hxxps://www[.]mediafire[.]com/file/lc5zziwd3ttxaqw/Brazil_Sky_by_ShaXHub[.]rar/file

Analysis

max time kernel
80s
max time network
129s
platform
windows11-21h2_x64
resource
win11-20240704-en
resource tags

arch:x64arch:x86image:win11-20240704-enlocale:en-usos:windows11-21h2-x64system
submitted
05/07/2024, 14:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.mediafire.com/file/lc5zziwd3ttxaqw/Brazil_Sky_by_ShaXHub.rar/file

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-299327586-1226193722-3477828593-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
5760	chrome.exe
5760	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe
Token: SeShutdownPrivilege	5760	chrome.exe
Token: SeCreatePagefilePrivilege	5760	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe
5760	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5760 wrote to memory of 4860	5760	chrome.exe	79
PID 5760 wrote to memory of 4860	5760	chrome.exe	79
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 3432	5760	chrome.exe	81
PID 5760 wrote to memory of 1988	5760	chrome.exe	82
PID 5760 wrote to memory of 1988	5760	chrome.exe	82
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83
PID 5760 wrote to memory of 2916	5760	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.mediafire.com/file/lc5zziwd3ttxaqw/Brazil_Sky_by_ShaXHub.rar/file
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc73efab58,0x7ffc73efab68,0x7ffc73efab78
  2⤵
  PID:4860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1500 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:2
  2⤵
  PID:3432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1988 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:8
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2196 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:8
  2⤵
  PID:2916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3028 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:1
  2⤵
  PID:5628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3036 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:1
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2708 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:1
  2⤵
  PID:5224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5088 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:1
  2⤵
  PID:5432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5040 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:1
  2⤵
  PID:6072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4636 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:1
  2⤵
  PID:576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5328 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6164 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:8
  2⤵
  PID:2052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:8
  2⤵
  PID:2824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6476 --field-trial-handle=1772,i,14324193946680701850,10724115772848449301,131072 /prefetch:8
  2⤵
  PID:3936

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2052

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:6052

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Brazil Sky by ShaXHub\" -ad -an -ai#7zMap17796:104:7zEvent12082
1⤵
PID:2868

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\1876151e-f9f7-4015-a9e3-846aa086939e.tmp

Filesize
144KB

MD5
56225cd2d72b50f60047292d76d1eb8b

SHA1
51374ae232e62f224305a36097b08ebe044edde9

SHA256
a50b827afb698f19a8da4c174f02738f7acf9d6ab6101df6d4d0d4488d9d9f4b

SHA512
408eaa1843e84d91947df7d1b9026f5b36b8e763062b8762e8c7fd2a0df234cd50636da9abc6a85bbf5df690b899af23ddca1a51a0be28b674d6e9a4275cfca2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
de41a1215ed51ceffcfc30bd9805a358

SHA1
a9223e4a69d5d9c8086cd9a3eaa4b3094a319e15

SHA256
77744b76559142b110150444c578ef4c0fc8e28bff8acf8ac5879ab6df1f5bec

SHA512
2f28c512b484bcfcc60dd503a4e877ea15be38b5a96a56d494911b56bc5f620d4511fdce993efc169539ee56a2823adbd116792bf99aa083fb9d6470cc88af1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
bc7558fe379e60469cfcdf3c0f9a4b0c

SHA1
182ac28a409b2ae092ee95e0de2568a749bd796a

SHA256
34c984bf2e0735ae1e96aa2c56eba79eb4fe0daf8dc84714bc3bba89253903f2

SHA512
712a80474fe8c254c0be02fcdd22a073484b26ca64923475d3c174b1fe0d8660bdbec07ae0fda8619ace6e86ae94db67501edc8f1f009d45f441f5935ed30bfe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
b03b03ccb95454c21bf4b1eb2b5068b6

SHA1
e9adaf3ed517426150a55a78844c77348a6096d5

SHA256
b28c36d64da562613097935e843ba3bc92a658c6002b2a21a0001a2cece7ada8

SHA512
4673c76cfb02986ff3e91d3c62b3f6cfaab24504ff874fa82c014eacc001e9a2481ac244949a7a7ea2bd0551651d054315ba9594752c78cdca277ff9e4478688

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d14664815b9d91a471d07b9f917a99cd

SHA1
be3b5a6aee15666cf79194d3f59259c6361b6812

SHA256
c2d620421486baa2c0e71a778c3fb2f39499c5e7858b6ae710c179da3c07fce7

SHA512
a4538c01018c74fa7fb0c3129ddf79d9df85c8dfd160b52887117cddcf7fd6e3592f861df3e8d2b589e803c30d40a97829ceacadca6ffc23e45a778aadd039f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
983f1cd9939d2691c58d160e61aa2243

SHA1
3aa8ecef98682c8e049544ef59fb348d007facb0

SHA256
afe5d1a10660732628278714faae7047062f1813cfd7d733a234809feeae096c

SHA512
57760ca1f6bdf7633e379a44f2e48ed7cc8567639557d6f32f9947d41acdcecc491d0cb8e73073566487e2fcc3549cf3b78cf15a3a8354bf8dd9caa709fac128

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
99402ae62dd01e811b0d13d47b4adf75

SHA1
5de9da027e49129c0cb9263f8df0e45c2cdaf8a0

SHA256
d9a4d28fe268b88defb475347ba7533052a6d07e1cef73b552a99a128d90852d

SHA512
a168090a883b5bf2c6761398e3d8ccc1fe31e11f287bf3a9df9694aab5e2133d52dfc36c05b59c11cae25f643ce5b0cd9d183e71af38ea73b5f2d7d059851c54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
45550c2aec89ef1e3e7179a3c28c8b2a

SHA1
a7a5f244ae9eaeeea149be71525a9b0ff72db8cd

SHA256
0d0efa7555fc61e7e488b967e8fcd0078231361cb7b0530e441c88cc19fa7163

SHA512
0a18dad178c47f06867f220c4239bc2a4178b11c58f41b41defc17b1bf5b39851b665bd9497644534afbfbdff8226b7df7112c1a3969db5e3b2c5b4a8ebd6f66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
cc905b1448625ca463195df31e785d21

SHA1
a7b13cb59a1422a85cd1eaff8a79bfcc7e9a2fab

SHA256
39957ec266bec2615a5f31467388117b4bfea94b6b11477951109ac94abede54

SHA512
a4b7c193583f815f8a2e53ca130e801dc5de61dc983637ec535a8332649b3312a8e8646a9e90152ea25308e3ab55798ad9d690e0f2bd0ce3fc0f74546df54995

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
6774161d29db2d447aab93ef8e2ed03d

SHA1
d82f0779c7ca83848303801167ad2bc827adaad6

SHA256
a65c5572996c6b4c5224590e8ced0df5a38aecd1172ff7fa5e197ba0d2ea2fb5

SHA512
b4d42c298d2e17987ba91e9031f833e31177bfad22171c7775e7c32f8844b0cb5655260b3cb6ba666c3488727e25da20ce028d3adf4324c144ceeeb3ef0d0980

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e289e3889cbf7aa048214e7fa79f4f16

SHA1
eda07155e1757621d38fa7e0d2b43a92444926ba

SHA256
40db633da62e71de9327d407a6c7140dd8aff557bb05d4e8767c3ed198a98063

SHA512
e56fcb1537f60c4464c31949709365c5468c4d80e90e30ec82c800cb1c69aa46f0cec572e79273f80492609f878e6d05580916aeaa44b66bd094e0304ae283e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b06601208a6346d4c2ce85a770c1e1b3

SHA1
06205b386ea57481ab431713de4d443f1ca48d4b

SHA256
bab625c116e3258116f37000f6a1e28b94c368a08750f62d12f2c52751585c20

SHA512
a261291ff84f6c8978866e5d7bd7b2d1a14f4de1cd5e05d54984727943f4398b93a6a25c4670f3b8115d579faeeb1cdbae846ecd3b7d0d9a2b9e1f5584445332

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c42e7c68db1d3aec0cecd3df117cfc33

SHA1
d03cede2ab17bbb84b34ce4aeb0383a5ba7a6d41

SHA256
9eecfb10df20c4a9f6a71cbd65704362faa273602a7100e592340ad56f9867bf

SHA512
c6dfc9650168e222d50f5cd0644a85145521ddc3e62089339b2832347fb1a35d19e2700fb4b4d0cdcf7db97b81ab6cb1894146cf695827f8949efe28079d5021

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e1ae0a2a-38c9-404d-9a7c-272a0accb335.tmp

Filesize
6KB

MD5
54b4eadb56cca8953436540d635e63c6

SHA1
ee83df50d30324a0897aa62417bf3e0512dec3ea

SHA256
203b580eafd2ae7f79f1be12ca5e60ed7cfbb666c24f79cb7d917d38c6770fc1

SHA512
3816cb8c71e8df8c5d560966db426fd9515e187901b635fff957e32c7039ec403f9a12abcbae831c17c123151d4f675d501b2531922c5255c6d59865adb98fcb

Download Submit
C:\Users\Admin\Downloads\Brazil Sky by ShaXHub.rar:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
C:\Users\Admin\Downloads\Brazil Sky by ShaXHub\citizen\common\data\lensflare_t.xml

Filesize
63KB

MD5
6b6ae2311578b70f68259f1281e1e91c

SHA1
86463bc4d5bf8582ebf02e896439aa96d5caa8cd

SHA256
4a08b744f2edf5731f25b73e99eed51bd31ef6fdc9873c0b8957593dfdc75129

SHA512
acc5fb12e2aae86ecd920c177b47c8258aca790eed57d9c54cd64917161524312e7b60a3437f3c60a4bf90475d15989217a76af9f77f429d56bdf6edcc1c01b8

Download Submit
C:\Users\Admin\Downloads\Brazil Sky by ShaXHub\citizen\platform-2189\data\control\settings.meta

Filesize
37KB

MD5
3656c6636cd9dbceaf83230c3c9a2be9

SHA1
989f27c6736a943fd4690091fed26f7c17e3c17f

SHA256
f9ae094812ce9fbd56b58dab7739451792aba8f56c5f21eee15ef96682b413a6

SHA512
52bbb8f2b2d6183f30b908d9171a2ec8c2128bbce145b7af0095d4c199b1ec431d650ec4ed0b1b6cbc7bcc8d29da3285cdcc61368faa8c4e57b45315ced4e4ad

Download Submit
C:\Users\Admin\Downloads\Brazil Sky by ShaXHub\citizen\scripting\lua\natives_universal.lua

Filesize
1.4MB

MD5
59746885db88fabe4c5fdf6541825a26

SHA1
86b326dcf3edf16cbe5a60551563c57e12ed8b31

SHA256
defb06b564b9c05c3bd23441728434ee08daff969a189424cf635b590725b581

SHA512
9a9d3872ca836ff4f4823e0301afda8318506f1a37942c71bd134e2df5a72938133127599acaa44b98b87732d96f81deb0513276fdfd8b9cdbeb3bef0422a66c

Download Submit
C:\Users\Admin\Downloads\Brazil Sky by ShaXHub\citizen\scripting\v8\natives_universal.d.ts

Filesize
1.5MB

MD5
5e3997d9f3daf4a408ade47e99034fb9

SHA1
018585949bf695255c1e5d3d6c8b6cf66a7c515d

SHA256
70d80f0a8f8c863a817440872f86850c2f291373e0aeff2b04d135ff57a1c193

SHA512
2797d8e7ac97c1a721816b9e6a05ddfe7313ff1b3ce43b9cb7cae095159bb505455fefc10d3ba90e5c51a6b27bbbf7ed1813dc1795748a94f358a2fbfdc6ea6e

Download Submit
C:\Users\Admin\Downloads\Brazil Sky by ShaXHub\citizen\scripting\v8\natives_universal.js

Filesize
1.6MB

MD5
0969b07c0e608a9931adb21c5fce4a84

SHA1
248924b246612d9fd7358f5488cd226692aa5eaa

SHA256
baca02f01f5e842b10766b84e1794610530949c2deaf5cd28fd32e086e5e6404

SHA512
d1fc416b550fd7ba1f1ead46852584649b28f00b0f0a49d0beebb5739ca46c9aa421f8d025b06a027e11dec6b1a6f5df2fa8fd53362fedb400c517e2d54367dc

Download Submit