Malware Analysis Report

2024-10-16 06:13

Sample ID 240718-cabjfszcqj
Target https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4
Tags
antivm
score
5/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
5/10

Threat Level: Likely benign

The file https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4 was found to be: Likely benign.

Malicious Activity Summary

antivm

Drops file in System32 directory

Checks CPU configuration

Drops file in Windows directory

Changes its process name

Reads CPU attributes

Reads runtime system information

Writes file to tmp directory

Enumerates kernel/hardware configuration

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies data under HKEY_USERS

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-07-18 01:51

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-18 01:51

Reported

2024-07-18 02:42

Platform

win10-20240404-en

Max time kernel

1799s

Max time network

1798s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133657423878778721" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4180 wrote to memory of 2796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 3216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 3216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff935d89758,0x7ff935d89768,0x7ff935d89778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1808,i,1410182134040988586,12343923426229131803,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1788 --field-trial-handle=1808,i,1410182134040988586,12343923426229131803,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1808,i,1410182134040988586,12343923426229131803,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2804 --field-trial-handle=1808,i,1410182134040988586,12343923426229131803,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2812 --field-trial-handle=1808,i,1410182134040988586,12343923426229131803,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4468 --field-trial-handle=1808,i,1410182134040988586,12343923426229131803,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 --field-trial-handle=1808,i,1410182134040988586,12343923426229131803,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4624 --field-trial-handle=1808,i,1410182134040988586,12343923426229131803,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3732 --field-trial-handle=1808,i,1410182134040988586,12343923426229131803,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 8.8.8.8:53 158.44.66.172.in-addr.arpa udp
US 172.66.44.158:443 webminer.pages.dev udp
US 8.8.8.8:53 ad.a-ads.com udp
DE 148.251.53.118:443 ad.a-ads.com tcp
US 8.8.8.8:53 118.53.251.148.in-addr.arpa udp
US 8.8.8.8:53 static.a-ads.com udp
DE 136.243.55.84:443 static.a-ads.com tcp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 84.55.243.136.in-addr.arpa udp
US 8.8.8.8:53 miserable-kathye-nimotv-c35c0d21.koyeb.app udp
US 104.22.78.190:443 miserable-kathye-nimotv-c35c0d21.koyeb.app tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 apps.identrust.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
GB 92.123.143.169:80 apps.identrust.com tcp
US 8.8.8.8:53 190.78.22.104.in-addr.arpa udp
US 104.22.78.190:443 miserable-kathye-nimotv-c35c0d21.koyeb.app tcp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 169.143.123.92.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 171.117.168.52.in-addr.arpa udp
NL 52.142.223.178:80 tcp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 57.110.18.2.in-addr.arpa udp

Files

\??\pipe\crashpad_4180_UBUBVGDBLKKLENHD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3e96f9e5bb0c91fb0ce03d1535d52179
SHA1 ce301d88e5c562a6d5b6746deb5dd800cec04bd1
SHA256 50c40b1755235bc2ce43d28210e910b5bdbdd0352b626744fcb946ac994a886c
SHA512 77ba923b5830b3b7575e03076560bf504e0c65c538df2bc8dcf776bfeb0179e395c6363e964ad04b3d16a6b0e19e3cf3d6ea164d616f2d66a6f290b63ad2dea5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4fed5a4bf8b1f6fb67a9fd398f2de4f8
SHA1 1874bb8f7e9f4eccce5420ee6da27e08c57976de
SHA256 2c78d77d557c2189da08433a8e9a71752e46b9f09d5a289aac905854d67c28d8
SHA512 2e4f90fe1f48f4706d85490fb761d47d674db8449d12aeed76170f88ea9c46178354250e79d0b075183e828815ca0b4aa68bfc4eae512f1d9a14cf0d525aad39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2ef0eb4fb450aa8085cc6b3538ffc1bd
SHA1 3e5a22350cbdbc3e6b7ce368c30c95f6c95252f9
SHA256 e6e79052b0f30607378ae92e80f9b176f2e112fbed8598837a4ab4d3a1912bba
SHA512 bddf6240daca81538df5687f4c2d3172a3635a49732c8f884b541174a84ccf7cb013c7ae727212207f84ad64fcaf5b5480381ca4f2afd2b9a37e5dbcb6c3002c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 85d59a18f6bb7c5fc7331c021076cc6e
SHA1 96c8216373d44ac581b660c7524ce3b1c801100e
SHA256 c40e04a80416ece49051cdf930f77723bbda7652a99a165a4aafd240dde77a94
SHA512 e041f4aa0efb1b3626009cf938abec1b1c15c5f8587341ca80a43db2490bdde2d9d9ed1eee21dd56579337632677a94eccb5faa047d0523373681f88fc96e9ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 55e8249838f92adb14a2a9f328dc3e75
SHA1 ae2e5fce5bf87267415392b46f8e66e43d8bfacb
SHA256 701bd3f9cee82d0c9975d2168c5c807fa5188094e3b17f3ea73537899c32eba2
SHA512 e866b007279b51040b4afd0187d8f4655b25f7b016e9d107607962c46c0627ccedc0449e5901a30e8ffec8f30b25ba1c23546c921d6ee2e3ab1a6b98adad2d4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 247170f2c854fc0d5a1bf4b0372ebdcf
SHA1 67ef35cd96bafba9d01b708c97fd15c165efc953
SHA256 fe660860890200496f18d23d8aa0f3e90bc0e8a6f1748502f78ed86f58b1cc14
SHA512 0784dc44080c3527d9fe0cd963e71cbd94ef9e6f8db75b83688ca51aa854cf69c79ea10cf5ca0970955635146e595f81cf6039d22a8fd0aedf1035a01e0c9e40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 779ce4cd4c5afbe97447464b3b66cc5e
SHA1 00436625b233da853c2cc52dc329da64e411a2df
SHA256 9b52ce44ce8c1dd419977567c93385c9106152ac37d56f6e083568a025b6fd1b
SHA512 318729c9b60f17b6b0f1d1bfa14bc8f25c145a4490e9c9256d40beae0ec7c898b5a0f58bfd749fc42e0065221db4d90fb19af9b3b55dfd7dd29fd44dd5309cd1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 126a65fe1ff0eb81f48781da5bf850e7
SHA1 efeffc45a939fad32d5bcddc25859d1be55a30a5
SHA256 31a60e52c8824108869dcad627ed7392099e355b64ebe3aa1062b731254a26f8
SHA512 d7c8b6947d5bd6e276b0a0515016070a9c87ffa289aa80da124552f40742a8b59d97c30f81ffd7427f1c75dba0b7179f8559538d17a10c6bd9a10247e97854be

Analysis: behavioral2

Detonation Overview

Submitted

2024-07-18 01:51

Reported

2024-07-18 02:42

Platform

win7-20240705-en

Max time kernel

968s

Max time network

1684s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1812 wrote to memory of 2224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1812 wrote to memory of 2636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7799758,0x7fef7799768,0x7fef7799778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1140 --field-trial-handle=1340,i,15552734474033520367,11239674825209451628,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=1340,i,15552734474033520367,11239674825209451628,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1572 --field-trial-handle=1340,i,15552734474033520367,11239674825209451628,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2208 --field-trial-handle=1340,i,15552734474033520367,11239674825209451628,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2216 --field-trial-handle=1340,i,15552734474033520367,11239674825209451628,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1372 --field-trial-handle=1340,i,15552734474033520367,11239674825209451628,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3156 --field-trial-handle=1340,i,15552734474033520367,11239674825209451628,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 --field-trial-handle=1340,i,15552734474033520367,11239674825209451628,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 ad.a-ads.com udp
DE 136.243.11.250:443 ad.a-ads.com tcp
US 8.8.8.8:53 miserable-kathye-nimotv-c35c0d21.koyeb.app udp
US 104.22.78.190:443 miserable-kathye-nimotv-c35c0d21.koyeb.app tcp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 static.a-ads.com udp
DE 188.40.69.138:443 static.a-ads.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 92.123.143.201:80 apps.identrust.com tcp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app tcp
N/A 224.0.0.251:5353 udp

Files

\??\pipe\crashpad_1812_ALFRMOIYBAZDIGRE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Temp\Cab84AC.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar94A6.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fdae452e3d56a09d834a13893c3efcb9
SHA1 55fb6fa944144685df42b89d1a3a92ea3e9de62f
SHA256 66f84ccffc86ba8eea123ebd2b6d4372ab8c7cc29ab3a6d3c2b58287b51d6a53
SHA512 ac6a6abadac936b2772590bc66a1ef5487467275dd99014ab98432ae5a94418746a4c00e47a66116c3c3fa7b2995a35ab2ef69a65533d15a38d3e43cd7155d34

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8f963bbd83209be19db065ced35f01f9
SHA1 2d9f8bb418871e9668d638ced631add7113e4971
SHA256 d2afc0a26acc66a0ed1c83f0c35e6088d4c7ec12731f75c0cf7318d0d39202d6
SHA512 c870ccabf10e92f313f413b50f394ef14672377245ec4a4481cf285eeab36405e12fbdfce30fed913860bcbcbbd1bd1b61542743f8843952faeca1e7ed1f24eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 273f39840ec7ec6fd921abd49cc6befb
SHA1 29fd5056ac6f1eb6a5326daa4c2a8f4613e5073d
SHA256 01fd06a70cd5649dc134fae32140c34f42a2ceb1faa3bc76cd520b53c65673bf
SHA512 63cbc0f8c861e2dff5370713a407e17d0fcac5ff815ae340b4f1ba1d9423b7787497270a9926a086ef769d2f260d5c019d4e75128475f0544db25bbf500471ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 34d29ff909cfe4eee33fe5508a80069e
SHA1 5437ed5e5465eefd3337db47a05d4cd7d5db8d98
SHA256 ab8b31b079d367191afe8b57a2f49018f1c12403b1a07940aa09ab461bbf874e
SHA512 1240c5758a848af11ae288515523b1f955e30298663ab13e3d3293cce9987d292a3dc20a6a70ef62b12a0fec57aea00260343b6911fb77d2679d8fa931707f73

Analysis: behavioral3

Detonation Overview

Submitted

2024-07-18 01:51

Reported

2024-07-18 02:43

Platform

win10v2004-20240709-en

Max time kernel

1799s

Max time network

1800s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133657424220190573" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1084 wrote to memory of 1004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 1004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 2572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1084 wrote to memory of 4364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa123ccc40,0x7ffa123ccc4c,0x7ffa123ccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1916,i,15374707595214522851,5959390724594011123,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1912 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2160,i,15374707595214522851,5959390724594011123,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2192 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2252,i,15374707595214522851,5959390724594011123,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2472 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,15374707595214522851,5959390724594011123,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,15374707595214522851,5959390724594011123,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3208 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4492,i,15374707595214522851,5959390724594011123,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4524 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5124,i,15374707595214522851,5959390724594011123,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5136 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5132,i,15374707595214522851,5959390724594011123,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5128 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 ad.a-ads.com udp
DE 144.76.38.164:443 ad.a-ads.com tcp
US 8.8.8.8:53 static.a-ads.com udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
DE 78.46.32.91:443 static.a-ads.com tcp
US 8.8.8.8:53 98.47.66.172.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 164.38.76.144.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 91.32.46.78.in-addr.arpa udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 190.79.22.104.in-addr.arpa udp
US 8.8.8.8:53 25.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 147.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 4.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp

Files

\??\pipe\crashpad_1084_PVSERGOWOSYJTKKF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b67486fb98c44b97f49beb98d8f2e1ae
SHA1 5574edb233cda439cbc8598d81c03aba1f7ecb16
SHA256 329379cc33ca2464634504bac58d7f58ea627b3dd17e793debb428f06e773c46
SHA512 ae2bf3393a82014c48cf5919dbb9ad9709b221cc78c9d01e695533ed938065be4b77a074065498bc963c41b2b266700b9a352ef9b8c43ef1bf02d7f715e12321

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40545d52b39d5ac54dad052633dac9de
SHA1 7002c08c5e59a8313deddf6f70d4e10a46fc4eb5
SHA256 275243ba5c5ba203a6b4f591bc5feafc22811ecdb10e3d7519db88a8546167c1
SHA512 f6d75e98596a444ab2888907ec5d8e9f772f7342c07715313d6bdf1bd028ed71928b79e4e44fe82abc345e3567ba7d01c0aae1f16d6c6a5bece422a3e2863bea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a3a8364a1348df082ddf702cdb09cc5e
SHA1 5ad637d0ad81d45f9fb7992019f81e93185fde05
SHA256 0f5ab8bff0b4c536db422a8c7ae490359ac7ddea838e9b722672d060380b0497
SHA512 226c8411976494e43cae5fce6f17c95ca330f71841ec60b49ef8e98f8d20c4b186389b8ed40bbeb2ba2f4b11272786d239842d631489ecda4ab2a91f91fe8a43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 23ce60be80a8fc253aa8ad2cf0db32a4
SHA1 5b7234a560cf4f7ccecac12cd2c001d0dfc39c40
SHA256 4e0385115c7d44c81b9fff286d28e27cc3fc0ef7a7660811ff0eda1602d1a24b
SHA512 8047e776ed28dd63ffaee113c1f55d8760b94f7ebba7465c62bd63c73606af8a7dc665e91354e3a14f79316f06775d56b322b7b115ed00d14e89c90c74552c7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e3331ebfd2ce3ff372827544a6ba5ed8
SHA1 34842a39795d57486c675776e4794f9df4106252
SHA256 551a5648fe640b3f8e29c3eb35a4a16ae580fbf40d31bcb2c7fd31939938e2a8
SHA512 b17c435d4b4dbff69fa9db3d7bc3b740334eb6df67a5f63c26b2768a5bb0f16c167337423e7614b3748e9351fbbecef5ae5ae78e8fa5a9bd33a6b1e7239e3745

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3565c1eacbbc580f80b576cf7a05c058
SHA1 9dd5f27e005fbc7d914264e7d475c6036d0a3b7e
SHA256 bf5210a7fe938efbe6b1851b73a7d32aa3c9957b2bb599e51c5c0be223dab087
SHA512 888f9531ffc813f0f0e291832e810611f5d21d5b573f8367a0ab8f621ee5f3da0beb3ef6a98229732646677f15b9fe56ac5e6c9bf00f5d2b7244055f6b711e00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 997a24edab09a16932eaa4d549c8a67a
SHA1 0bb1238250719e44fd59973d464cc7204ac730b8
SHA256 539b4be6acc09c14d8718dbefdaf2f2dc22a74e0368d80406920b7410f581d6b
SHA512 78e1c8ec1ad2dc29197594555108588d333e312caf0136c7a8e405c8aabbb970e538486814d0911d53476243d0bb355a27208d4ccc23d12f75048d9c51b48079

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4226473ff45d6375089476e3f8fb1d7a
SHA1 a671d190774febc87222c342887e9f3ae03946dc
SHA256 19b1375e800fe730b5779dd9c8816c6891a3de78bc970d1548c6375d5aa9b4e7
SHA512 7393a49610c319fa5e421c49507bcefb66ccf88516810f616363d00b155e1c96a8ece7d1748e31b53da5783b5be6ed9384e811011ff5fe99f11fb8cfa0142edd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 17254d5d11f1d6c3e9080b5c01e6b4a0
SHA1 d4d884868ef2983b49203d9c585aae25a935a52a
SHA256 f5e6030b8d4ff4bcacbdcf3778d9cf0b4dc4e095776737284850888d5ea5d69f
SHA512 e88454faf3b204ae8b91fdfcdb0a2c6f765d9e7f19146b67020843d01efde42d997ab32f2f4f1d9ce6e0dc222e167a8fa48cf0c6dd285d98fd0e8e9143da6dc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 376f32ad35c2ac7f73ecb07f478d712d
SHA1 ea205fd6b7ad0df9ba2e39d2fd200148622d07c4
SHA256 20ccead1b98aaf1333a0d6e23d31865239e0eb1bf0cbeab62475c473f982c693
SHA512 fec4f2b65d4bc12bda522de4b46bd56e397a641ca21a059034addc68eca78269b4abb0ee362e115d8f43533faa018643792b258bdd05704903f45253efd91872

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa6e43bedba7acc046817de76ab89312
SHA1 57d1cb373537eee3b90b44590318796b4aeaed5f
SHA256 32ffb9eba4584a7e7316be9731a468fef778c7f981381a7276be4bb42064b95f
SHA512 66701e5caf5e38eef789805bfaa3ebe7e0fc9b98ac19e662482e7c998c0a17486b92598fa18c3a7139ac49dbc0bd308c52455d8be6ccbe47b83d139038ae9fe0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 281c3667f7632355f0272dd25ecb5379
SHA1 a526df9d6b1638f133cc0c594f54d1f687b155f7
SHA256 293c16ec93c0f9e29597106dc01096e7f9c4d0987e08559bd35c30695722b808
SHA512 c302f096be13f54456cdf0d2941e7ae06ceb883f09397da68b37bb37df9fa796c7c395fd7c0d749ad8f71e4543446a54b4ebb0c09a833afae8a5b574732c9feb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 305b4bd2df82acc2f278135bede76640
SHA1 04e1f213d1574bc977ec932f8fcb7521680b9642
SHA256 4fde7c49a3394b265873acf2b3b490576764948e8f4856b4b59766a02ad823bc
SHA512 098b36a946156d7f15b49a2ef0ea3d9cdff0b4d79838ce4c6009390da91c0985207b38d684027dddfbbde0f3025a2544c64830ec936817ac37517e45b1b47ae7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 51e9b434e78d10703c987132483c0fee
SHA1 49f31154d47fe4b70846ce77a21d1db056048b60
SHA256 54f9a813c2ad2608dfc90ce8de6da5134362f2dd08ca0cf3d4e6913fc326411f
SHA512 484f5f305fee18b93fc19750b3319abc4354443e923639faed0b30ac8d4462ec475acd9b37058cf0d90590a62bee1d1cb23cab5fa5902d1fa9c6a7b7bc766cd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c5ca0b50eeaeee8c6a548484a4282fa1
SHA1 26d4c9beef661af9d8a0c6e981c4de2d1687e794
SHA256 759b52e63b34c7da64096f69992dfd57e5be4ca78537a310279a2803f3c7c9d2
SHA512 26948b944f38afbbb6275831e57549c8b3df76465707ce66b87c70b92565fd089779d9040f6177bf48b814522641e3ff1b483cca55c09d7621fc49fdb4e3caec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 947c0634bdd66ebf2036c15a46f253ad
SHA1 36c6dbeffbe0c5d9da6a7fe0aafc1e40dbdc326d
SHA256 072e35d19f67770fd8160bb52bb595dc5128aca03c8ccca696e8e904d5068bc6
SHA512 1f71158aed92204ad15849a2fa0f24a7b8368b3849fac45ea9c743e7d1a49ccf90e48c094461e89898cb46f31f0207c6d140b8d959ff9822ac90c11d1232a8ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ca978175f5ec3da060fa74c0da4ad1d
SHA1 51e3a43b20d3c4810431092dd9c0a849a3afc555
SHA256 dd7c77e1b920e78a1e234a812a1975d4723befedfd4356f6df3a6c13bc6c7df2
SHA512 31e6d27a8266748675bb0e877df5d19ec10568899ec73e1cb7d12a2651f46bc7ccb584d17aa5841bf7d6d97893aa58623673843332637c2f964c6191bcc11856

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f623c1ed19486f7c731156ccf2904166
SHA1 f143ad6afd76746e219e4527718ab972b6d9e999
SHA256 bbbef713610cf4626260bfc8bb8c69f0479474568e68c5181da14092304dd736
SHA512 ea34159b03fb136e5ecb8f9848e43a6ea8db884c45444d18f8f4ef4fd0d612a6c6345453a154eb713c2a64cdad3e6fbb967603f2d40ba1bbc7ece8f3b1c64912

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b9522f75c671a11bdb6428884a67875c
SHA1 9d607bfa71d871ed3be047e06180f0f8b89ea942
SHA256 ca9a65f060605a1626e018649f552c63755aafc68b52573710f0bb72ab779334
SHA512 06992633d12f2d1ad79a928d7fac87879746204a36711c867fc14050cb90c16e749134ace2b570c486f30d5cad4d6a4518ef85cf05646bd4dfaa41e554ed48d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce1917c1aaf3417838803a43d8f545b8
SHA1 e519aed86c3eef06b448d21d928b4ac03cf2b81b
SHA256 0e304a0f8bde44e459d777916b58f6a28ed6a696729b1dce5959c0165d98390b
SHA512 2b5fa488c01e054994356dc2e315c1316937731f8c5c6163754244f16356240cdd27e317fdcffc62328a3548d7c85005e9e6705da9219469055707511c4f3c91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3473c06202ff62cb5d034cbfa57084ca
SHA1 69b7525ae2681e45b55bc36020b70acaa20a1863
SHA256 62dcca27cbcbe45599fd3631a66e2d3657830bb324be5b4eba7f7b87fcaef5d6
SHA512 646cfe5299d71e2624ffbaaa94fa33e541c22112b7a3606f121ffbaad47a7900ad372aad16d75dc140bafbd0a1d704804d58ad8781d3aaa1f06b8ddd753bbb56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d39f0542cbe03b61061ece2820f02435
SHA1 ef600e33c5f90e7b02f0fe45a573890e8f4ca757
SHA256 c4537ecfd0bf7638f3c057a97bbfd748562fa4f3bbd96e29926e42059ac65b25
SHA512 d5df38b3d848024b730ed69b45836570fc7ac69c07d783eabb10d9fade0abfecba89f122d0ad17dd123315a5c841c455c5a5e0e3ff8893b93fa21fe6dbefdb7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9f9ca03af3a68cdd11d2448d50998142
SHA1 271fdd2e3b48126fb31452aa38dc732b1cb5802f
SHA256 bc9da292668eac95923b61616e3044b4b93ed2b63c3c3913cf7dff83e398f63c
SHA512 e8eb343745fb0f740c8af774451f284061622e82e478852481fad8c67f9fe315cbbbda3dbda6a3c85eb85f7e9e8df762e0e6dd9756db947524a80328c6acde84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 755970bab2fd174903e0e076b42fb287
SHA1 60c680753a44e1975b4868137c8fa3a837b81e82
SHA256 219c89a371e7be10e6818e972939ab2b7200dfd88a663facfe048c25c8087263
SHA512 8723bfa14d2d6322c2e19973b6726404baf9d1c99654a2cddadc88d6885187d7a01bf1ef3b372e2a6d5ce7eb698ca4554f4bd79593adbcdd0b23fc530c171c1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fdce05cf489e2a1aafea5d6d08c78da3
SHA1 017e5413d19efc28a7c62edc65f4013d7f0beb64
SHA256 420f68b8bc5ee5f4fcbefc0ddefd815bf6fcb3b8801db63b6facc61fb3703ee3
SHA512 be5bfa0d555665da3e5b907b58503d8e9879dc5bd5f1d22113eccf20bceca23466293e7adc3246879377a746802c134ed486c3b694a22c8761d405787884b2d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4779fc1c6638e397da10c8bec9bc4b7d
SHA1 7e35c1572441cd008e0427be10d70647e2813fc8
SHA256 bb743ea9bc2d13299ee951aade3d3f2a646e116534862ec29e4edacba761c3c5
SHA512 3576043816dff542761019c245f0b269a6cfaa8e8763931cc1314db2d0c302026ae7a3b3db518802a79fe53ba2f0f00fbf531e5caf922406c0ae020445d6841b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a72b64ab69dd094b23ec117df9361dd6
SHA1 9cf584b73bd539a0888fa9999a4401d4f517a504
SHA256 ced7db8b68698f3c869a86adc90f6731e55cad525a925367b39675e8123a3ec2
SHA512 822e870c9c35a2bcf529a718ced147d27e526d8ec796962fb918a368d4cd7191cde031fb77024228f83a63b2c704f85d6a01cf664b5fb3dbbfc109dc1475c2ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f191cb067b3f192873a28194b07fd2db
SHA1 63dc852c84c59a1e9050d2d0d29f70e0da5df26a
SHA256 647a577d26c78aee2194bd552a5fbbad592339f07aa375b1a14f7e5a38496bae
SHA512 d5e97349dc58217f070da7f552912312f60404099e081549f4a8987e03af10f0a8b39fec2e83f03215757a68f2ff61fed44207777f7e6bbd8e5015a7877e7020

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da0e22e3ffdfcc97ae9d2694f0505373
SHA1 4885e0c4252d59dbd8b5f48d6e27942bcf4de854
SHA256 0a498d427448eefca28d9cb091d9891c483fa96de5ecc8994693b35a84df2f9d
SHA512 71b4449f8423723b6524a9134452ab92c46eb78c45d0ed9af85c33e5a97438391de598e959ad18aca99019002d9a83fec4843f92d7d287acaa489ab47f809a69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6c8c84eb7fcf3a37d9831fc76a0b043e
SHA1 c152642de799642899bedd4f4e731db1f9344026
SHA256 ccaef45db26940cff8b9ac096523147dc7bc637622f9f5308753d93cebbb625e
SHA512 d9e44d53c7356d832d5c0d0dfed8e54f3a4838167bd15d04908d868e10a72ce89279de9cde2737c0e97c4aebb158f70cd5a293fe89e78048f8cba91d5a2ef947

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49ed9d1c80340733b1d7245c7511dd27
SHA1 77a8a44f72336efbaae3e3cbac8c582af5cd4c24
SHA256 f75b59020b8a58c2101d41e9699c2130bf6fc2c9f83441752f6fb76bd7df26d1
SHA512 d89865bed1671ec3191b62916c6fda5a0b9ebd48964c9ef613531f5e1dacc15963eda74f2dd0026c4fe3ab55969d03fc6f6b1f59e11ed8b4fe1b67ed2e2f1810

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 525023224144bc076fa43df0a979758d
SHA1 4f66a18bab7e8fabb488db675ffd323562711487
SHA256 1fce08048ca180fab65a9be22d9b11c317ca4fb778254fb6f023dabee397d273
SHA512 3a3ddb6956cc413943a7a7eeeb973112f7c0145ff19461d699717ae997b0a3ca83f3dfc53ee707f86813e2991ad205009e9839dfe3e4080db5efc4489b755caf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 961d6631dc61eb9689dadaf5d280b0ab
SHA1 fb7a86d9e1873fddd512c0f7e5338fd5b83296e7
SHA256 eaacd05f9917ce4676d7f8f0aff2b83d1723375318ec5ea63d9b54fa962e102c
SHA512 b6f205c4e74f30a21feef5170b785333fb95208c7dfdae582770ba0e96c01ca3003941965b4b9a4598804eae3c85bb85511e7d02dbdd2717e046f698a385c5e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fbd8349b83348549605e895facacc5de
SHA1 e51841d3c4c3ab05b6e2f64f46e5ebcd3cb2a4a1
SHA256 692658d67a5b8ace3eb0879b211c15e8ebffce1ced7b992ee2b86fcbb31acc11
SHA512 33b4974055f46f5cdcc144584da130a42897ea9354b89e3e455f5b3468710568e397c5a46611782a992e737347b09aff65701428263017330712eac41e663baf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 54d2a70db2e5f6f17eb454efd9aa95f8
SHA1 ecf60243dbb167bf627e495d5f4d7112c01a56cc
SHA256 046815fba2ac99f15cb9cef737d146739133b10d93c24abbed30ff8493679ed9
SHA512 3c080b0cd8839c9e9f2bbe54e7de03a2ff8ee482b4d2eeb533ebfbaf21fe70b031329ff8c7910e17cbcba103b05e9f9743bcae2e4d15c3de912e7419bf5e9fa3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 248bd0225ed8c5bf03b1c4af4b5d11ab
SHA1 28f45006becf5ce2906b576defb9b10c923aecdf
SHA256 8b2aa5dfdf0a69f277dc6fa53b21ed1e49fd16fa647c72cb5160fa5b4e1702fa
SHA512 51762abe3645f1b8e7d13370fd002df0b198e95b7303e82162d9ee5f20dc019440dde416afd5d2b7b28c2e02e49874cd19e2502ec91c951462c3bcc609285bdd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1595cc5cdd45f5cbd010acf954777d5b
SHA1 aa5824161fc89b2b2fb015663dab0f83f511821e
SHA256 5c54a52adfe918e8764f1fd6b480479c5feb3315778227988057bab0a2a1f2f6
SHA512 67a984a33b37375d420d523b2ebf3f2f069f2449dcde98a8b15bec72b739440e9d9a943e57ac21c876ec87c5ac2c3139ebd2fa222e13054af24d48a9fa7b7248

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0dd57cbc33283658f1b02ab71c6d7c52
SHA1 fb33c40726e5be156504ad200574c48c38d43251
SHA256 ebef5cef36651cbf654aaca4805f0bc66c50b352bfb7f77b0dc34dbfc9be222d
SHA512 c41199a53d9443175b2c404848ae8343cead1b0275a19222274ecc668cb6be24df7f51e08c0aeec1cdb7172d6ebe005f8fb358481548fcf3f19a41d536f57be7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eabe9290cd6c1c7ea692c61637767782
SHA1 875ca5b66321ecc6ca8624f5c21e1cbbd1021032
SHA256 e9bbd9d9ff1324057e0bd65759f388a397a2290f1054d53dabf3b39dc5cc7c69
SHA512 620fa59096c4bb5c0d259c4f780f29a18454bb63eb1abb8df7643d65ab21c0891e5a59b7c78ca0eacea95b690855d4fdfa4d10a750c54537b2ec71d5e19502e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a8596cbb903f5d652db19aad2a03d32
SHA1 afe8b64044bc2f6e1cef6337d8f2e1b2401846f2
SHA256 5b10288dee51dbea6b985f329da6355033aeb7777a9c58aa73b3e9616a5b4e5f
SHA512 426217988c9c8007abb495e5a3305d625a64ce741a55de1f7acfaa9f1db5a6f8f8109c858ad7cc7a442890a5096e3e6b7451caa92ddd6d30480aed1787e33ff5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e3fcfcf24b774f3de427d46d63346961
SHA1 c3008fedc1f7fcbd5ca877c132137b158619ccac
SHA256 39cb724afb11773e0fba97c2daf260fe03a57eb5b6dad3d5b3444992f9d9dd84
SHA512 3056673ad0ea1d9da67ed15cf33b8bdc28f7044b2f6574a096c32c0d140505ede3e1f4eed2c777caa9d6503f78fb2ad5d861ba873f3106166822bdf22737427f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f96ea8bfafe19fa85a7928d38d848622
SHA1 d90fc5b0a4c20d7a24beb3c94dd6968ce07deb00
SHA256 f7f5f884e3f3c22bf81af6cef3ccc0fcb1981c3b46747d69f4c2733a267a7952
SHA512 140e7f344bde018f917afc3318504fe414f0e667a5de7e5bf5541701581fc8a02de87eafdb7ca4cc0a5cc193f715d7380964d727c786a39b520671c5f1d023ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5b6db4e8ae447bf75e68419ec07bfe05
SHA1 1b63a81c3483d35ec0d94a4b1fe98ac5935ebf24
SHA256 92edd607d6afa29201cac697effde9f5022da88616c7a9619ab0a0f8510b29a8
SHA512 b869adaaabfcbb3168d7ba32c06c639dbaabd053ea086d47af3de5855660b3ab8392b095e33e4efaab63b48db502962a0b296da07014331ec08843418ffc4d2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 65cfbeaf5390887ebfce0c69c5746d8b
SHA1 5cd3c871564c617cd974790549535c0837612e7d
SHA256 df2306c4a3a831c85ce3d08b0a9ed245da2631c1010f9499b7c421065a91b655
SHA512 5389e3e7c8ec2cc29e42435454b05c5eecebb9b3fa8c8acbf17ffdce4f5766b1ee9242b1a3dff4a998409452af3fcf8dfd63e4dda01438aaf8aeeaeb0bc5ebb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 14fdccaa68e121296c11d2550294196d
SHA1 6270f713ba6f3f2e5e58b95a77cac62d119fe38e
SHA256 66c40023b6689e7ef7d3cd0fa995dc7dcdc4c94113d58e451d51e22319a7d6fa
SHA512 bee2ae2d6d05d6f8a6b6b57a457f55ffad5c89e6d0090f7c394bd9ef0a109f290fc8fdb454fd05ba83d7b0d43db4e1ad358987e1460ac9d073528c13564212d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 64dc1640313e16a3c8faf23eca16d2eb
SHA1 8f04c6a142b1e711aba91bc31ece2c34c9c76892
SHA256 118090c053b6460d0bd081ab1cec8eb787a84ab1a79d8eaf6cfdf5bd361cb960
SHA512 69c136554cf04eb8fcf9acc0742e88023b8e32dd9686d7a75969be1cf32755d267739d3fa38793557c45c8eb9098793859c3e5928ffc0d5e8047c36d9ef15e40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b16edae8389e7ffb5f17e79976cb24c7
SHA1 1949e576e996f83cf748d14f86bddf1847aba490
SHA256 beb64aae2d674138e8ae4cb81419ebd4fddbfaeee4b70e3a9da6a94042aa5a8f
SHA512 6a92b7784012dc8a37615f4241ae5d851bfa3814454f42e923437c7b5ca2500bc82ae2a6c3e983f195cfa682544ce93d3b21e6f702a18a67d9034e7278488a2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 38e431c547b6410a69701c99605bbbba
SHA1 a45ce15eecf89ef1a529c0f724cd8ae6d6e968cf
SHA256 e96fd9573e85726140ca275c0912922611895586d9b89c27d57bcecb4c28ef8b
SHA512 31dd9950ada5e6e330e15dd994baa46304dc4062ca9871a6341fb7ba3b3f52ac772349b1e539cd4c6a2704a3fc93ca3a77e21d1d7d865eddae4f62d4e3f75ff3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80b8fb5da9822cfca5a0a9664cf174b8
SHA1 044acaf57d8a2a92b7512ceb67c5ce6a5dd36144
SHA256 f57fd9e3db5ca18d69484a5aaa61db83d73634c98e929ae570f590a01adb2f17
SHA512 1cb61a3aeedc51a15db861722ab8ade191e3bb3b3fffd7d3c160dca0c2bd9b78aa9492028487b1614e9ca18d40d4411071d0b2ba57c0b9a036a177f5fcf05752

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5025c3e6b676835b84c2cd65ef7e79e9
SHA1 bb082959d6f8b13f4e1917eba5bd5898c4b7f325
SHA256 e08e8bbb381a6b5cef0214188e9903deccf6a965f83886d23825b4b69b3b1d12
SHA512 d8f11a04968515e99ba17889b0d5fa0239726303bb731f68d459e472732abbc664176bbd2cbd2bf622560c20002adf6afb2a4c0731a563cd7d2bff878bc8ad44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0443892bb663ba81ba2fbf2008976e09
SHA1 399dc6773a661f085e5806489f0218ee84c98bba
SHA256 8a5d8d0a26bb662c285d2632f83c825490cbd7ce95804467b6a5fa90f6f8e623
SHA512 31feb8afc6f0f2f92fdb07739902e2d173040cdafc67f46843cf4c1c1ecc28b4388aa84c2ae716d2a21967a6dc54dcd746f77ac66e02f25c0f2b55d2a3e1118a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7efde059558a32f8540ee9ef1e835dc6
SHA1 89faee4b3e44fd275c270fc584c0fc20c4019606
SHA256 2738b60233f03d11ebe6124cf6f540af4b46c1e1503e0d929032e7f406d2a96e
SHA512 0bf6124fac91adf54e916d24092a7427825d0668606b9ecc544b77557aa9bf961756805cf09129e5f7298524e614480305d2c0e4b218a9209417ff8295b17dce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1f06b9ffd743058c355c3fa77b16989
SHA1 a358999e8af8b4dae29f1436a640223bcd439991
SHA256 71b777800448295f449168dda6ecd7b1c805f3c8512a5f3793fc96d4941085ea
SHA512 240da360e9688b93d5d7f4b43ad5aab2d040bb86a9fb4201d99b4c80d8fbb0bf770f8eb712c2843e56f486cd5f482fdba79a1574ee9fecb978e90e87780315b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22e17ab3838420ea70babe8834ebb4fc
SHA1 555f2c137011c644fc6ea5164928c1375635a751
SHA256 b3281579c2b9f527bdf9f1d3bb8642629cbf3c8a8fbffd3ed87c900e1dfdb443
SHA512 eb3544466031f1063c74227b2a14817d70e68175f5f5f070876f733a0f7ad149805352c733e9322baa4939eb0664ca03663d9e077c5658b2273c6e017b0ae0a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e3f4a12c9c26a210a37043d857bf0188
SHA1 6a3780a1c4eb76751eb6ee86a12addf69cd4b0f8
SHA256 912a2e81a599467681a7dc4fdc4760602cd258e0309623d3a86d6f7f745af3d6
SHA512 4f6e302319fbbc77117d46e71cb65df82cce3bb23081b5878177187e344f2130b22785dba2b82c9bffaea11a96da28db28ea1fadf02415b0c133997a8c3caaea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b7dc20da589fdbffd57ef39890719ff
SHA1 d38617d150e9178325058162fc1a95bb6c6dcf66
SHA256 f127ad1d01a7992cf6141c34055ae8a4b73a7efa2c9f71ffabf78e18163e34cf
SHA512 d5d698cd583fcd4b6bd173dbb15cb9346d056ee1976857e78bce8d57b59909c48bae3ae870f6960db0a31d5b25b3621ff21a1a615e8cc910221e7ad7ed58b4e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 59cf20276aa1d4f457a7d5123732f5e9
SHA1 f869db3ef000dc4d0fee9dfea3c6c554cec38c19
SHA256 eb1b2aa5bb43528528e1836a920c4138161b929f6ae9fe17727d0870b211af97
SHA512 f1c6ba3565beaf152aada343d29fbcb1fba16c82f1c7be74a312d3dd5cdf780cbeaae39ede050867f56d7b04b7aa257e0fdd5e08a2362fcf3f38c7da5a9a992d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 864ed3314be80f159b04cfc533117752
SHA1 6dcfcee3ac75610778fe619d372b187ecf11d48f
SHA256 0133797c31c2917976818dbb19998e61f7ba9c29a15d0b2577afdbbd4e906670
SHA512 0eb0e4c1f9d990b6663c81ba7ad63e3d7617fa5f8dd303efd7988b4984b4ab352fd1e7d17aab83bd122065c3854f554d4e4c4104e47c228c531efd66296751e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1cff89ce894502283fcb3b92f21195c6
SHA1 91c66b765023088f419a0a9d951bc63fd9730d23
SHA256 f88c3d8380ce51a3658020e955bd644628447f42ebfafd07e4cbecd9cbdd61b0
SHA512 31718f3685535f4cabce9c94cb4591e6252e6d65bc7a5061e1479fa03f3ba97773fdd5ae8c73f16034ed32f75f02cd8a3806134ab9ec200626925714565845fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f0185e9d7e45278fb5dcdc739dcb379e
SHA1 24a141cb056211fbc1d05d8812bdd7da8600a8ad
SHA256 5f6a193f044166f411a185b53a2ac74b1cd8fbbbe9440d09fb13b6e36addb392
SHA512 d520f6fee9464d6a0767468f4042123330b1a4a99e35a0eda59cdfef6cdf03a6099190ce55b176ad39262e04fdf4bfe154597184cf3ef26010deec35a8108ed0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b08acae98409ad9ba1fd1f4b571296c2
SHA1 3dbe282efe4b98b88eef59563cc30618a4f024b3
SHA256 d4410e0328ea1fa34739f6b5aa7a216874008722ecccbaeb6c73e1f0c99b2649
SHA512 f27c01ab8f369aa5487eacee1545314e1a84e5ac5421e4fc25cb1c35c5c770cc60b914ec20aff93c0ed18862533b4d828fe87563f6c77f4a8750e3ac639e7ab5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 597ff7899c1d858f7dc9d9ff735557bc
SHA1 469c9a69940f0748fb668011a7cd20ef0f0256da
SHA256 58b3b6f1fcbed6a3b6cdbb9d6809296d616c72ccf4bc8a9a57e4f16d434198f7
SHA512 17fcbf035dbb8dd3c26a1ef4e9cea00048d6f065a0ae44ad19596fd3cf3db2d0acb50ce0762a2c48fcf5659e0fcf9a7aa4a1a26b751e484e02ec3bbedd30e58b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ae7db46f12bb74192e3df474ba7bdd17
SHA1 a8b3b7c4ef9898e6e63e77f9b6ec8b9560e06515
SHA256 69b7e6d3983da37fb7d5e3973ee83a3bfc4fe542788d1b893615a223836991e3
SHA512 222e6e2dbd1fae3c8a5d1f7966543001a6824844789836e19015cc2d30064d21e70b2124010564c5b8d94b43697a2bff6584b66b30c76bb18366d5bc61e158d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d3e1ab5be6a5773741a3159fa5e9ff90
SHA1 a36a305098390c2b76386ea7283fb89e5a12620f
SHA256 8a049fef75af8f4b0b50ca647156cc8b0a711c4034e1aed0a329ce740488c959
SHA512 cee9ad3ff073872394a152ca8edfa2b3e212b4fb44250188a5f817cc58d838ee8ee3af07c00ef478bd552ecfbffb032357df5579d66e109270736b96b45980aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ca6f97539b3a1ad809f16392f60a812
SHA1 ebc3c2c65f8610ec04a76fb549c168b8e3953de1
SHA256 42fa14040f0c4a7e649daa5655ed60b9d4eb8f4656aa89158b321126fb968742
SHA512 23aaf107e54b170ac169ab4685bad5452c2d7fad6a205508ea16f11e8ef4b79d7a065684cf332ca0b65aa70a6b75a2a88979b5eb28f3018c1f38bd20fd24aa96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c824118f076cdbb88bfa3e565ae27146
SHA1 530bfe969a8ebc44b45a238ae770a6e2dbe468e1
SHA256 1f11b70451d50e55a3466f8e716cbc765a4b944868e6f67781bbd6a32f4d25cc
SHA512 1cc568d2afd5d49de95523cf8c4a38645e5783dac1ddb3efed9a876d78aa24ba3f11898eb1e53bdaba1145296d4149d6c2597da9367aa5c149789617d6f27b47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4f4719fa8f824c0a428cc0d54fd3f406
SHA1 056d54e68a0091fd6ead2913c03ea2f6283df2d1
SHA256 d36876b8f15462ce6bb7d136b73d44c908a0183e534b1389dd13215baf3cab9d
SHA512 c4e425a261971221743b00224bb85f57221c732f283cf51245689916a4b70172bf7fb333bddd2bdd200a3ae5f81e7cdb2c8a3d4fd7882a9c61764dd35c9c4a54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0717545e15cef1a1089317d0b171ab1c
SHA1 2109d6c25af4dc6bd2140b120390df6158c22f18
SHA256 96c7fdea7bf1cdb67f798165bd2c827fbdc8e6f08e0e803304ecfc0373f27ed5
SHA512 4ea024c5b7152910d9d7ac8cfb9db4ca48e3c23121873739c3c1ef9b2e96ef523d3fc59bc8a5108cdd51e82ab25c9a553b8bdc81375add42d73c5ecab834980b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c38a9d61df71802dbcb491f64b02c46b
SHA1 cc8cacfbb7c83fa0883c08c9b5f5c7ddf1a1db9d
SHA256 b1b16ffd5a08a0ddf0aa8db4064a6f01a3475500ee3a8e2891d10eedc862566d
SHA512 5c96dbbd57527e0cdbfcd3c8945d5da63bcbf58259c2c6046a6e8a0b79cb8a7a300046d9ef9f4a01a4f04773fdc06f7648e5917effd49bb407f9934e456ac8bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 93a2840d6041c44143448d1567eceaaa
SHA1 c7d0d7b2bd4fb789db39a64de513395e4a8057c4
SHA256 dd6e428f777b6d0429988933bad0f04380ba48955186f3542d20f7f48946e090
SHA512 1a4f40d48b730c425d9b10285282e0d6fb36ba71bffb20cfd40b9027b0f1da8f7a92ba9e69406417f80c19c812f0751fc96ddefd15adac961c5b8056f3cd47b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fce46e8047e62b9b21352b20d017c551
SHA1 447f19b759f47b5c22622b832f185fe0b90dd6e4
SHA256 05957b74a4d38d3ab0a82fbe49b441e0bcb7c43077b6a77a1468341898666706
SHA512 4729090c4eb81d8af8ba19fb0ed1fa5c854483d0ea727dfc66958794bc9f060947d0fd083acd74220c229e87c436c0a0b25b05ad0275a240920e49921108ff97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3dcf02cf356a1b7281b4965969fa637a
SHA1 e844b2cc04797638f48144352264373517923dbd
SHA256 ca42c46c77f4c4c489d34b10ed3c7d4ac207a1b9478161fe6f3f07f7d415abaa
SHA512 e089c09794541d7baa2217969e031dfde74e27a714ec74b757a8dc6bc0daac1a080a91712e3ceaa292668e306023f84f812c807bcbfc5b8b42e4097df5d1d791

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b6894075b391172e8e12b26a9561257f
SHA1 caba554bc4dfa9b4c7b3b074318efd1e8deb21d2
SHA256 cf0ded13b65fca30cedba292dc10b9feef558735de1a2df44c857628f63489e1
SHA512 e47437ec217d6b10039dec8165619014c8debae91ab803561a7115fdbfbf572df106e9e1ba7c04e037ade36444efed20dddd06bcc519833208ec67df8d672346

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b76fdb65b5432550b8e7bf0e4314d9a
SHA1 7c970d17f0f513c93ab241f5d98083109c27e1fe
SHA256 516ac8f88f67d9755219ba133cb2105603bdbadd7bde68f587b72d5b8ba8fe7f
SHA512 baf06e1e3ca4b5106bc1a810382e6b5a31ddc392d6f424d4f7ac391b4dde9b6e96aaf7df7288ba7c4886c87c7c52d38878b0df6e16f1594dab390cbfc5a3b479

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e8fef628338f417594f61c6fbffaa108
SHA1 d0a2b8c37aae4d34823c33a201da6860446926e9
SHA256 c57d1dac9721113cfd94cff92394f1dbf262dfd729b10e532cd4b2d938719181
SHA512 e3d3fc0b3124070ceaf436b3a6ddc6619f0704f81c51049849fc8785795bd5105402c147b1f49ba7347fbe8718ba894d9e4619fa92070ef34b2be9b8363bc4f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0f62f55c866c7e2183802cc4c86140ef
SHA1 32b5ccdff71a660f6cf2ee8def96c2faddcda479
SHA256 33eea59ef7c1b674f2abec9cd13db541076b3925eab5aece724464d3d3951a1c
SHA512 2a7986d4cf2caf2f3f8af019753f8778c711df32fd13f35d80899e543dd45163a72bf2187ebc0368b802fdae09dac61a6db5c24c99fd667e53460019c1a76b93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1eee78c4ee0ae0c34118daaa7784bdb4
SHA1 1a8b1dd3f3b78b791781b5645af1cebfb600838a
SHA256 e0ebade70467b4540dd1b3fd15c7284b9c557c261b1a708f4a3d16b4e416c265
SHA512 bc82dd7504668b3d993a093c6ec7522e7aaba6b8f44bf666145df203eb1307a290e0e8f4013b0475c256773058256420bfa971909d1a1d6cace8628cae1b4aa6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d1e1c0b543beec3dfc166f34701c4feb
SHA1 57fae0d829b7cf920294e170824fd70a414c0052
SHA256 82db26a364c1442824e5b159864e5a7781a9955107221d8ee7566c9c3830ede8
SHA512 0965a472a56e80ef5f2fd261fbb67a1bd17a854a61a99886ab3697697e0edf760c5291b3a8b717e25e05ecf2d2b110003163443cd869154b8ded361214255028

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4f3cf1e9b543c196ac0a6045b74860dd
SHA1 f78f65bb8c5d54947771bf376e675a8e56295ab7
SHA256 62b504aac773c5236d4db18f6f2bf8ca648f8bb9b0f0e2fe8bbb821744914089
SHA512 32df147bc2752b05611809eb1629955a65c06308982656c752b0a04ce4cb162d02a241a0a735011385ca89d12ba99be867f0afcbf10b21f784f4c7efff8dddee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2368ef3b69985804b67d3fd3c800c21a
SHA1 a4d9b4c2b2156f7949a425c474cf022a6326a84d
SHA256 4f74e7f278d387fff2fa527040e872152fca22f2bc6e4f99b493534bd1f43584
SHA512 f6f3c120a4f4a5346d299e4d816cf4621c1aa1563e87159af3b3ec0424ff72400eaa748770e9964b9bc414508efac296b18073909c1b0e412a3538c1e4906b8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a3c91b4fb49686932166cebca21e0b2
SHA1 b4e8b3cb6b17fc3ae08d105196e27c18fea8bff0
SHA256 b5f22d4ac92d814bdc0703cdf9526591691b3025c824a7c17968213d35139109
SHA512 f8c512a4db25c141d81cd39d0e4f14821c0c5c35c96f3e51851fa97b417d59bcda91275d79a725dec5fe83fa8d6ac26d095877da4afffbf3f7fbbf2e4ace2830

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f84b832d10ffca212516b1f71420f8fc
SHA1 8a783b5bb4818fa78663a056b26bf63ae14989dc
SHA256 897f7847cf3a2c65579660bab63dc47818386aabe5fea296e2eab02bc4d8a9d5
SHA512 fcb439bfcb5116f48d45a8e583411847fd1e0d6aebf734e7b8a6c45e7f08cea5712297877e32cb466eae3c6ced695110b15328b53e440fbaebfb5560a10a2654

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a6cb79421b4187462da210c42a7f6aeb
SHA1 76b715b1bd1c18b99fae3477a29be74da861f202
SHA256 286ff28a7cf2716ca472c162c97841ba6c6c5868f2fd6af1b866b8901cc3147d
SHA512 5fb57bf92a86bbd402655038c767937e7e50e279f2ad77691c08d2794f482a70631596cd73947dc6112b120b80c857c19fe4ffc02715d0b4762337f46ec407a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 38233f6f1a69fcaf46e8c9a0c6ebb690
SHA1 76b4126a8f0ae93044a572b3998d337ef2333506
SHA256 db347cb0a0045dd78ed450c0f79b8b3569b2f360a196dfa8e53290735d240fe2
SHA512 c3c9bc7ba8c8163989659ced7397f6c61f668718a316dbcb3c093ee5a59b360cc053f57e74497cc3888642cbdf5085e541003e6ea388a988d6d49c8265d32155

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 88ae1fa958094682c4bd727b1f401297
SHA1 c24d31148504502cc6b75aec0c3a78d232ad48f0
SHA256 fa3e474d143e38311615fd2e92a024ea7f4a4c5fb2176c158332704180388ea9
SHA512 14ec6ab76f10152031258cccb82630de3231a5eda163a64358cfcd2025cbbac3b0759c726184b1509be9f640141027fc899b8984658dde66f487184df10a9558

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aceea02228f1835fe74902e9fc8b3343
SHA1 ba01e822e45b7c89d68e905880de27611948ffca
SHA256 09ba12de8539d0fde1611d929ad7f0ae593d026fae8b6cbf8e255a336b20d196
SHA512 fe45585112d5cdca86f60b6b258542a83c10c695ce3aae894d59334211040b2ed6a6f3e15b96dfb4e6cf0ce08a374f8b4a585fe8ecf6a6ab5831b5e19838c73c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 74cab8ba3127593845b8e37524510177
SHA1 0cf2e6442a03d907c696b85ebdffc89ae272d930
SHA256 137fb96bb297d1e9105043fefe3b0409a6bbabe16bd37e12f30720acf9bb363d
SHA512 04325b1809c691f57530101f16150f7afd25f2e4114009bb8b37e004e60b3e98d9b47ebb96a3f0a625790571c9c5f1963c19dd91d2689982d7489c23ef49a065

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 86429417f38bd92a163f80558756419b
SHA1 3a28ea2225fca82ad89482bbcfb903a4285d5558
SHA256 efaf47b92dedbbd875d58f930fbe950110189f52a9c7118f45c41063f3be68b5
SHA512 0b0d16acea3587f781e66d423b3995f70c9d668ca0613dbe6716e9c345c01132961e03a59a36edf323aee5cc3ca42da4ebfc0a5e6f74ff84149d5dd6752db7cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f46f425d88bb7b241ea30b76b0952ba
SHA1 88f9dbb41a187ebd1d424389f033e2fe0ab11f46
SHA256 472202720f3ed8dc11772336cbc5a4e0d18f85be5c30950a4393c2265cc970c0
SHA512 73af74af6252f6e6cfb9ee011809ffdcf53854cbdde97ae3511e5f5f23403cb7bc35288c7ca8a2c90a21188499c36decfb82c42e957bd92685cb864bddd345a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2350f2cdd159a23d5b6546b42c38253a
SHA1 db5b9b50713fa8c5042ed4ad7466bee3dfeb9b11
SHA256 3a0e891c2b21aa8ccc3f3c6c3dfb423c27272d4be1eaea9a68bc731b29bff936
SHA512 b49ec6dca69696a68a0d641cf4056577a58ee6c7243c30b40c51a3cdbdbe99aff3a176fc5491cb9f20a45c81de044b55f06f103fabc5504e222c9c06ec51a6d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0ddec28453afb738e550aa0020268be4
SHA1 832407ebcb704b319e4beb254b20b66042178204
SHA256 2f2d9ce08a600993f1ab22357f9c4e26b3ba1bd35d9a729b2975b1f6bb04068b
SHA512 44eba2a5e27ab6c4d20e59595c9fb55ce2299e6fec7d8ca4e627026e425c8cd4d26666f3575097140d7f19f4428dfefffdbf2a678763b29cfc5537008ed26d0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 940b4e58db4589222d9d645da711c750
SHA1 e24925468e19b000df17d784eacce901d61b7e32
SHA256 915897acf234320ca3b2ff3dcf85732512f465ed2d45765b8437db03d1258036
SHA512 a2a18549ea1437e76a41a2dfdf9e4575c907518698630142446ce7c21402f3e85823e3b0ec99fc41e47276fe8984f4456da7e8b7a9f0a6d9a0235828e8a7007a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b571630bef6f97f95b0d3d1c8eca7315
SHA1 a9e6d9b0307605dfd96566b6b22ca9de743f2016
SHA256 5fd698b6d126a659d1f998485fa57866abc6a5eb6b0b1a3ed44c7e1526b23250
SHA512 e28c9fd19b74aa15617dc741b823a453ae88275e74dea00d51384202d79ccaa0f206b2b984f23d14598178f7ab13c766b9e42cd1e5a59b4c5636457810e81524

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e6bab9b89dc6ca3a7929f842b55d200
SHA1 e9523a696f0a0ef5a43fadf11872a15b556acf08
SHA256 b5ee8f1a18ae423d521e0c5a4bb19eef8a3426029c9881462762a93c6e0f62ad
SHA512 f27a3014d5325dca1624ebaab51afb076d9c361ccd53b648b076f96a4f78f42b51cafee2f35a3e6e543ac85ebc8c747e054cd1b22d89e330cfea4e1b6ef3bae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b496003b85144daa536796a31594f02e
SHA1 90ebc09656959bca87e6aa79ab6220fd0a72620d
SHA256 2005488000a809629107c25a3a3d98e6c04b0780b4baf215079609351891e2c5
SHA512 20697a8f0fe0c1394c774f806219442ba09c0fc0a3574fbff7dad2e0fb9c9b34ee9d53b76d411645d0e91010e83cfe49a9f44d889d8b7a999bca221e0b727a9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db5c83bf2474868577a12e365d27ce86
SHA1 011513e2abfa6378b753d91c6fbf54dd314114e7
SHA256 1bea4c408d41e0e2bb4ad6df76eebcf846901d8595c63ffcb68dbb80a41ca7d7
SHA512 b5480069cbc26c9a62eaa2ec7fa14c6486e4510d6b8d51d9a7d1d2cd86e3ca9fc0a5a70e160a51af302d3e62ccc6762428eeb99d4313cd7919af13cb8711a1c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 09117d278f46e94601d559da371012ba
SHA1 aec7cb4c2e37825ee11be6551e61b8cfe2350a80
SHA256 e94405b1b605124ea72dd8de2aa759b6a7efd50054a0035b8e65e485cb07e493
SHA512 c221ef9ade90d26906ab5065c9d20340ddd4b9552c784801c1b52896fdfa749700be5d5dc1a4fa1888485b71ed2e3aff7d1812ae261706ad7b0f87c4f60e5a16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 27fcd96bc82748992eb35d5c75363c76
SHA1 ecad731aeebad1eff32dc593c254830e491cea7e
SHA256 e90671742fc9529fb8c758306edd0fb2becbd1bbffb72982e18c548901decff2
SHA512 ef61fb76fdbbf5cf35126e400138e9dc443b722488c5d7b0d4e4869b4f2b072131719898ebbf9be26d133b763dd55ebe22343d3e2c5a0ab6b581ede03c06d959

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9aeef120dc6d1a247d528bee7ac64bd6
SHA1 c9e749f506e73ec4ea2966f93380c2ffc04995ef
SHA256 66ff4135860f6abd3a10dc5f389b332b3611841e644af0c62979f6e66b2cd48c
SHA512 3be42a4af479ed5ad8e248eb4d64446011c8523995fd207a653a3ecc191bc34f571b365970dddc35281b2855361e9278bf7af1e76cf28659aedc64aad5f012ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a9a7c5a975d87514cb5b33cc7e9a2f8e
SHA1 a445aef1ce568a822942fc302aea0e4e739986bd
SHA256 8feb1192e7119c546e7cad2c237e0273d0aa78503254305f9c0f8f261922037b
SHA512 f0bcc915ecff9ecc520e00a6123e1125e35cf289aaad37f44d93a928adb5421a03672f282bf735354d9757d7258a05050ca58138245847a247919eef91cb0507

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b4a35ce93adf01d0b646d302faeac1d2
SHA1 e5d188236d796bbf308cd61339eb892756494f2d
SHA256 ae0bd5db8f5eb410198ef56ae5abc279a73c680cf943530eeec9459bdbd8f72a
SHA512 7cea86f39142948420e7ebc3aef8f38f094e2c40d3b5ae3f8b59f09b29bc261ed4ab0ac4d6da719f59828940f447341c91994b887bda9e507fc6abd5485ee4b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 77f7810d41a31ad32c48761d1414e53a
SHA1 30996da75dec490226f23611a15578308cc86941
SHA256 7b004139878475968b58170fc667fe561c7ab73d4eb67ada646884af8ebb535a
SHA512 3c3bca859ad6ec909ce23192af2ad1f6be7228334c33d8e6c8aba361bf2c97fa05dc6c951d3dc310734ccab8a2a863c50bc96075c8c0d4f10b1342f19b5135d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 803b97b9c1558b6a81f4b30d53f0f110
SHA1 2525ec21eb88c5ee96348040492e5b7df0ed0767
SHA256 ed5815bc224c91e95e7399df442ac080e8c151e37d2322ea2f8d52498b1d52ec
SHA512 ff7492b6a277f042af7026fe323ece1438320c0f8d7cbd1378b639eb07dd5d7130b3a4ebbfff930d7ff36872e1158d9ab73283b5a02d7956a13a2ec9e715f4b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 48bd322f579531a1f9ddca070a261344
SHA1 e0c681bde5c880600d3bdcfdf20c8c37ec5db719
SHA256 34db35430a9c699243b8ee71cc3582533b22ba3751811b760e2355fa26bab280
SHA512 4bc4392e6eb79d18e26c91e58ecaa1531fd22ca941b7b7ed9ca9fa93f07d0400cb27864ec7f4fc00e648952b0857dbe9e6889132a2ab1be08b3cd3d7e8eab59d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 05a6dfcaf5caa15b0b98e6ac7688f90f
SHA1 05d759538e34470ec050542f5e15a9126a624b76
SHA256 8ae440d08b8e56783b7382dbf55207c34c7c745756aead122010563b7caa4140
SHA512 d2e7e0dd63171e534887018cb6b42f14aeb80077f4aa4c3e44bd3b39260c650d7297bd4e97ca460db5c5426cd6a867fbac666124cae31bc9cadb336de3df221d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f27fbe27e1c3794a59d67d67a4c8ac1c
SHA1 c7170542e7db775970a8d17be248b627e97e156c
SHA256 e734bd87ac24a4f69165851a26767d84ee2049ac65a813a64321fe43c4ad41d8
SHA512 d89c12e603a75140e75baa2a2d3aeba0111e7776af0eedddc0ac876a4fa75bbf44c7f1f6fd1a57ed8ad08b3ffb40d460299edc8379c575c45a1be679c726e015

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a8e36cceb576c1074299c06bd98cd40
SHA1 a2af039254ef27571777fbbfbb8f90071c5cda95
SHA256 88f74ed6e5b9f80c52ad96f29a940ae7a3df0f618cba7fa2353d894942953c01
SHA512 30145dcb51c069d000b39c340bf8c5ed0d366a05caf976a923b7d01ee7d9cfc012dd9cd3c5b454bec87889f43372dc5d7cae0882500feface1cc4cc33026d590

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cba7e57031dcf81287cfb6449317cd51
SHA1 14af95f2e797fc13e41167367528e164af611df9
SHA256 8b187f6aa1571b592a26913e2edb982b43f14d1b77a2f6bb512366177ce4d885
SHA512 7ff61c4e9740ecd0594a68a5bf69e813bfd09dd0bd2152b1bfeab94f7e097293393931b31a7e752a72ec119795d7d87c4c04b64049991aa7ebaa30506a20e5dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 600381762d8a3a05da919f5dc72bed7d
SHA1 3c6e247164788866697efba80584fabd09b36c50
SHA256 8518eadc0d61e1855d4adf3c9e18f3522e0488130049438ebd437c601b68abd3
SHA512 d2ee6a992f586c08cf938c9526cf1a952952a7ade75725cf1139da681aef6e9a7a1c69aa2ba85d6424ff4b58bf08a4b1c31c6b3acce9d99f9f56e9ae5831f7a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a3eaebda729d24dc869c0bbc0fdc597
SHA1 eb15c919900accc08a5f5da6281244f9858df93e
SHA256 564daa4d70f3c8a2582d2d39aef92f37d5ec123f5ac4935082fb238befa7cc6c
SHA512 f0325e12239c474c2a9b64e625cafc5fbd28beeeafef4a7faba76383dde68059b34856afddabe7d3ebb7251b72947c2772ca827aaa465bac2a0a714ae9ca252b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f7b54be719884c6dd7e7d023c2f4e59e
SHA1 704f3536a7e91d2b712b1bf39177893e92971df6
SHA256 ce85cf29f3e88d9a60183d40b8a76a9553725ce5d97e6909928a98752c9d8ece
SHA512 451523985e9357ee09699ffcf7c99179576019d8b8f22034b87ecbcbb681cb51012a85c0306dc6d086154a4c80152e80ff605cee8bec7d1c5652eb6ed34386f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 93364d8d82330d2c8ffc30a998380249
SHA1 e1b7944258ca3700649155e86a66e05533468d00
SHA256 86e355ed785d9a2582c5c875910179d0a6800b74719320bc7d13e8a44f4ad725
SHA512 b8e2cc96eeb45ca3172e297edbf78bb0b2f38817ed09bed95158b770a801ad50ef36b1c8b4ee83196e692a176d485ed086fb48df0bb985b0bce80332bde7ab8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 044145480cf1d283ddd7bbb42137b8fb
SHA1 6ce5a44e9635f841b6e6195e39add2ec709f3bce
SHA256 a9634431d18f322df3e2a4de4211b5b099d20a7c99bf2f6a9751c9a2efec3b4c
SHA512 a273ab6a26069ea8aae4364d357a363c62466ca411aa19bfaf614f90b8dbcc46a73a2015e2c93b522e57b31f02163e7f1f284ea2500d6119ce54bbecd9167a3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8b5d7842450013d27618825b7f190b5
SHA1 42fddf1c3f076e80610aeb6dc87d988c72023203
SHA256 fc3dcc7a2ed3f3a448adc3905b2c219032c5a38893f27462ff70ac273bfe14e0
SHA512 2ee58a287812010e3103dfd6bdcdee5a6777e4ffc4befee555cb10c1193dc46eae1dfafb9207a5a3136b51bfc2c110576d043d976cedc74938968c222606d2be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 298916f295ce736df59a49669bf706f1
SHA1 02d462e1214da2e57d565be518c8f33b98813f46
SHA256 7d177b568598413da1314458a3da855488a3e90ed4ae162cddd21f998964dcfd
SHA512 67655c1080fe9e188ac4760cbd486cfb0d3da5e883cfabdfe313783902803e246a38931323a77f727bb6869ec73db58a8b353199be920d22e53088dc4e176004

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c952804fa49ee88f3b7f80ae1de41af1
SHA1 99e682578cdb625f7cf4054c3c97664843c1f89c
SHA256 74a6043248160ece27d20134d482987f1d6998ef04b455b27fd959187af42055
SHA512 55cf6dee77cafd62217fcc205805ff1b710d5a5a9c93186d6375a7e030f76f1a27ddc16a14e11645c0a42ad73b4b64ddc2b85cbc688ed358db1ec68d4ee55547

Analysis: behavioral6

Detonation Overview

Submitted

2024-07-18 01:51

Reported

2024-07-18 02:45

Platform

ubuntu2004-amd64-20240611-en

Max time kernel

1799s

Max time network

1791s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself glxtest:disk$0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-/usr/libex N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo /usr/lib/firefox/firefox N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/online /usr/bin/nautilus N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/class /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/class /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/126 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/81 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/1833/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal-gtk N/A
File opened for reading /proc/self/fd/57 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/69 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/gnome-keyring-daemon N/A
File opened for reading /proc/1815/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1826/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/1801/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/128 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1837/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/task/1586/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1593/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1630/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfsd-trash N/A
File opened for reading /proc/self/fd/58 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/35 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/filesystems /usr/libexec/goa-identity-service N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/10 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/goa-daemon N/A
File opened for reading /proc/self/fd/71 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/36 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/99 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1742/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-permission-store N/A
File opened for reading /proc/self/task/1707/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/110 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1528/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1809/cgroup /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-afc-volume-monitor N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-goa-volume-monitor N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/cmdline /usr/libexec/dconf-service N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1/cgroup /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/self/fd/140 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1809/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/nautilus N/A
File opened for reading /proc/self/task/1652/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/tmpaddon /usr/lib/firefox/firefox N/A
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/lib/firefox/glxtest

[/usr/lib/firefox/glxtest -f 13]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20597 -prefMapSize 234708 -appDir /usr/lib/firefox/browser {a9ff7411-87c3-4b06-9b7f-e72f8da917d4} 1528 true socket]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/libexec/gvfsd

[/usr/libexec/gvfsd]

/usr/libexec/gvfsd-fuse

[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]

/usr/libexec/dconf-service

[/usr/libexec/dconf-service]

/usr/bin/nautilus

[/usr/bin/nautilus --gapplication-service]

/usr/libexec/gvfsd-trash

[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 20271 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {08d4fb9f-c45a-4359-81a8-ef043a668626} 1528 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 25456 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {c7acf97b-324c-451d-9761-e9ff41c37597} 1528 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 26979 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {8e5698fe-ca13-4e39-a37a-cec09c682d40} 1528 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -sandboxingKind 0 -prefsLen 27705 -prefMapSize 234708 -appDir /usr/lib/firefox/browser {4ccee13b-e1fd-4edd-80c1-94d160a00900} 1528 true utility]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 25780 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {583d9f39-b362-460f-b7ad-e3f03c11fba5} 1528 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 25780 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {f1e8910a-7eca-4621-aee4-8e26b9c5199d} 1528 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 6 -isForBrowser -prefsLen 25780 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {16bc9d7c-da77-41af-a42c-5cfb9ffe7f4d} 1528 true tab]

/usr/bin/gnome-keyring-daemon

[/usr/bin/gnome-keyring-daemon --start --foreground --components=secrets]

/usr/libexec/gvfs-udisks2-volume-monitor

[/usr/libexec/gvfs-udisks2-volume-monitor]

/usr/libexec/gvfs-afc-volume-monitor

[/usr/libexec/gvfs-afc-volume-monitor]

/usr/libexec/gvfs-mtp-volume-monitor

[/usr/libexec/gvfs-mtp-volume-monitor]

/usr/libexec/gvfs-gphoto2-volume-monitor

[/usr/libexec/gvfs-gphoto2-volume-monitor]

/usr/libexec/gvfs-goa-volume-monitor

[/usr/libexec/gvfs-goa-volume-monitor]

/usr/libexec/goa-daemon

[/usr/libexec/goa-daemon]

/usr/libexec/goa-identity-service

[/usr/libexec/goa-identity-service]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 172.66.47.98:443 webminer.pages.dev udp
US 34.117.188.166:443 contile.services.mozilla.com tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 34.117.188.166:443 spocs.getpocket.com udp
US 1.1.1.1:53 ad.a-ads.com udp
US 1.1.1.1:53 ad.a-ads.com udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
DE 213.239.209.209:443 ad.a-ads.com tcp
US 34.117.188.166:443 spocs.getpocket.com udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 static.a-ads.com udp
US 1.1.1.1:53 static.a-ads.com udp
US 1.1.1.1:53 ad.a-ads.com udp
DE 213.239.209.209:443 static.a-ads.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 miserable-kathye-nimotv-c35c0d21.koyeb.app udp
US 1.1.1.1:53 miserable-kathye-nimotv-c35c0d21.koyeb.app udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 172.67.24.44:443 miserable-kathye-nimotv-c35c0d21.koyeb.app tcp
US 44.242.121.21:443 shavar.services.mozilla.com tcp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 172.67.24.44:443 miserable-kathye-nimotv-c35c0d21.koyeb.app tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.18:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 miserable-kathye-nimotv-c35c0d21.koyeb.app udp
US 1.1.1.1:53 miserable-kathye-nimotv-c35c0d21.koyeb.app udp
US 172.67.24.44:443 miserable-kathye-nimotv-c35c0d21.koyeb.app tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.96:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.48:80 connectivity-check.ubuntu.com tcp

Files

/tmp/tmpaddon

MD5 30082ae40dc48af6343db2fd22cfc645
SHA1 3eb577555ee638e8beb01173e8f29e172747a728
SHA256 85d4b95f9b2075daee9b0e64bce8d9d7343d0dda10e6072d7f9485a68472ee76
SHA512 53a58bfb4c8124ad4f7655b99bfdea290033a085e0796b19245b33b91c0948fdac9f0c3e817130b352493a65d9a7a0fc8a7c1eedc618cdaa2b4580734a11cd9c

Analysis: behavioral8

Detonation Overview

Submitted

2024-07-18 01:51

Reported

2024-07-18 02:45

Platform

ubuntu2404-amd64-20240523-en

Max time kernel

0s

Max time network

568s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself pool-spawner N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself dconf worker N/A N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/kernel/security/apparmor/features/query /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/signal /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/caps /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/ipc /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/mount /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/network /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/namespaces /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/rlimit /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/policy /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/ptrace /snap/bin/firefox N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /usr/lib/snapd/snap-seccomp N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/domain /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/file /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/io_uring /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/network_v8 /snap/bin/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/sys/kernel/seccomp/actions_avail /snap/bin/firefox N/A
File opened for reading /proc/sys/kernel/random/uuid /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/mountinfo /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/mounts /snap/bin/firefox N/A
File opened for reading /proc/cmdline /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/cgroups /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2522/cgroup /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/https; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/bin/xdg-settings

[xdg-settings get default-web-browser]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/http; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/gsettings

[gsettings get org.gnome.shell favorite-apps]

/usr/bin/grep

[grep -q 'firefox.desktop']

/usr/bin/gsettings

[gsettings get com.canonical.Unity.Launcher favorites]

/usr/bin/grep

[grep -q 'application://firefox.desktop']

/usr/bin/gsettings

[gsettings get org.mate.panel object-id-list]

/usr/bin/which

[which qdbus]

/snap/bin/firefox

[/snap/bin/firefox https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/lib/snapd/snap-seccomp

[/usr/lib/snapd/snap-seccomp version-info]

/usr/lib/snapd/snap-confine

[/usr/lib/snapd/snap-confine --base core22 snap.firefox.firefox /usr/lib/snapd/snap-exec firefox https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 webminer.pages.dev udp
US 8.8.8.8:53 webminer.pages.dev udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 8.8.8.8:53 detectportal.firefox.com udp
US 8.8.8.8:53 detectportal.firefox.com udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozorg.moz.works udp
US 8.8.8.8:53 r10.o.lencr.org udp
US 8.8.8.8:53 r10.o.lencr.org udp
GB 92.123.143.185:80 r10.o.lencr.org tcp
US 8.8.8.8:53 r11.o.lencr.org udp
US 8.8.8.8:53 r11.o.lencr.org udp
GB 92.123.143.169:80 r11.o.lencr.org tcp
GB 92.123.143.169:80 r11.o.lencr.org tcp
GB 92.123.143.169:80 r11.o.lencr.org tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 172.66.44.158:443 webminer.pages.dev udp
US 34.117.188.166:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 35.190.72.216:443 location.services.mozilla.com udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 8.8.8.8:53 ad.a-ads.com udp
US 8.8.8.8:53 ad.a-ads.com udp
DE 144.76.38.164:443 ad.a-ads.com tcp
US 34.117.188.166:443 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 static.a-ads.com udp
US 8.8.8.8:53 static.a-ads.com udp
US 8.8.8.8:53 ad.a-ads.com udp
DE 188.40.69.138:443 static.a-ads.com tcp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
GB 216.58.201.99:80 o.pki.goog tcp
GB 216.58.201.99:80 o.pki.goog tcp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 normandy-cdn.services.mozilla.com udp
US 44.238.192.228:443 shavar.services.mozilla.com tcp
US 35.201.103.21:443 normandy.cdn.mozilla.net tcp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 incoming.telemetry.mozilla.org udp
US 8.8.8.8:53 incoming.telemetry.mozilla.org udp
US 8.8.8.8:53 classify-client.services.mozilla.com udp
US 8.8.8.8:53 classify-client.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 8.8.8.8:53 prod-classifyclient.normandy.prod.cloudops.mozgcp.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 34.98.75.36:443 classify-client.services.mozilla.com tcp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 miserable-kathye-nimotv-c35c0d21.koyeb.app udp
US 8.8.8.8:53 miserable-kathye-nimotv-c35c0d21.koyeb.app udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 104.22.78.190:443 miserable-kathye-nimotv-c35c0d21.koyeb.app tcp
US 104.22.79.190:443 miserable-kathye-nimotv-c35c0d21.koyeb.app tcp
US 104.22.78.190:443 miserable-kathye-nimotv-c35c0d21.koyeb.app tcp
US 104.22.78.190:443 miserable-kathye-nimotv-c35c0d21.koyeb.app tcp
US 34.107.243.93:443 push.services.mozilla.com udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 8.8.8.8:53 uk.hotels.com udp
US 8.8.8.8:53 uk.hotels.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 104.22.78.190:443 miserable-kathye-nimotv-c35c0d21.koyeb.app udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 104.22.79.190:443 miserable-kathye-nimotv-c35c0d21.koyeb.app udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 1.1.1.1:53 www.reddit.com udp
US 1.1.1.1:53 www.reddit.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 reddit.map.fastly.net udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 gtm-uk.www.bbc.co.uk.pri.bbc.co.uk udp
US 1.1.1.1:53 www.mozorg.moz.works udp
US 1.1.1.1:53 r10.o.lencr.org udp
US 1.1.1.1:53 r10.o.lencr.org udp
US 1.1.1.1:53 www.ebay.co.uk udp
GB 143.204.72.186:443 www.mozilla.org tcp
GB 143.204.72.186:443 www.mozilla.org tcp
US 1.1.1.1:53 e11847.a.akamaiedge.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 r10.o.lencr.org udp
US 1.1.1.1:53 r10.o.lencr.org udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 www.mozorg.moz.works udp
US 1.1.1.1:53 www.theguardian.com udp
US 1.1.1.1:53 www.theguardian.com udp
US 1.1.1.1:53 www.bbcgoodfood.com udp
US 1.1.1.1:53 www.bbcgoodfood.com udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 immediate.map.fastly.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 1.1.1.1:53 fp2e7a.wpc.phicdn.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.youtube.com udp
US 8.8.8.8:53 detectportal.firefox.com udp
US 8.8.8.8:53 prod.detectportal.prod.cloudops.mozgcp.net udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 img-getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 img-prod.pocket.prod.cloudops.mozgcp.net udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 8.8.8.8:53 r10.o.lencr.org udp
US 8.8.8.8:53 r10.o.lencr.org udp
GB 92.123.143.169:80 r10.o.lencr.org tcp
GB 92.123.143.169:80 r10.o.lencr.org tcp
GB 92.123.143.169:80 r10.o.lencr.org tcp
US 8.8.8.8:53 www.huffpost.com udp
US 8.8.8.8:53 www.fastcompany.com udp
US 8.8.8.8:53 www.fastcompany.com udp
US 8.8.8.8:53 buzzfeed2.map.fastly.net udp
US 8.8.8.8:53 mansueto.map.fastly.net udp
US 8.8.8.8:53 www.standard.co.uk udp
US 8.8.8.8:53 www.standard.co.uk udp
US 8.8.8.8:53 www.wired.com udp
US 8.8.8.8:53 www.wired.com udp
US 8.8.8.8:53 www.harpersbazaar.com udp
US 8.8.8.8:53 www.harpersbazaar.com udp
US 8.8.8.8:53 www.npr.org udp
US 8.8.8.8:53 hearst-hdm.map.fastly.net udp
US 8.8.8.8:53 e103193.dsca.akamaiedge.net udp
US 8.8.8.8:53 www.scientificamerican.com udp
US 8.8.8.8:53 www.scientificamerican.com udp
US 8.8.8.8:53 www.theatlantic.com udp
US 8.8.8.8:53 www.theatlantic.com udp
US 8.8.8.8:53 na-eu.atlanticmedia.map.fastly.net udp
US 8.8.8.8:53 m2.shared.global.fastly.net udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 www.ft.com udp
US 8.8.8.8:53 www.ft.com udp
US 8.8.8.8:53 inews.co.uk udp
US 8.8.8.8:53 inews.co.uk udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 financial-times-tls13-0rtt.map.fastly.net udp
US 8.8.8.8:53 fp2e7a.wpc.phicdn.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 www.popsci.com udp
US 8.8.8.8:53 www.popsci.com udp
US 8.8.8.8:53 arstechnica.com udp
US 8.8.8.8:53 arstechnica.com udp
US 8.8.8.8:53 www.esquire.com udp
US 8.8.8.8:53 www.esquire.com udp
US 8.8.8.8:53 hearst-hdm.map.fastly.net udp
US 8.8.8.8:53 www.cntraveler.com udp
US 8.8.8.8:53 www.cntraveler.com udp
US 8.8.8.8:53 services.addons.mozilla.org udp
US 8.8.8.8:53 services.addons.mozilla.org udp
GB 18.172.89.125:443 services.addons.mozilla.org tcp
US 8.8.8.8:53 versioncheck-bg.addons.mozilla.org udp
US 8.8.8.8:53 versioncheck-bg.addons.mozilla.org udp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org tcp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org udp
US 8.8.8.8:53 addons.mozilla.org udp
US 8.8.8.8:53 addons.mozilla.org udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
GB 18.165.160.118:443 addons.mozilla.org tcp
US 8.8.8.8:53 safebrowsing.googleapis.com udp
US 8.8.8.8:53 safebrowsing.googleapis.com udp
GB 216.58.201.106:443 safebrowsing.googleapis.com tcp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
GB 216.58.201.99:80 o.pki.goog tcp
GB 216.58.201.106:443 safebrowsing.googleapis.com udp
US 8.8.8.8:53 detectportal.firefox.com udp
US 8.8.8.8:53 detectportal.firefox.com udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.58:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 91.189.91.42:443 canonical-bos01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.58:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
GB 185.125.190.28:443 canonical-lgw01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 8.8.8.8:53 _http._tcp.se.archive.ubuntu.com udp
US 8.8.8.8:53 _http._tcp.security.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
US 91.189.91.81:80 security.ubuntu.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.58:443 api.snapcraft.io tcp
SE 194.71.11.173:80 se.archive.ubuntu.com tcp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-07-18 01:51

Reported

2024-07-18 02:43

Platform

win11-20240709-en

Max time kernel

1799s

Max time network

1797s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133657424539255981" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4404 wrote to memory of 996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4404 wrote to memory of 4216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffd697cc40,0x7fffd697cc4c,0x7fffd697cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1936,i,16972189682302547984,5572948564759044136,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=1932 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1728,i,16972189682302547984,5572948564759044136,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2064 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1792,i,16972189682302547984,5572948564759044136,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2364 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3056,i,16972189682302547984,5572948564759044136,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3064,i,16972189682302547984,5572948564759044136,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3120 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4052,i,16972189682302547984,5572948564759044136,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4392 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5008,i,16972189682302547984,5572948564759044136,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5040 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4544,i,16972189682302547984,5572948564759044136,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4588 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev udp
DE 78.46.174.169:443 ad.a-ads.com tcp
US 8.8.8.8:53 static.a-ads.com udp
DE 78.46.32.91:443 static.a-ads.com tcp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
GB 142.250.200.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 44.24.67.172.in-addr.arpa udp
US 8.8.8.8:53 91.32.46.78.in-addr.arpa udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
IE 52.111.236.21:443 tcp

Files

\??\pipe\crashpad_4404_GGKSNKCEKVHOJPQG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\46734283-7223-491e-a0bc-ecd51e819ae1.tmp

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 05dc462344b7fa1b1eac0caa23f7ec2e
SHA1 22a158b1ad57810f680c8d745780391c1b8ffe65
SHA256 62e48b46b34bea24170b8066f2e7d994cedb879de78ff7a373b11f579cf26100
SHA512 c6466d24ad15db63ae7f68b85aa007e0295c4b24e8cebf5b941259a6886742d747e4dd2a4fe000bd3ffb7cb0746027b7ca78fdf4d3450c8959d08b25accba231

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bab8149338459218cf2e969b26ff99c5
SHA1 d4f36d0bba5b934cac421bbdf599cdd9b648026d
SHA256 8d5bce864d8dc2ac8b89d3a9f92185f79c55bccff622b571db5346688dc3b6aa
SHA512 f24faac33648a16ad5b325c3081d6360203c98b171d05fcc5f8f5ae3ec1543be90467546dc9415fa87ef539594182ba0b6d71a9260bde24af330190a1f52d814

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6564aa2381b191823b1fea6be7d7df0f
SHA1 23339274a828756b1f57b751baa08ddd72fb532a
SHA256 e252971c1410cae2d469219fbd3a0449ec2824987bb26e8c864c3168eb0dc2ea
SHA512 a633c4e225fcb933adeb675bbde232f989d9dfbdec040f4f37821ed8bcc4013ec7f335e5714d706e9ae888a3f2e3d5678e1c828fd916da2c662e15e796306f66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c9dbc404e9d2dd05fa6b0e8965d2a899
SHA1 752b3c81edb9ca9b197a6582647e7407d72758d1
SHA256 d383f35c68191364e6a966c4f9e5ff3bcfe47f0dd5a9c9dbc3e0916d8e3802d1
SHA512 46294ffc0ac98bf1bccb39e6d5adf5a49677e1a88a7b7e809c62a1812be11b1e17df6441fe7f413f3277bee80d6bd27df1d5274c1d3c64e83799667ec7d38fa5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a707ba00963a286b34b6ac8ac6320746
SHA1 ff7b936bdc04242ed8ecba85ff70c4289138ae01
SHA256 ea4722aaf0e015284a84e144893370e48fd05711a51b7ee5a8afc0b57f7663aa
SHA512 8bfc565a36bcce75a0cad56cc1c856b642ce4ef59d48a668ff5e71553bf7b044e4b59f37dfdfa9bff52ab1a89140cf4f87d87c4a678e74f8254d33a7f92c9a32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 2b80dbf894810f5ba2de72da373d52cd
SHA1 c246826cb893748f670623347c0be1cd3864fc36
SHA256 707902ea64ced6fcd3f2c9d8f910f3fab07c3abe7421a30a3e6c4ac6684216b5
SHA512 bb4014980334d6b79bbc0371dea4daf49ecf81d5721ea3e017801d3ccd13e61b0dee870147f5652082969a91f5783c24d8d96b8478ffaf89dc8040f28205016f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ef1e4d45fe216c09573864b4310088d3
SHA1 610e67d5b2fa6bb92bc01ed84669d00b1248a13a
SHA256 85d09ab40a67b094fb158c588cc84a339107dbf2cf89d1fcaa7891386104564a
SHA512 74cd3ecaf36e26d3b049ad1827101998a8a43d6974307c7a9bbd96a369752444bb45980dcd453ac53dec11d3fb27b9e2d6233db44d1ff40a8b36c0f994ecfba8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1dea751e44bd024e538cf84bd0b93d69
SHA1 ee658b882c66b2aa31d8c0e31c8df6fc62d58813
SHA256 16c5e1a5c985cd6b7fe25fd3fd76f28bd6fbc9a5fb2f16bd46e695021b459712
SHA512 9c6a0c64b19277e5de5221556fc034c2563072de2730e3d15093433403a211270a43a6a00bfcdaaafaa9817f7b5d6bbd5e56121061e80f132437cbe62df00419

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6bf3a4c124ac8fedf0eb9256a54d79aa
SHA1 57b734faa3a765b9eb4ff47dcaaca6aa28f8eeac
SHA256 014b6267eb72938c6885f8a9936712856c8740fba54280907794fc7322ad94a1
SHA512 d234b8968b0983f7bdb0a50181cd90b2b63863ce7c52161039e46dadf6299614408dde89a86ef4bde13162134e50930b5b570acd66824647874f20afcd0a72aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8cdd75f87b7da6e2f60f3c68378a485f
SHA1 bc42c312300cf70fda36424cb57d5df02c910e96
SHA256 1aee64cc6df963e8aa1eac6117051d8a2c906e19acae667ea544cc55625e6177
SHA512 33b41e67a8318a9817bf0afd63f58a985e5bb3142e575e5d46fa645e81cd6b79e4adff623419c9c145d685a99dc77b191ef0633ac8b5a326e7ba3f43972312e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d8b77a3b7513187f8f78f77c8de33295
SHA1 acba2f383b161f44817656d119ffbca0cd7e35f3
SHA256 16386f5d6aabfe2f1642a613c8905178b1267692096dc046f131633fe7b17130
SHA512 fad052f770808a24017fa1b0d22edf68e38a854e9c88b4f22c6a97090f4b958e6397874fc8602782e23ec9c662f2d8af24eec8155a459fea72c7208172331e1b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af0e54491ffb70a3d1983117f9e89f52
SHA1 a13650e1c8b9d12a0e96d226540e005b40ee739b
SHA256 b70b0dd8a454df2a69f4b11bd601c37cb3337b8244af02c1126a69f9b1fe1a52
SHA512 e0131e7d4e5c9d3ee8d816359570cee3fb089ac811fc86b7f4db39f3740f6308e6d35a64251affd3532ca360d4ea4922a186e17d8d6e7dc352f651d0a59c078f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 42b1de687764fab8c9af7e386f075737
SHA1 c473e521c83add7b254e7aedd545e88e0f22a519
SHA256 5e6b3cca8f8e6e8ace8552186053f169ff10f518cbb93b1a19cd42094c6e2883
SHA512 f0f8818ffedfe31eff144bdccee43e6ab1adf7673d810b8d2abb930b15db8aaac3f739f6710c38e5596f2b6e6990c64c2c01b3917b2ca011735f5a2bf21c7635

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a5834c065e3e95b7c38f043763c5d8d
SHA1 13ef4f9d6d4d1c2acf890bc5c60a6ac0903d3d08
SHA256 5d2ebf53d277790d8805730bcf69140d6c523284f04a2db27f212e9460339299
SHA512 e666a8556b2969f5b4d7d18690ee54115808526aebb41e215dbf1883d0ae6c45646c0a84297d6b77315065a7ac076a5b8f714f313f8a073d8d30acb0d0fd8d83

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a911b7529779d2e3d6f5f05d5ebf724d
SHA1 816796020cc76405049da819a352bf0d159f52f1
SHA256 066a45741832bd61cff14660a7abdd5279554a2f99762b801eef864870083da2
SHA512 04d8a9215a6742fa674fd5963a9ca04d7f476dd42aa265e50af108b92842344793c5f632fe879fdb1ebe701475f5d0c7a22ee47322d4d90e72c97d94eddb9b33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e420221dbb2b032ded8b6fe7d851685c
SHA1 dc58c74db5b5034b15e92d10eb1369f1656335cb
SHA256 32b6d0c26c18f9afdadba831680a29a5834cdd9d155b776ec9e5255e42bdc78a
SHA512 61253e5a173694d48ff2760439e01f12554bd6be64d2a45ee6c61d678f011b010b6fb83f6d5cd2a0fe4afb9dbe744eccf8b8da526d4ab793a494835a26e03ee2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 751bef8a2cb3ca6fc32bf968491331b3
SHA1 7d8c9a0c57c57b6654350aa32582e3629f654cae
SHA256 7638064b0558141c0ef51133d272365677da2490e71928d20fb3525ee0e92312
SHA512 06e17454d2517d8d4ff657a17fcb02e78a4c148faf9e045a7a0c45eaa2004caa509909b7b3cb41d87f4b71da4be08fbf60c6ce9a24ef20f07a7dca0021188257

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f6d72998a21ddb66b68f6fd940f2b563
SHA1 260f0374e2bb55ccdc7fbe1d63789e45288b6cff
SHA256 e67b77857b730bb043419c53d4813b761fa64de3873034f52f6bfd7b97e16c13
SHA512 7f35795ae2dbeec5523d71c475c5bd7893164f5c5acad4883e14591ee29a207536b8790b9ad551756f9eac7e6dc72b05f931935e77e2621b5dde839b9cbb7837

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7b0d82e8e1fc03831c2af9901beb8b2b
SHA1 eabb6ab062a9dbafc7f7eb5f0dcc84289858989a
SHA256 0430a05dda75057adec54a0c027e03a1b80c09aa9d5f3a4dca5b2cf3ceb0af63
SHA512 17c14f39b20f5c5217617ddd32940b434276a2008fbb48d67ace5be4709540b5863d46e246011525181c24333b2be920f699b741c2ec2426d628c6b60b620628

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 617ada59259cb6047383c4248bb63a86
SHA1 72e802653f1242b16af24f63eebb84811b71e973
SHA256 3ac660e1ef204ff6ea8a21c8c66e05e40bbb73ba597553687bc139a3aac1eb50
SHA512 32ab3f59923f3159680a9df2373c05afb96cda9c5defd3b80cf72fff820cc6fc41e864de6db01ad44936e9fa535e590e8c912d5d02a6c3b67edc0253e46b9b53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fcf185e77c669689804c0f572bf5874c
SHA1 dff32bb9f2c985f2f5bf3cef1006a74a46f73d83
SHA256 9653cfd6c6e380a40f32f39aa10040f21fb74f974acba3ba7d0743c5e18326b2
SHA512 42fb9a68cfefa680735b31c485be20eb58cb98c53239acd8f43a9104ab0b45389139f33618ab9718f93f7c621ed2255c870bba33ea30db57c6296baec1d3f885

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f9cff7dc5332d6363c9da95ab3cc5fa7
SHA1 127b1087537e2a5990455ef16c95c9ec4d309f04
SHA256 87ceb978c3baf126883fde437ccacdea526d44348fb74521d82f11406f91e1e1
SHA512 cc9be68a261089a16c548aa0529147f6967f4522cd04254ad6aea00c3b93cb3b38880c230da0b72c6fa0d8eba24d06d4d2e91b0e8c96ac6c2ebe981651265dd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f7f6ecf1046e02ca4d2d6f60ad227f78
SHA1 3639351646f1eb96ecfbed4bd70bcfc82169a2f0
SHA256 376d0a8dba773a635ee498f9ad763bc047768fd383cf50d681e42ddb327f1f4a
SHA512 ae9c9860d22c764ce6711a10b4988aebbaa8e8d00dd114d9723bf090223b7f89aa9537537d9db778469a092a05471f9402e93844316976e77f9ab86a5e609a62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 394b9584a3d174685040c97b3b625f4b
SHA1 d1c240c78e8ddaf262197846cd3a4fac0c9ed2b3
SHA256 b7871a665fbff2087bd3ed0a29d6421a29c7f57c3c2cd19d7c7aacc8aa2ca754
SHA512 851ca6cd6f018c73a2618ace21b82d1a6a6f3b34d5930baf6abaea21092b5c148670aca1389d8ada41afaad171e0caeb7708593e9639a1ff93a9131be4c3ae4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e8ead2d2bdef8016aba3afdcfde97456
SHA1 664e57c6760bbfac24f23df9631dc6cc36ff1217
SHA256 ace1ee7c7245aa85fd516c8c5762e70dff1ae882260fe64d843c6496f4329583
SHA512 5ea3efb3b8360aaf1e213d3c3ae805f4204a6eef32bf370108a8afea93366e7ae927343db9876dd932e63496c88adcf48b076264f6bfc32271bb94b72ad75843

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f45b96dde7c3fa3ef32f4b7f1dba91b
SHA1 8304a07794837a84ea54684214db3c3709e7e905
SHA256 ace2829f3f393ae9f8bc7c0599b9c6c6fcd6f70ecb76148bfc5dc253f9a27cca
SHA512 e0f317767e620e0b4b0a92d4feba4a7a87d114ce6f144c9585b773548816b113b45471e9edb098b0d9f0dba3e58b9ad1324f91e99719c93208878f837925b1ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e62af7b7f2bc2dd2b2ac643cc6ff156
SHA1 ad988b420f07925470457918a3eebf6d425f42a2
SHA256 445e014aaae84533d8e533fd8616b34c51c03ddda3dffd3b355d1f6aa73b7f44
SHA512 7a576f2c45657397f69eef60170cc979cec580127fca67d7c37dd2e625cdccdb8e375d36b43f1fa19ad912e7876fba26be8616b2a24adfcfd75699f9637573b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4980bef33e70a0507601430a84e25b30
SHA1 a6736711761febe4d2dc3c0af6f37b3c2fd89320
SHA256 b5cb4d8b4bd4339bdfb5595adcd6a9d0b7af57e5ae874052614b8070ab29638b
SHA512 4cb32ba3b1d73b8e59225113aa87e676cbde549e124c729448629afde767c2f65941230774a9a550e8989e69a4114c9c572ec5286b182d9d330cc61d98ebe5b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c63b49161abce5d2aef03e676c2d5ba3
SHA1 00ceb9bf2301430599278b7b1342511eaa358513
SHA256 6d2ddbacdc7fa64d866882847c99d18ec0bbb2c6dfefaa28ce3a2119e5da85d7
SHA512 4e7bf6f9af680074a517dd381bb6c2805f6ff427d4dda466c8eb2efd865a023c54d5582f92069c9a6ab94c355711b0ffd839e64a4880b1b1a1de7ac174e04f69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b3ce3edbe82cf5cdd766b80d0ae8b9b3
SHA1 fe033654f6031cf94e4c1db7b59b255aa459d79e
SHA256 9ce64b413a06c9493756053968d3e48f58d48f614d4fa1ae0575e28e8eacfc9a
SHA512 0634f61546ebd9e70bd4ac7a32ff53d76e4b7c65fafd89e897e3f4dc1b091044801298b9306f78e83a87ed1e2e7961d01bf3dc6c0556fb7cd11f8569cf9b0865

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5a72d19fc6978032b0680d08b99c6eeb
SHA1 a6e77b62351f050c20260cb22c7a517ad9f49375
SHA256 85d8bf8bc38046451777d12cc5120cc5ef1efb3c2a9b3695f15a960e123ade3d
SHA512 ff760694b97d1be13eac23f3f3e89e6a737af4a9286eeba55d350a715d22e6a500f09b07b10fff1353539c032e41b2b2f450477a184ee8413e3444d745f1eaca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2efab5ab271762b2e97fac6f1fa4ae40
SHA1 3ff2e6a2a87020420f913724f6fde7ac2e2f5a25
SHA256 450110a5a43d2a31dacf170e56c294513d4abc5554c1032e73e184df329b1904
SHA512 4d9b8eb26dbab67bf2860d8528d2e986c043c75bdff2268496812d809da42c2f3e599c8432d581beeaca50bb585e80295afa9d7ad9ac034610683874a87cf7a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55f7a629c937cdd2c8335da060825994
SHA1 d5ad18d00bed3454c9a7de1515eed6a56f90d93e
SHA256 1be3507a90ab6134aeb976a8b114c909c72af86a1c72d6efb36fcda7a1f3d438
SHA512 dc4cfd566262ababbb648d1c6d6815b2beed4882ff7f1440242b7832fb0a421685c6fc3e3f5ea7f1c4a5262ac1f59dda670538490223f0e3868b293ded899722

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c545cf9d72bb01b2c5a15fbee300796e
SHA1 68ce68bc77f4c9196aadb744aef32e4bec36adb7
SHA256 3c910d68fab884660e0ec2b9c0703cbb98afc57896b260c866b99f7b9ab344e2
SHA512 43877e25d5c99e6c08fefdc09fac40da8b28b3d28d852c3a506d058c1c8b5b247f1720ec22c08fcc2cff80e94489247477a4533604afb7d290f90a18111757af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f06b92a8c03dcc7010d3f1c29d1a8a3
SHA1 3e99c723b055c68123c1aa52ec63fe4d63f8adef
SHA256 c0a7c3999aebe43055589dcdd3dfdf8e37261de4687accc6b353f43aebd3c89b
SHA512 a5ff30a2962b32719c13a41591a54758e788dd712727688a999ac28cba7a38926fb02404624ce1ba70207c8a0e4edff89c4b963b6920a84411b6053a101ce3e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2f6cf27dd879385342e382f84b18f43f
SHA1 a205ca52d9f6b48c90b7bbd3431b5968ed896421
SHA256 357b4e5683094be5821cbd60ef84174e9096a60f995801172d506d8c44bf0e93
SHA512 45b002fed22f0b0f95677807a12167ecbf211d6db178e95609215692fc1d132843029600195d56b55df18f1a917a4ae035bbc59d8abc33db782303f4067472c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d26c30b9dbc099a448d2f23fb025e92e
SHA1 fe5112b3bded62c0a0916d092346de7d8bbcb3ff
SHA256 287d5b81ce9be234277d6a3171fb7217100abaff3c6c51bd162b66313bea8129
SHA512 31267d1d365d9d65063e1f25fb77049c1e434c7508734e6a0b5a846ca206309ce4bed4584ab9102a94c74147d41491b1ce724b0b14f8729065fa09ef29651cf7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1583c6c70dbe3201c6614583a049c5c
SHA1 db38295f4f68f9f55a37b9030dc31fef54dfef37
SHA256 e6441c3ccad11fe57f628db89199ea62e58fd33a2390eab27f66dcb4c54a34ca
SHA512 b2520340e099ecffe73cfdeb8ee4cbcea79e4234b2959d741e0d37111426e0f44c1251831908e97fe741a40d20275d57d9e8829c20269bb76628769b2b29399c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ddab8249cc4289e3ab9c4b90ef713039
SHA1 9ac0e61d947386332fa719f089a704bf117c9cd3
SHA256 00b906f11b3c30a5dd256a953895f209e39f324d70ccc2d92c7a9801b39927c4
SHA512 d6fb9be9f06dbca125232ed29b8b7f9076668013cf53372f6deb29286144cb66eaa33ed107e730aa431554cf28665e8f49a660adc1cf176284da8b861e3c4dca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e27be2e7767fe6b979e83617362a9e3
SHA1 9168f105d454194d3b9223f2a4eb2991eb101d7f
SHA256 8bf0a2039c16b1dfa9fc5867f1a165ad5b52c7dbb631c4e31f9634b55cd4ba43
SHA512 a305cf31ecb4dee8e717e983c9bfef54947938154ea3c97a573b54a44c02fc00788cea24e76e6dc0308defe863dbaa46aea773cbfff433804a74c091caa973f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7ae87151c135df7505f960ffac483601
SHA1 ba42bd820613dd03e3bd398d2b16a663385f2773
SHA256 dde225a8fc5be2ab394797db9d1e834d583855dbfafeab5049142616c4265b96
SHA512 fbba92fa131a501e4a9fc5fdeaaf11e1bbc689a5d324b73b8754e32d96d27c03e1305444970586a62c44f0a4b3ffdd12d269a51c9e56e53ee41fe37ef26cc74c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5941812bda03c8f720b5e6e13733268d
SHA1 2111c323073fac72dfca63299876504ec3256b59
SHA256 6bd5e26b913f61d8cbae6744c8d5e1fae539a92dcb5efd814be6bca40652be59
SHA512 15184bf0ac71d7ada14c66d11b1d037141a35bc2c1e41073f741019ab569d28f58bc373cab4156c180c09679f29ca37b3ac91b676f38c81428eb491e705b00d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d32d67646f8ffb161ac8cee516e6f3dd
SHA1 722a17b1967b83e5e1d5c15b97f042af5fca5cad
SHA256 317fe15dee536ebbba083322742709e21bb6116f571203eedf4944455a1b7f2c
SHA512 6391e9f97fb710adde0726860c1e2044be3503a2772a82b131714f07b9853247958f93eb804f0e10c67931126dd2a0c974cd41e6664168fc005bdbb826416ac4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cebf416a3b5ac727b6b64feeee0850d0
SHA1 2db36f2a24bb36d214249fc2f6855d4e333ea6b7
SHA256 af8f29351e1546b38dc26641468049757670f47a8971132e43dbc5ca316ead3d
SHA512 2850e93bb439388a045f24c35e93a228a387d06e247f95788d3d52adac644aa9c52d604a085fa4e152e56fc0a34b8aba77019a4e2f780cf61f448e781ce1a6dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 adca5d17b02920ff55af3136adde12c2
SHA1 a7ed799b6440fd935378c7cbe57ffbfa424b9d8f
SHA256 b8b7b43982b66df0050dfdf5d295ef8da631f42cb4f6ef09036677bbd9d3a1ef
SHA512 ea95b9457cb7249f251e146d2c87ed8de6004b968d33cab37e1badc395bafcaa7cb13fd37d8fc5c29b88eae169b9566adc6bb0ea03f66e470b2386be7210b9c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a45ee045db9f89e8259f142d9fdeab2
SHA1 9a3e73d8fdacaf7719fa416fa6584db87d7b6858
SHA256 f19fd6e164c57408a0b32ef2cb6fc30b5a30038f7d645ef1df3568ab2a626f88
SHA512 85997125f696e94adc2d7a22db1ac96590aca31f9f184c53bfa871eb0e0dfc701b09e2ca9a4e52dadd29d5e73bc18aa4dd241cac889a512afcbe2a8f0118cc1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6ea323bb36635660da797cc11d683d2
SHA1 342f585a7ccd753a639797b95246ea73d224b2d5
SHA256 ac05985a873a2c35411bafc5c7766331d3e15de8123e8794a539b0368351c53c
SHA512 3da58371be2aee93093b426e5e4089ae4bc10a0ea6bc312311e66c465e2539b12ff6ed2c1cbcbf4de407f360a7421ccc7cf841017f98a4c8b385d5553aad1c35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 31844f090693338ab227fb044b2b525c
SHA1 4f7567fc32c95a42d621d9b5adedb5a5344f2adc
SHA256 f9e9efe3b71f45870207eccef62f110f1463d0ba709718bf565e258ffe6227ed
SHA512 38c49d403f872e0e56b4d046142e73216140dda4ac61382ed9e0a087f9c0c8bd3f0dfb4992d9fe503e54dbd6c416f5752c3c5607bdb573d302fd68fdd4b97238

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0182d1bc655b782918fcdf48804c477a
SHA1 b4dfeb2f4bf95705fdd59948fa7a51d93b237086
SHA256 6c8901ace56fd66399d0ccbd4346cd6fe644be5e6e6034ddd7432a16dd618bf6
SHA512 da2626bb84ff89ce698e981d4bdc8cfd5635374dabe0d29b19f295cf3bfe9ea75d567e04de4cbcfc29b296861ede2ce8dffb37b6f53cfe60057912d77b9067c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 127dad39393a69004a304a20a8fc883f
SHA1 aa540aae85b8fc941951934018095c64d694990a
SHA256 ad4a9eecf61ab0eb6a2fc4c64c1c8ed12b305b8a1a1135cc851db8fc95bcb6bd
SHA512 c5f46ceeb1fd022f6deb3ec48938b3bf4b5ff048b58dfda05903d8d9bb172eb4883a23ca9c155458370c03ca0c4580fd4ea6cb78978612d630db7c212128c89d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4286d4d77c19e67e805edbb5721b0ad0
SHA1 3b84f6123b7f08e95d824c0228df43aed7ad6f2b
SHA256 1001edd5034f65e628efef70625fe1386d28e906bc4b7cf5ea964c93ec4bb942
SHA512 c00266cb997eea0226cf4351cf598b3952c93026ee61be2338d9a03f4fde2f3275000fe9e8469a039fc1816bba9d2af93899cd94cd106096296147f0761ba0b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 64dec579cf07ee46239c4aeef6a08f0f
SHA1 564666505cc009e20cc1fe1f25062c43e8fcbe25
SHA256 53fbcb56be92732266633810b167eacd8c01803b1f11a832917ce8c0ba8c7db8
SHA512 c3e1380813300c9a363fbb1ffd1f086c9bec64e14e181bfff0bc1df6300dbbcfc5fe62ccdea3ce83eacb033026f8a6d436502012d3e05bd21defd7c391fc9a65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 674aafc67ddc70df27dd0b3816a62246
SHA1 6645382f0fc8dd3648f13169ed6a4ea65f3afc99
SHA256 cc38176d6bf9d61bda4dd17e0fdfe68dd0c41177937fe93084609ce015bcaa2a
SHA512 44a9b5244a3a5648f8fc6704e28077395e9fb7fa4815314042c3e8294dc7971eb42a07b90386a011a080ad09e155641526f4d2c3239d24cea18b6f53fe51fa28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed29c6f214766018009c177e007044fe
SHA1 1919e415b0c7b753099721caaf831d247499ba7f
SHA256 783ae84aa018431952f5264a44c643f5db59a592a2761bce02e240a7cfb53b74
SHA512 48e208d776e7dde2d8d33f657e6ecdabe86b43958b5e82d99cea219bf3143c3927c669f57240b8c8c6824d86c8631bf1ea82cc37aec9ecc4ba321702d2e8f800

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 03fc6d33fde8191fecc0b3d5f241dfd7
SHA1 30d7da70f4fce3cb25eda5895f1fd0aab739f94e
SHA256 a86d51e803cf5a928804f500dce1b4a2441cbf51095d28b995c67676eece58e2
SHA512 8cc4c08630607091ad84ab3a0c26511d21da2760a4eddbeb8e3b6d1c27fa4094733947227d2eeb0754632d80be558c31c33bcbaa6cf0032e1ed6a354aa09372c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f65513f13298c3afbd4fd17dc46cf1a
SHA1 daddad6ce29074830dd1249615b74ed56cdf2742
SHA256 184d1d1fd18daa1c48cc05a3c9e54b141a83a707bab35d1d879806b0164c4658
SHA512 7fc1e2a615eba20acbd4b4b7028ee9612c7dae51a0db2ebe01b444a2620c94005cee9c8dfb26944467c76b191acf12a96026e4ea0304ceb6799a7ab5d94dc2ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3c34f1238c087e783426e5b1e35180de
SHA1 bbae757de3cbf7e1703a630a8137e7ede7cb4550
SHA256 2a209e28015978230206dd4f007c1e0e1303f9d47b114d0c101ebe9186ac05b7
SHA512 ba7bb6c59b51f3fc6c55acdf829490d6f2e51e3994f3cdea49f49b63a98af1bccef5526932483702452a906cc5b38a097f9c3cdca48a6d52a3896cb682330e12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c469758ba0f22d84cf78539efc14f317
SHA1 9797983287df19eb0ebb1f607006d3df01195fb2
SHA256 cf2c71453d06c9705d1e6463fa45d7f5c66b36edda5541963f7096523f773219
SHA512 ec4e5636da9164c8a994f4486d994e360de9eae6ef2c106064079eebf611b7256d879f54652b414ce62339f0ff80c9563fced5d639bb21bfc2bf5aa03355aca7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0951107579b0d93cb707d4bc3887de46
SHA1 c8a4250bf2a88eb3850c0f8737534dce35df2079
SHA256 42d3061c16e0e1c987aa8e677091a2a8e2a90d7f678b97be14d53e023ea89bf8
SHA512 e4f8ff4747e7285b58a1f234dd21efbd43b265ebd6530c37c922328961267a8800ac2b65e58af00a5e7d9cd5f693b002e6865a0d9135d3e9a7cc85ce1cb106a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a1ad3a86efbdc74775e2f8f641d58245
SHA1 471b82f73684d20ed05bbe6d4d3034a1e3429dfb
SHA256 6abe3b6faeb72ae43c4b8d10e8cfa1c966cc88a894f245a099a4102e41f7d89b
SHA512 d34fb186563943da989df89c0a5c71f8427a319db45f7287fdd441733285fce3429183efd25d1f01b38424d4040081ba093e5c0f8ff2db6765ed5099dd220f88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 167adb737d0f6909b9359f8fe5efe156
SHA1 4898bc7f6e033c0ff43c61ba64c4db8d376e4938
SHA256 5ebb8ac3a44e2a1c5d0cf32bd97ab87b253f673f2dec925fa2ba5a1bda6b3e4d
SHA512 ab20229309f3cc354430fe20b26fedc3c98af66eae0a27ec623c7078ceec400d8ca7c69e715337cbf80b7b37241f592f25bb30735ab163420b6691d4056c2d33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 74dc9df9d6447f3f420d022a713bf7e9
SHA1 38792dbe745d9c862a23f2cb68eb7c497c1453f3
SHA256 b4a7501d35e7556bc85b3dca0de1409a4a452c149b202b44556c044d3ed6f8ff
SHA512 a4b2606a17c24722b505010684424a309cce65b742b8af6f8620c43c5b10dd0343b26d098fac39c3b2c77a24567140baf1e95e227b1f3e5fab0ada14012bad8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ae0a5e17d5650328ba98c6e03a12fa0
SHA1 a98a4ed9a0074e2635167e550ad41e23f132073f
SHA256 c1c8f7ea903c7346356971aeb580f7bb7cc2532383507a180f95f07fa940df37
SHA512 3f82c73d1657e634fcd5286953aa3d0d08c38eb59406cc71c79979bb91fcc9da5a905547ac71d7ef062bce03553c632f568518bb6104befe94cd4a3e7c975a7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6459f8151f400faef8f4ab17f0e14a2c
SHA1 9bc471f7075b5806c46980007b09d0cf80f7fac7
SHA256 53cb861b38d9d56b9a4461aed3ad13a300f4fa602ce49510902c37b2b433118d
SHA512 7b8f496e3a6a116af00bc5496742291bc50d11f5efbb3295e3b3324106a5b2318ab1377f1d1562b9c9aa8c5d7c97bb072c233f1aefe93119e0aa127a37d7678e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 256762ce35e9b8cd37e5236b02e56c7b
SHA1 106456dfaaf8cfb9961949fe9a8b1c0f37c8b336
SHA256 ee6101aeb2a2d51daaeb505a0257dd0f7734781a0abe96cb7c102ddd55974a7b
SHA512 26a62c8a47ebf3d1b5969b6ddc30b7133a56bd80c648fba2c94a4065a1f83fa322bd69a04231d4f24bd91ea550f99e0b5e205b276039d6e8388a0938e4d2c3c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c17119be90d9f82cab14b1f6b61f0292
SHA1 1e7bc417bb4f642b5b1a42b5a7ba90ce07dd144f
SHA256 f2382d630c20ade86a6b235f1168151dcb48a367568ff6a693104dcd18c4162c
SHA512 c2481fe07473deef8be5e8a30e9a290c1a841e37507f57877a167be55142a026dbb508e09afedb32d2948c155d64d65466c54ee1c72d7fd06f7b8ac166ad97c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 71d8fca50056c9d521dd3744ea856797
SHA1 6d3b15124a88efa9c181324a362f72d772524470
SHA256 1e1632310fb0dfe5155451cb04ee40526309ddb8d40eb0ab428144cd1318e054
SHA512 7e5018866edce60fcdcf0d9978fd6664b31b8148d21eb753f1adeedb87d24d37b0387eeccdf3cda5c163833b9e2e8f5a692b34b68b5638e2e419afe99ac1168c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c72e3bb1b4e825c3cc8a32b73636b20e
SHA1 41abdbbe35147215ae4d8ba30580f99dbd63bc3b
SHA256 0059367945debd37de892109cdb2bb71a81cc51a1fb77f74f9d7220e6936ddcb
SHA512 064d2896ded2e1daecbc7fb652232650d2596d68225cb209be7cc438854ef73883179f6f7e7f69e9292547f2a18162bcc02a496040705f711eaef7356178eb14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb5a3ad2d2bd357f8e4876c3521670ef
SHA1 f1c0d26ebbf295d1610b86ef0a413e2368fe3f58
SHA256 2e1b8797b66e08bd199555bed356531e2fac47f9b0955b9e68a3c21d3e259d2b
SHA512 a5957d57b2a77ab24292025bbce3f97d97f7d23484fb4829b831e9ee29de586b1c2d858002d033071ad0d230585270fbbcaa1dfdcb488373b6e2cb739a892d85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d99b217ce6fc3d7e30325713353dde4e
SHA1 8d26454e52cf520e289477268b23bc59ec2aba1c
SHA256 fb66db215b3f5053faa05631f3be314fb00d26b6189332559ec1c20c655976e9
SHA512 e5158d7a90bbd3c94ae4f5db2d411a7fe7d001bf1ebe4d055aebaa1f721593237a64db9e695a06ba9a9c40828d26a88c50b75013fdf038e78d1c80b5191c0105

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 151391876c46338a7170c31d20de0091
SHA1 e8bac0c1fecc330ea8746951a0a6a628b4296911
SHA256 4651062c0bd4f5a668393b1a4e897d6636645579a7c6f5d8c2643a66bdfcd7ad
SHA512 9681cb108b3a4f7bd58493d456f3660cb34cb1ded976e923bb358783292870c6db14c6b11cb02424dc1b7c2ce55019ab2f2ce586f2cd6769c9553a31a54eaf37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a6cb9215797cce0a83cd447fdb7155c
SHA1 9dc6e3318d3606062f15c1d594cadf21a74d8650
SHA256 7eacfacae91f70dd63d29c50f7eb6f2ce820934651850b21a83e3f23f3e430a2
SHA512 493c6c9132ba9c47ccb0d8458f07836fb1af6e73d3507473c38ac56d333edb6deca9ea1694b88e29055898801b4f6028aa2bc16d7cb352245118cb7721ddf860

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 619615ac12407086a8b4506c9f4d9e2d
SHA1 b3b9e57e46dcb0e60ef1eba62b34f8e94ac22411
SHA256 a735e918cc8ade7b93cb385cf9bbe03237e51ead883bfad6d9858ae1fa0530b7
SHA512 655475bdac71b8d560984500419388a5170fbd5c031d78d2b73a1eecc644d876daa9fd98e1e615a4f008d5bd12162ff947cc4b8ba196bbe1575d62f3051a23a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a85492a893c71d9bc6cf94eeb6bf5c84
SHA1 8613c5b2407b1e553ab146d30afed3b3de97f44f
SHA256 a78c0b78cc73e478d0d811a52411137b8f943febb8df03036358811195969456
SHA512 6cea3f49b58163e1b6dd2dcbc1b2f9d5f2ea13d69779333518cafbda5a538f527e0a26b1406f934c146a4ba7f14102b7ce4d46fb5d98d3fc28c5ac30fb5750ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3de24da89e6a732e5d22ad2d0d6cc70c
SHA1 5ece83b7d9772f505fe04c5e3bed61049fd111f6
SHA256 1641e6560c8991a22a6934809884aa528e3c6de5dd1549a624bc4aeaf8b2eefb
SHA512 b1f961e1acbbfe77e7062c36482bc3fccfb319d8f3fc3e943e7535d9dea08689fd9c5978b07a43e306bf8faa12ec58fc3f96c839dc79a20b0e4995a9ba2514ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc26c677b8e72ce854748964a2ba9100
SHA1 c2b21c805490f7967fa3edc7ff472df0f28c105b
SHA256 bba02987d6cc4bacfda0e3e7aa2581525d1ff445a02984b28a9c65b90bfd93fc
SHA512 f2134e55607d628ecc3bf20e0762c43eda328f72560d9e06de89c14d0b1519ac0bd086fbe83a5c69d6cbbbd4e824a8d634e4d44b3cae34e70fae0d5d138f29bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 537e5915ea4c9e6c5d7d438edf7a7e97
SHA1 4b23d16e0cecad5d10ee77522b45f41dd51df4ef
SHA256 b14f4f05c4a0d873d007f99b9b271634deab3b8a2d69d5344daefbbe1f1bc2ca
SHA512 1ec15a23bd0c1f73e2787ad8684c742d3e6446fb818cc7c9724637522aaaa6b50abab19e8e2d202795ed5ec1e791896e4375fea6ffbdfbb59e184abcdee3db8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eae32b265df925f8bdac5a08ab13996e
SHA1 a961a2b3232e7238d77a8f742cdc9b7af939948a
SHA256 5365e56ae9b316988340342875fb6c3a0a1b7d9980d6765664992347744a8e4b
SHA512 7c324fa914d40fc2d5d1242862f8424747908700cd1bf522b04666826915c960042457f536b8bf197384c422757fc6444706be3941fac4b396b25e7980369928

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6410154a5257f95a123015fbdc1f2efd
SHA1 550caacdabad8ea9e6615116502ed8f54e70da26
SHA256 8997789c71c62b96a3c085ae8dd9991b09c32abd455192b8ae115d12853aaaae
SHA512 b94dc9fc9986cc7629b0fccc8f4e667ee8719fd39d5c9af53320029072a54c45b488e9ef9505dd8dee3333ef9bf0caf04e7a01578b9fde987f8e131d1f137a7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f391b7a647ed9da3135f3a71507db0d
SHA1 921c4028f798cc80cb85eda3c0f852625afba424
SHA256 1a5f2f5800da67465b834a85ea431c1dd7a6e7c3a7c27df85a4bcaf269327caa
SHA512 b9dbb2a7509e4bedc21876abad90d7baf0064754c60517e8778c678e598a820e6a52b3150631460ce40a68ac5dced3e3e052ded6553dca35d51189b493518cf0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0179cba67139db9c3f63f4c73f98d141
SHA1 4caaaf2cf343bd48eccced71115c5d17c7b1c9c4
SHA256 f3613f59ef54137ebe58a1be288e7c57a8ba93d5d91d57eaf23c03d074b290ba
SHA512 6dacf0d3ff341c26fc4a56bcf7ba7b54927904651f51c44a1548ccfd11e14bef5f8aebdefa033c19a3f3f387d2868018c8f7bdbfab02bf8108eae55adf203e15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 64d433e098b8bd7fe6541899ead80d87
SHA1 a7060871248995f8209239ce21c817b0b7ced071
SHA256 a834ce37183de2a525a6d9091aa78134b7f0961fba961fa8d26937e1fa274dda
SHA512 e1539df8c2ef2de1fe3be0e53a8fcbb9c51cc8378784972fd0c0bd20aefa5f038c05aa4b255f7e7d8187293d3a068b7a60b535069b8b3b99a644f9c4298a3491

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 010fb7a47d5ac2e8aa6efd5dbb367029
SHA1 065b7e5f5ed5befa2069137de36bc1d833a5e831
SHA256 edc5d97d29e8acc56c306e3e966f9a4f196cc29e8a55258f9aa77a2a734871d1
SHA512 ccc7966b970048076ec286a7e2ac1ca84f602c2176c9eddfb4ce9d8bf89b4f925d329ed92f7df533eda5d2b0a0157dabc4b83768e9a8b7768fa0d56598f0289a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 81111f8e04232eac8e5641fb6f1c8d55
SHA1 c699c423cca4d702b41eb79a75ec59558657a932
SHA256 09cd85e5807a88f6264d50502ea6c81b98953f1348220b8fcad390abd1a11578
SHA512 4cca0697ef6965a0fc2598f8731acb259761cc8f40e21346fec7b205f65864b11d21bf57b737d144bbdcdb5711c0598a4dab193bf00a9102c6057400356ab773

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c21ab3cbc53d053277029d1eb293b9e3
SHA1 c65bb5c4315997cfd6e231645439aefa1aa23b7c
SHA256 04e2bd0fb5913568784022ca55625b098f30b8650b14af0859483d9587d50f0f
SHA512 282793cd06d49f4e00c40f86107587714a0bcfa01ce3c6e1c0f7af2c7b8d3f205ada8926d87170a0cdf24632b22a5147ef3f73d29b1907ea8f735ec06de6bfb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 56475f0f30b32500edb927a532a8e76a
SHA1 a80b08d1c182248b02b09070391fc6db45b4e2e4
SHA256 a84728a8371002ad8867c034a43b1142f6a565d064ed72f66421afa89cc21b83
SHA512 f2667f85eeb75058f071e4be2bba5a1627d1f6e986d825a59f842f5712dd8ecb8d50ca60d9803c2c354d786cd63f7643bf517dde078552ccc3536a9b2fc2c48f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 500db9d6fdee5e40dcda18fbd97521a3
SHA1 00ba5515df1a06a850152d6402ae8363a0d37114
SHA256 e113255103c18dba29d4198029ed7ac1008638a056dfe664545fa7b861c22dda
SHA512 b666b6723e00d5782b79e8aeeb1775454c48b328d717ecce5250705d37b96e6bc3ce2fbfcea4f0d868018253d7d9c14873ed2cbe2828d88ded133c5492d0398c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 37986318e04db53c9bf3c34822a77418
SHA1 c6745c76916565f12ba961c23cee5f2beb531402
SHA256 fcaf2e68d82dc648e631213c99c01a7a3b7c2bd6e1e414a30d527cc5f7d07652
SHA512 48dad0330386a87b13c8d9de13ad23b6c757d8718f8b7d1a6c563580ba5b16e8c9c4c48f5491adb3215cce0b856392387f2370346c88f168b4c34b1331ae3db8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ae523d5ed46791255a5453bcebbd365
SHA1 ee855367d3cf0955d684408f7b7af4a36f1322f2
SHA256 f3085205589c1a759bbe361cec8d79109dee9a767f0445e51c09bd5065a4b886
SHA512 5ed745ccd7063b86be9c150c70cd1a758b244f7e27a42013e61af2624dd94555f48db29bdeca7e437c9a0eacc573b09799d9359a4e207d81182e1740f3c3e732

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 99b7c1d4c687795298b4b3e7028937ce
SHA1 b305a3d9550cc436e2d3296cc3d719646bad67d1
SHA256 169f8193b79c33b47360322d14bc37c9ecbee2367658698729f9d0f2b079504c
SHA512 b70009728f0eec4514c937f92e740a615ef5550547c7363b32c75be475e8318ddef5b616b08f75102d72920f651be32dce1fef7c7c3b9758cdde719877ac5d94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 883d24b0f76e3335f0cf919c4e294fce
SHA1 55140257891d08cfa8138bcddec41e1e3a9fa738
SHA256 0bad51f584a85936d3b78138a69ea98a4983694c3bf78780842877664d98d592
SHA512 4d71911d3f74b3ff33ba0d8a5168115529d48e40a05b093a21c110552405f8c0b306e9395c26e3d5cb3005a29162808cf97e1711ba7ce3ad60a9887b18753d3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c940fc6c302d91786a4c73af608de8e2
SHA1 e356e6682de8318bc1fb4157cdb0cee5754e3517
SHA256 093c8ad916a4a1b1e130f2a342a3acfb12661a90725f194068711392b6fd48af
SHA512 d8beb91a37450dabdd6ad092019815f26bd2b0537c9d19ecb3dc91f2a42b46a3fa5a05af1f4e66ae8abecdd1e7bf20ce9d9ef9b1969fc2556cd2a571c3478160

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a10fe33b41eb9484d4b3a33f5cfb20e0
SHA1 38403cfbced82458b568de63367aebabbceb556b
SHA256 468f91e3c77977ed33ff314dffeca1479718d86f129d03b915d3e212aaf582ab
SHA512 6f1d52eb8dff11615444f55c640bc772d54af75253a9b69e153f254765d2febf0def1634a617f09566a664d3cf30448a2efee42a6b2f9f4a1717bb2b1d18cf7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dce2e53b641fd30ac522541ba5469c24
SHA1 ff6edaf8076a87c8314a725106e89dc932a9dcdb
SHA256 b3fc9682d724577210bf0688f89fc60c0446bb3bfc13c3d754ca12e4d34c42b4
SHA512 b852bbc5986fd7ae642bb4d5d8c82307dcaa27d743f2e51b88c42bcfc3db76ce8e5ac8dba85518dfbe3fb0f03be0e41b53613edd5d719641f12725a3a12a5cca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 09402b09af7715adaf10d62d7989e4bc
SHA1 598a033a59056c299d39dc6a9601d041e089d7e5
SHA256 001b0ed9acb27c145b21e5c471999fcffb6c55b87a0c2fbe80ce41b8c184b502
SHA512 cd7ad248d49863ad6835419e864434e0d021a0b90aa5a6a9e9ea417e03dfed4dc61f438d476544681a5c42a6cddc24c44fbf0d079b6c1fe2fbf7a5a1c279f7eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b45f820474d8baa7988ef25fc0346d7c
SHA1 591076a64858fd9e0e40cfc1e139eb5204643f4a
SHA256 69e9ffc1600787e61ac7a804259355c353ccfa1c190d10c51690002142759b08
SHA512 30ee46aa48857d7de9149f319e1123af51f63658becad6e5408902f4c738af93e2367183bfdba040617d0899e23261d1b44f831cc819d4ee31901be8b0e572fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b327e28425fc9402f76b8085bbc97f25
SHA1 1b185ab88800c85b8f2cff1015e46bbf987d8cb0
SHA256 3b412ea924dc0c92134459e2814e1b2ad0ca66ece23c751202a015420cc109fb
SHA512 e6888b6b0db24c90cddeebb44c5179a2fde8a73a2b1de46db3a1902fdc4de4f8c1d95673bf3956cccd3fcb3a4856b82568ed231fad81ff544c1fcaed1be6f716

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d473037ef84a57bddcd27730ac1b00fd
SHA1 2c364e0743205b41c6c3eb167848194a2c0c96e7
SHA256 0d3843a022e631f671e5cfef3806d16f91032bd7bcd1afacf157459ea9304ab7
SHA512 79e61b17a26cb492592bc54a0798d7274a31885043481c665a4d64b4179b9981932951a8f2f27ad5e35fc8e4d12dfbf240cf83898527951b4419b0ca72d96643

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 651de7b8ac357188d5d2af68063530c7
SHA1 d476bd8040bcd4e7248384498282f3192bcf33d9
SHA256 2faf9911d1e578cdd6fcabc2ff08991a5dd8365f85ea2d4d4e7b2cf45e269dae
SHA512 007820c757d468a54c7e6974889f3013846e0789cf477069b48d6cacf1adfc7716ea8e7ab014e2f1c9f06754728043dffb2ff021c405ac0c5eefaade6ee11ede

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f71319d9ed59aa4e6bf126e3b57f20e2
SHA1 22ce0286be521fb381f1c5f1e8e2dda580479f1f
SHA256 d916550f16fefdc644dcb01a866b8cd53b6f098c42bf6866d3ca7e1447c9904f
SHA512 9e0bfada416cccc67378a9988a4c1c5835f9be4149230eff5f5557933749834779a79b1a0baec8dfb8037be44265ecc43abcc120ad70cb7160ccba3ab47c31e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cac0558ed9752ed33b7b769892e943bd
SHA1 f259912f73ba35a28afe562c0d7da87ac5557174
SHA256 91189f82ce59f1083e286d6c2b375296b998566db10dc45219c5967d9f8d890f
SHA512 093ade02174bdef3a83841e2fa46a7a28b02741e54132aadb1f6bd65b96d8dd20da07754855eb02b44013eae97917583c7d3ee875d2320bd1f1382a661a62393

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 44ec5e1726798734b96d5fec0d960f8d
SHA1 f40bf63e65b0d03240ee0ea9165f7a75738792b0
SHA256 f69b0cc9cdebab5fd029e18c4bcc46d1dfdb2ee978adb43f0fdc51a1c891654a
SHA512 ec1e42e7c3242f742274a4872f973726210d6e9723341960b1ae544ed927970b9edcf03c6fb1e315b3004d0e6bd0d9599bdb96ae4d58f5e9f994982f8e280576

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 41123be1a88c51a09f22b3389a93429a
SHA1 9140c74aa7a32b2f101fecfc346c39301430cf5e
SHA256 c2e06d897828b92ac0467c096548a65c9aaa8dd057146ec28029b1e708ca6511
SHA512 59af0ccc34164b615423e756f6808414cf1412e1699140e15ecf61755c0751ab2e3023919b3d0720bb85f4cd5049082738185a8cae276de9073f2dc09412e7af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 39bf1eb4b6a60e31ca0b2eb72a1f97e1
SHA1 b1cd6787c725e422a596380bd4795da8856e3150
SHA256 4ae383b29a9f45ce9ee5370eb5ca8537c0ab08eae82781827910ef66e0099a86
SHA512 7f1a326ae0becd9f55d523d8ded8e3811c8c5be4c950386154ff2e2078e09a5347ff43bb9dd8744f65ff14b1deea9a6998f94d7b153150943438a65f1d0099a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a414710047661ec88a1e748ee3205dab
SHA1 e56247e786779b4f139a2bf5ad426db8f228cc61
SHA256 73488b0db6b96b66e7c05fe0fe9b2e3e571272eb483155cb709f3962bb022871
SHA512 98f158e6c5ec262e676f55056180cb091097dc3c3b7a3462db3a6cec8b17650ca3805aa07a722161874d9d5c92745db9a24b57e8261013e7734e4a50c9f075f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 98a466cdd6b64544cf3fc9c44306e02d
SHA1 cdf659b31e4de2e598d73a7f6fe2edfdc9c31f1d
SHA256 b2d9298a235e8a8c62d7b5f40916764244fee8114a8429852e4a3aa1e024bd34
SHA512 f8c9213c52cc158abf4d264e5db0c35a54720cabf0de5b8169c0466869c1daff9adef868243f62b658622556a96a4e8202731d30061ef973af695d40d9e445d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 39f1b220a29d1c49565f7f8e5d8c1a1b
SHA1 de8a44343fd065261db27214b17991d45d045249
SHA256 71edb46a4508713d4a2c4736eedc876d9e69b246588a23f2f9fdedd694458bb3
SHA512 3d63d3f29b61b7f709711d3064ed806f56a5e691e3b1143a6d73af3f895647b2badffb8a290cb87fb997f29baa28141bbcfaeb447200a0a402673ded376db617

Analysis: behavioral5

Detonation Overview

Submitted

2024-07-18 01:51

Reported

2024-07-18 02:44

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

1s

Max time network

1680s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/task/1612/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1625/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/task/1599/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/grep

[grep -q ^file://]

/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/bin/sed

[sed s/:/ /g]

/bin/sed

[sed -e s|-|/|]

/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/bin/which

[which /usr/bin/x-www-browser]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/bin/grep

[grep -q %s]

/usr/bin/firefox

[firefox https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 151.101.193.91:443 tcp
GB 89.187.167.6:443 tcp
GB 185.125.188.61:443 tcp
GB 185.125.188.61:443 tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.96:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.17:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-07-18 01:51

Reported

2024-07-18 02:45

Platform

ubuntu2204-amd64-20240522.1-en

Max time kernel

0s

Max time network

1284s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/module/apparmor/parameters/enabled /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/1553/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/1558/status /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/1574/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/1558/attr/apparmor/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=minotaurx&host=minotaurx.na.mine.zpool.ca&port=7019&worker=1CWXZFjvrSLEPatEuhGfojhCr5MLBd448e&password=c%3DBTC&workers=4]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 _http._tcp.security.ubuntu.com udp
US 8.8.8.8:53 _http._tcp.se.archive.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
GB 185.125.190.81:80 security.ubuntu.com tcp
SE 194.71.11.173:80 se.archive.ubuntu.com tcp
US 8.8.8.8:53 _http._tcp.saimei.ftp.acc.umu.se udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
SE 194.71.11.138:80 saimei.ftp.acc.umu.se tcp

Files

/root/.dbus/session-bus/f2de92a803c744e586bd87567a26b68a-0

MD5 f563315cc7f63e941569270b7fe7fc27
SHA1 af69e8159ef7ec898d8b232ea2f1773f301f9c4a
SHA256 7c9733c3e651ae2f3dc902ce45870d29478c85f90c7904bf688c911ffc307f0a
SHA512 1807b677629b977e924088a5d70a3e11ddc4b6aac1b3239963ea41bb8cfc4e8af49c6ffca62df3f185c9a316a5f79b43b153800285ac97f6d6c2e5a797a564fe