df4709cd3021922bfb3eba4688cb086a36fc0118c10a7ac22f1e557be32b7ecefdb9eb683e4213f4cab20d8e05eb592ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
a545746919d66300f3008de6bb669ffa

SHA1
1a32c26abb04681b9efbded1e720da1e5aee5b27

SHA256
a4e355c4f1a2955bc63ec8c52b195b377281f4f4486ffe7152e75a2281928c71

SHA512
5c517f6f5bf45e9c2a8bd634d3167423bfad8da09258b590dfb02519c596ea5bf47481f0c2f3a815d5c4ea84df72764c2f61ca830d55465e4367a235a0b009f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
c3e0fdde20433a38fd39c7248b020c3a

SHA1
f7e551b57649b68f9dfcb5ed58b8947837353ac2

SHA256
4599efd2ec8ca7f3bb9e7a4a8a330c23598c0608e4e0d2f6e76397ad271cf000

SHA512
c041aa6f531f95aeec0054d74bad4f789959900de0393ecdbfaadaf59c9c29c2befe43bc20b48af4b0a09582468b7f4602484bf7ff691b00148a2bb9d61162ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
96KB

MD5
9c3c891370c88ab0fc29851aa7a55549

SHA1
61659ccfc8b1bd74ced54a0f02a2d9c1d79e0ee8

SHA256
6d9fdb875d9e064450640b9f15bcc20375e1e1698639eb810b85d09466ba836d

SHA512
f0bba4fe70662d69b7f40086ca5675f7a6fd13c96a15d5645b3a6beef0934ff681d3f20f786c2d0edacd086c29e3a35732f17b639ded55dba184e43ad9ed48e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
a6dd794e8bb7fda65bd61205ad233e54

SHA1
ce402c4831750b06720b0696f470c5e30f70181f

SHA256
3820f7579de5e084d7bcb07810107b4147e9642306ccd225e56fca55ca75795d

SHA512
c721f4bd8c03a3dfeea6ea70df518582cba3623aa929a1cfe987043f12bf974f0f2b3d26a602a5dfdf7eb2dcfe415d99995cfed04a053a75e8486e1cdb0aaac4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5aa912.TMP

Filesize
90KB

MD5
0960ee0fd0ab922b1d37ebd9292b0b56

SHA1
2a4d078afc5054dda262a9461505f600cb7bb241

SHA256
f2ee5b19a699000a54f4d91cfbf54df8d810482a59ddc742240636d6005de6bf

SHA512
c447984a9c0a4b921890b39cab40f8648a5e7c297277687fae30d7bca8ec631abe4f489902e22aa6c6118e6ed30631006f1f396afff5e6d4a6f6465739d48661

Download Submit
C:\Users\Admin\AppData\Local\Wave\CefSharp.Core.Runtime.dll

Filesize
1.3MB

MD5
09cba584aa0aae9fc600745567393ef6

SHA1
bbd1f93cb0db9cf9e01071b3bed1b4afd6e31279

SHA256
0babd84d4e7dc2713e7265d5ac25a3c28d412e705870cded6f5c7c550a5bf8d5

SHA512
5f914fa33a63a6d4b46f39c7279687f313728fd5f8437ec592369a2da3256ccff6f325f78ace0e6d3a2c37da1f681058556f7603da13c45b03f2808f779d2aa1

Download Submit
C:\Users\Admin\AppData\Local\Wave\WaveBootstrapper.exe

Filesize
939KB

MD5
258a9cae6024c91784bbd8aa5379e86f

SHA1
fe1a808ba23053413359a78d5ec096b2cd540dd5

SHA256
3881840473ec5286189d2fc8e85f0f26a2532890055d1653da9580aa31b2d0e5

SHA512
b621ef432b430d2df0443fa0ebdd59dc7de6b32375c2fc83e8474838843c4abcf4a35f2b5f80e78911fc52336d71812ca9fbc9919314ea3b59bd26036a4ea5a5

Download Submit
C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe

Filesize
7.5MB

MD5
d480fa673e647e8724368ebdc25e0466

SHA1
e9d79aa2ecbdae35092e05f2d7dec4bcb8cf1a78

SHA256
97e79046d57739603a980f5a5fb0642c05a082781095b9a7eb8475083ecd5703

SHA512
5f34adcb185556428e4351fb6ab0e009a8e0585e1f5fbefc480bfd5fcaa7321ede5d9d58ad28bd4d987c273cb35e057e04ba39add1a47615de4b2bba28bc7551

Download Submit
C:\Users\Admin\AppData\Local\Wave\d3dcompiler_47.dll

Filesize
3.9MB

MD5
3b4647bcb9feb591c2c05d1a606ed988

SHA1
b42c59f96fb069fd49009dfd94550a7764e6c97c

SHA256
35773c397036b368c1e75d4e0d62c36d98139ebe74e42c1ff7be71c6b5a19fd7

SHA512
00cd443b36f53985212ac43b44f56c18bf70e25119bbf9c59d05e2358ff45254b957f1ec63fc70fb57b1726fd8f76ccfad8103c67454b817a4f183f9122e3f50

Download Submit
memory/1836-630-0x0000000000200000-0x0000000000392000-memory.dmp

Filesize
1.6MB

Download
memory/1836-682-0x0000000000D80000-0x0000000000E16000-memory.dmp

Filesize
600KB

Download
memory/1836-635-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/1836-633-0x0000000009750000-0x0000000009788000-memory.dmp

Filesize
224KB

Download
memory/1836-665-0x000000007443E000-0x000000007443F000-memory.dmp

Filesize
4KB

Download
memory/1836-666-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/1836-684-0x0000000000E60000-0x0000000000E68000-memory.dmp

Filesize
32KB

Download
memory/1836-683-0x0000000000E20000-0x0000000000E46000-memory.dmp

Filesize
152KB

Download
memory/1836-688-0x00000000091B0000-0x00000000091BA000-memory.dmp

Filesize
40KB

Download
memory/1836-687-0x00000000091A0000-0x00000000091AA000-memory.dmp

Filesize
40KB

Download
memory/1836-686-0x000000000BE30000-0x000000000BEA2000-memory.dmp

Filesize
456KB

Download
memory/1836-634-0x0000000009730000-0x000000000973E000-memory.dmp

Filesize
56KB

Download
memory/1836-631-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/1836-632-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/1836-629-0x000000007443E000-0x000000007443F000-memory.dmp

Filesize
4KB

Download
memory/1836-909-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/4220-1091-0x0000000009680000-0x0000000009681000-memory.dmp

Filesize
4KB

Download
memory/4220-1081-0x0000000009680000-0x0000000009681000-memory.dmp

Filesize
4KB

Download
memory/4220-1080-0x0000000009680000-0x0000000009681000-memory.dmp

Filesize
4KB

Download
memory/4220-1082-0x0000000009680000-0x0000000009681000-memory.dmp

Filesize
4KB

Download
memory/4220-1086-0x0000000009680000-0x0000000009681000-memory.dmp

Filesize
4KB

Download
memory/4220-1087-0x0000000009680000-0x0000000009681000-memory.dmp

Filesize
4KB

Download
memory/4220-1088-0x0000000009680000-0x0000000009681000-memory.dmp

Filesize
4KB

Download
memory/4220-1089-0x0000000009680000-0x0000000009681000-memory.dmp

Filesize
4KB

Download
memory/4220-1090-0x0000000009680000-0x0000000009681000-memory.dmp

Filesize
4KB

Download
memory/4220-1092-0x0000000009680000-0x0000000009681000-memory.dmp

Filesize
4KB

Download
memory/5096-986-0x000000000CEA0000-0x000000000CF52000-memory.dmp

Filesize
712KB

Download
memory/5096-991-0x000000000E760000-0x000000000E782000-memory.dmp

Filesize
136KB

Download
memory/5096-992-0x000000000F5D0000-0x000000000F924000-memory.dmp

Filesize
3.3MB

Download
memory/5096-933-0x00000000057E0000-0x0000000005804000-memory.dmp

Filesize
144KB

Download
memory/5096-934-0x0000000005F20000-0x0000000006006000-memory.dmp

Filesize
920KB

Download
memory/5096-931-0x00000000007A0000-0x0000000000F2C000-memory.dmp

Filesize
7.5MB

Download
memory/5096-1097-0x00000000110C0000-0x00000000115EC000-memory.dmp

Filesize
5.2MB

Download
memory/5096-1096-0x000000000A800000-0x000000000A8A0000-memory.dmp

Filesize
640KB

Download
memory/5096-1095-0x0000000001300000-0x0000000001338000-memory.dmp

Filesize
224KB

Download
memory/5096-932-0x0000000005790000-0x00000000057DA000-memory.dmp

Filesize
296KB

Download
memory/5096-942-0x0000000006280000-0x00000000063DB000-memory.dmp

Filesize
1.4MB

Download
memory/5124-912-0x000000000A1F0000-0x000000000A1FA000-memory.dmp

Filesize
40KB

Download
memory/5124-907-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/5124-910-0x00000000094A0000-0x00000000095A0000-memory.dmp

Filesize
1024KB

Download
memory/5124-905-0x0000000000D30000-0x0000000000E20000-memory.dmp

Filesize
960KB

Download
memory/5124-906-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/5124-913-0x000000000A230000-0x000000000A238000-memory.dmp

Filesize
32KB

Download
memory/5124-911-0x000000000A1B0000-0x000000000A1C6000-memory.dmp

Filesize
88KB

Download
memory/5124-930-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/5124-914-0x000000000A290000-0x000000000A2AE000-memory.dmp

Filesize
120KB

Download
memory/6020-961-0x0000000004DC0000-0x0000000004EAA000-memory.dmp

Filesize
936KB

Download
memory/6020-957-0x0000000000610000-0x0000000000618000-memory.dmp

Filesize
32KB

Download
memory/6020-968-0x0000000004FA0000-0x0000000004FEA000-memory.dmp

Filesize
296KB

Download