a964201b566632ce76139f1a34be92a4d9c8166546426d64a6b1795cf52669b6

Analysis

max time kernel
387s
max time network
376s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
21/07/2024, 08:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

slinkyloader.exe
Size

18.4MB
MD5

a2223005e6d186689577e5a2b785a16b
SHA1

1075e177247880d3e1ec940623500bf2e9b275e3
SHA256

cef5b60321f17991400a19072052535638c0a5c02d338234686552deadeea82e
SHA512

073f8e682d2468bfe7d55b82cf0ff5dafd2754da2813de2116551e2811809debba7f06c5d8ed5901a59703bfb306fd5fd05d9d1e797bf9e7887826709c6993c6
SSDEEP

393216:cKRqNWNKROYkhkpXorNv+oXsDS3LNK3HOU6x0pW/lJktSrZPLAB:/ANWKRrpYrNvou7NK3uU6E29dPL

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Web Service

T1102

flow	ioc
95	camo.githubusercontent.com

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133660243171137606"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2087971895-212656400-463594913-1000_Classes\Local Settings	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\slinkyloader.zip:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe
1648	slinkyloader.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs

pid	Process
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe

Suspicious use of FindShellTrayWindow 37 IoCs

pid	Process
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4716 wrote to memory of 3088	4716	chrome.exe	89
PID 4716 wrote to memory of 3088	4716	chrome.exe	89
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 480	4716	chrome.exe	90
PID 4716 wrote to memory of 2520	4716	chrome.exe	91
PID 4716 wrote to memory of 2520	4716	chrome.exe	91
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92
PID 4716 wrote to memory of 2864	4716	chrome.exe	92

C:\Users\Admin\AppData\Local\Temp\slinkyloader.exe
"C:\Users\Admin\AppData\Local\Temp\slinkyloader.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1648

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1156

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x100,0x104,0x108,0xd8,0x10c,0x7ffdc6dbcc40,0x7ffdc6dbcc4c,0x7ffdc6dbcc58
  2⤵
  PID:3088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1756,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=1752 /prefetch:2
  2⤵
  PID:480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2132,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2212,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2228 /prefetch:8
  2⤵
  PID:2864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3572,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4440 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4484,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4788 /prefetch:8
  2⤵
  PID:3068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4932,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4956 /prefetch:8
  2⤵
  PID:4448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4684,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:4184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3356,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3368 /prefetch:8
  2⤵
  - Drops file in System32 directory
  PID:4264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=2744,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3500 /prefetch:1
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3272,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:4432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3360,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3784 /prefetch:1
  2⤵
  PID:1312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4948,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5240 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3100,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3396 /prefetch:1
  2⤵
  PID:1864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4788,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5216 /prefetch:1
  2⤵
  PID:2780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3476,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:4240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5336,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:1148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5232,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:3760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4556,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3780,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:4116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3460,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3396 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4452,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4532 /prefetch:8
  2⤵
  PID:4524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=3484,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5380,i,23664134832721533,7496112012524799497,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4776 /prefetch:8
  2⤵
  - NTFS ADS
  PID:4640

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:3428

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4516

C:\Users\Admin\Downloads\slinkyloader\slinkyloader.exe
"C:\Users\Admin\Downloads\slinkyloader\slinkyloader.exe"
1⤵
PID:3432

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
87c49c65c5f7cf9f46eea599ffbaccdd

SHA1
541202f8991dc55e788605bc441f80de2a833d00

SHA256
bd1ed23c2ca737675f3721a83e8881a3eb13d3d2e4b590225c113c43f5300a36

SHA512
5e712af8ba36e0b583e33bdbfa02db776b1df9cda1098adb2a53ad055afd1c819e4f584d02da174a32cb09588bbece40c3d93b104cf7aece4c7265e08a0049bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
37KB

MD5
f379276efec34127fed6f06101a024d3

SHA1
279e8e9dc86c622343e5bba17043d893c9224086

SHA256
1f92cc266344c34ab3ba73fd7107c0b7d53de896e47f3683c9e7ea4b1e74b8cf

SHA512
a87e994179341eedf39393fd4b7a57e8ac341f43bcd846c3bc16da9632921c08566be9ccb1b3afc0a1b9a9152c6a1339bff584401aaeb7f1cff7a36af66db5a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
37KB

MD5
f9a90d58144602c12373f3a51ae11c3e

SHA1
50930fadc719a0cf689f480f053fe55eaab64817

SHA256
477adbd55274ba5f7057f114fd4c4908fe46d7f486c7cd6dfe452a80ff0b7c82

SHA512
0f06561a943bdafdc0f6355ce4a5dd2a3daa348d621ac8c0d95632d5bf0458b4068803af0f3e9819496ed750299a63e6eea88c53bd2816c757a0e4c721d7e4f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
21KB

MD5
1d360b4556cb737bc22f87dc83cdec12

SHA1
2401ae1c316e52652ec9a309d5db2e0801ec4bd1

SHA256
5bc8f420585a110767d782fc3bc079c38cbbde4cae27e7c9ee0f4316e2c75805

SHA512
305d885a19fd8fbfbd7b9c13de9461dc07392ecf1a351388c60bdbf51862ed3d7ab995b578f884de4702388d332a5a8b6b8204cf4519ffbf303642b401dd3562

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
22KB

MD5
015dfbcf0c986f99bc0c1d6ab9fc162e

SHA1
6dff455e6dcdec9ee55ca25edb5f8edd1803f3f1

SHA256
291c3acf9855517f481cf0d64ba43f4e085381d857589ed5fc75905c82133951

SHA512
1d34e7bd775cc7b70371a579de085824a0eee0c6ae81dda89d51500c51eb0163987055a2dbcbd9ea191ee8b35ee0cfe4813bde076bfa5df0428ba7e043a6522a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
216B

MD5
e24511d9c3483ece01dbaa05a80630ac

SHA1
7f3c572277909f98d16c700a25885a4e67835ef2

SHA256
fbe0ceb0860f6e7c5cc4e21aced6f260ec8266b1cdf2873e6a25f76ff5a181c8

SHA512
0e329b029ce6191a831f85a3b5a33ea72703de8f99a92dce5de7f4ccd28be16d1acef2e1eeb2f8d44ca9e3f3dc67178a8dd465b5d807fa446db69f13cde91f85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
9e76480575ac7c4ba4b836461208ef5a

SHA1
1cec9ba867062b2b2de19eab1c26f70fb663bf0a

SHA256
8fb742e003ccb2ecc899860a9004ef673ae73722a2f019509a2fa10bbb40a101

SHA512
71e8e9da4f2c8c9784d0a44f6dd0b3d874842efb7b9ebf384a84c25a57d38ee5b0ee1f2e77245ccd70a76989040fdace014092e60193e6fee1c45733c93eabf0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
357d8d14ce2d60e39e3048d741e68f44

SHA1
04a6615b6caa75ee6c719e61368d734c7963b51d

SHA256
d0d80558eabdbed01c902bf71277fe6d16052e9b6bdc73ebc02bb92b736a2a3a

SHA512
304c98f58a2c30e303913e4504938278e8dfa12d23df5c57be009111b3b162a7bd00da3c267b48d7383ccd4f9fa0a8e1db9edccccf89cc5538bba4cb6ca66b00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
3206ca0fd5718e28a47422bc96466db6

SHA1
4c5011e593193fe5e2cfa31a0cff32ad106a47f3

SHA256
305434f7d9a3bc0ce964b937df53209e10383ed7d5c10c69aa8dc85c2e12f53c

SHA512
37f6e3f1cc8e1532845299b45023c35e05e56e6f4704cd9aceac90f80b3dd32470dec37856249d9652733e51bfc84a76df383e722a31b984b4b69a86d97b66e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
5f0eba0133646126fa5a59320e01ac40

SHA1
d7af504ca39b96c99789f26dd0fd81193d577796

SHA256
ac16e31586c7bc28b544f411eb2bd9f2bb333b16ba6adc6d63cbc72cf2ea354c

SHA512
113bc17cc53cf5379b0c444b197d058c57d7b8098d888f4862cd01533e0308bbeece7d44f335c013e060bb10b1e0ffc56436fe680e96a2986bc8871eea0c4ab3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
98d736146b533c22d2acc4dbea22a9c6

SHA1
3661b826022631ff7b207886d0baa5a6042e897b

SHA256
e0eebb83b219cece8341c6882aababea9d98db05659fd682316f36dc86fcae5d

SHA512
cc47b1f0a5a05e97098ee767c886785a2e7095bde61f86986a4cb092ad9a48486e5102b7fb4eafcb1bcd5c0f9c5af019cdeecc1715a5b4b70635e627f833c108

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
e0674077b748f4b33e32699ec7a52f70

SHA1
074fd96af2610b964885df7f5da8d3a6ff72e2fd

SHA256
7342cbd51a2580693cbdfe24f214c91183702894d993d9bd3318423cb0f440eb

SHA512
d2225b1dda87ea85ad96e17f8ca3ca0efa7a9cd19de59e32a7b860954b95758d532cf564e58dc244828d5fdec0eb71805443f2c9d62c189f9c4217fbf7eea172

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
ee10108fdae463df1f6e4c82d236738e

SHA1
54880c5006ef4df6130999672487d5ca64aa7901

SHA256
de6638491d76a2bacffcb1642fc6a7e4aa9ffcb2edd967dd3ebb4252c7bb6c49

SHA512
e105e269e22f79d39204bd6257a7c9c1d4604f766e717706a6e6961222e27d32b2da466f2be3645b551def18cb6716d22cf5fdce749adf5691eccce5debbd57b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
bb1af5127dfccf019ad3d3754cf02659

SHA1
c342c3398ed7263a2a5101a3ea50fc5be9a92664

SHA256
0f9bfda5aad2fc83636add894245ad1f9346c6f55106b286dfd60238b84eec5f

SHA512
f4fee741e15441f486ee2d1dd2debcee4c33ba8f1dbf34182e2aee686f327742230851c1d0698b6d192316d4d538be6d3e7ab6920f2fbcaa0b3e21933c54430c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e851f7148c0691020618cfd8bb15c5fa

SHA1
7eb8559ec3bffe117ea2e8ec7292cfe0632387a6

SHA256
5070e2a066eb8922190b7d1d0523b4805708dd64833f681ed9a1b2247a53f366

SHA512
4ece9139705993e42ea833dbcc09c57015dcd5cc982f22ebf2f8e08cba2984e5cbc5e325f2ecf6351657c3370f9f65b30bbf62eb59d729d3dda5b2dc1578e7de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f0f387d3772f90019b99416558fef193

SHA1
48f7d6af972b521f4d1114af46260a0869c1068c

SHA256
1edd78718cd00c5d021fab619b9c60419c6baa850173f6bd68b1e79a2c3e3eaf

SHA512
c39b65903b2ec4b04b6ecf82f3786b40b390f2fb6df07151e691dc97d32878a6ec3369b9003c3b75e1d11705f57c18ecdd3bad386264806e3cf55ac045cf0fb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
49550b8833fae864da2bbfaf61e32e8b

SHA1
f0396d34de55c8bf5863c4a401496de326319a69

SHA256
ededf6286fe621f6803e0dd9c81032ca060e4f6774ded742d9c4fa423749ba28

SHA512
4c2f02fa987198e5cb2e79dfe0c6044fa77384d1d20888595125043282a22b66ffeb2951dddcbbd6d1a724ece75ea47eacf3b469279e0b6222a61685a5d3a68f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
4f44be67f2e2c755ab1a953b45b445ef

SHA1
17a87a93d477e26d8e9da92155d8d89aeb30f258

SHA256
5c5ece35c64e45db83d0ee910786153512da802f82b242fb153bfd7524f6df7c

SHA512
3748658c7404adcffaeda63c9130582cb86230fb09bf55a64b3f29d336220f61daaa815eea90b950b122fb3725626946175e82ea156ea8e12b3c25360878957d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e6378c3c36cbbd391cfb7b3acc2d16d2

SHA1
321d110e9b7eac5d5bf579e2ce4b3ad3bf1cba68

SHA256
024bf16e14dea4bce6346a46c8afbc5342117e1d5a0891f53ac47e4939811b73

SHA512
ddf92dcc4403a7eae512cf3b8e917f4cc36c0634925e4f28b270a74d4f81ec8c021bc166d9f918f3f7b136d75a52e09aecd1ed122df63b82138eeeaf8e3d7588

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
2df6ac54a06dc6e0d372e49c0ee36fb3

SHA1
e127189c58be08e409bfce140784a533722e094f

SHA256
cffc30adec9e8e42ca87dce323a7b1f841d9a769f575dcfd38ad373d5796bd8d

SHA512
f193a3500df0b457d5e5ba2a843e28f8507626f94853d110479ec01450105c11532f7ee6a303de2295c495495f193302ceed3419074b4b2dbd1f1b4f5d2d85af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
202703de75357a3c0e1c9652eb58975a

SHA1
9280e796dc2309d06340690c7af2c1382731f5d5

SHA256
1aa4326db7701928a8e787bbc786fcff8a9115cebca04d22f1222f96bd4f1e60

SHA512
17b60d7ec0d006021f6a453f9b9810fd3668419023dc405b0ecf27348af6e630ff63c87888eacb995243dd4d624f6e80e4b4e9b24535d19187fcbd66b8ec1512

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
a6a0b899611399672d58247e31bae618

SHA1
4dbf91b739821423c354ba9b116e981f7e450bd4

SHA256
a73211c00db8acfb510bdddf5c54546cc0ad57fd251da2f0e464466b6dd12a2d

SHA512
71da87b75b0b2fb889a952c2ebe0f35c1b8b142ea6af5f45bf55aa5904d8ad550c8ff3b984bc082e99aeea5411dba69aa3ebb96d4a938d8bedf420ac846449f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
8c0fe59433c7c457808213300b31ce9b

SHA1
1952be81c7ebd8457da9d20a1360afbb47211771

SHA256
ac2359aa26678ecdde83799211fed001b59952fb165a7ce348c51f8cf01549d9

SHA512
051b479b72816240c43a78e871da09952960e7ae619b7984367db48488fc8dfb28f81647da82ea2f5c2460a31dd3dcd267f92e7704edde0bcde1fb149d1827ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
aea7ba06171921e48a687f6c9e816480

SHA1
ca955ab975ad726a9ae383d4b469ebd394ab2978

SHA256
9458d3e38a14f6d91fa965822e74656b8dc4c495abd980288fd90af1a04ba0cc

SHA512
c781cb8e92deab24658556a24373eb7b398afad5934d293de29cc86b213db483cfd91c421b887a076b62d3beee401fb9c9b610f7c8d3092daa1c16c3337c832c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
69a5ce722e62b5665a4c4293a11946cf

SHA1
292ad7514f76e1de465293208c6fa0974eb6f712

SHA256
52e510bdeb36128a17744001e876714b06d2efeea22618b3e5b2ee5785c15e1c

SHA512
57192c6fbbd47ef0d4e26d26398b8d3a1a31521ec1b22d35bd848535abc24e38626ce180148d4cab366ad501afbd0aae5a32e7cfc3307e4748aab55e9e9a2501

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ba2210b4a852ddd8bb9dc0594d93cb93

SHA1
ecefd379eda588d7bbeb5f532cad4231d2f2558a

SHA256
f91b328ff9bbbc62ecf58b3e073c51364404ec0d70502b859096bdcc9336cc0d

SHA512
f0f396d4b071dde8ad6489a97eb3b6e3cbd49fb56b6fbf8ba3055cfb061d48a1005b1521f068068c3fafd0affe3428085a76a8405f8e768aae4651339378a47b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c080211666e69a7344d29f381fe52861

SHA1
5638e703a51f41ceff27346ae0583adab77f598d

SHA256
0c0c6642366a1c1e46f38c6cc0960e56cdcfdac2aed780b4af15fcaf435cbc94

SHA512
bcd4063640dbb852252c5aaa755b34a5bf472b61c7e065e611523eaded7c2c22a7e76710568a22fdd3d557a3c234db8f7043058a1631983cc955da67ad621f6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e846f06102385c1ed3cafb5a2ab505e4

SHA1
7fbecfbded7b86f2a9d889393cf292c1b88aa7e3

SHA256
a2ebde12b87bc0ea6a9b368fd6330bfeffffb6a74974c61929d1b8bf0fd802ee

SHA512
f0afb113684f7a12a9cf6d877a11872d62cfdcd0a04fba117f8de5c0456739d2b7019b9b2af6591862a677b9e5db06b54cac1bd7d74ab5da94926a97b702f2bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2415678724aa6a0df018e1481d58d90f

SHA1
a68a4cb08f94f3b9ec959a4b6e3e90937690cf3d

SHA256
86fd9ce1873925647cf7881785bcaeeeeab78cb26e06d1934578317316b02f6a

SHA512
9e38e40bd5aaac1a9084e101e6cf62fecfafe00beb08cbd96cdb71fd59640046905fd6f603f22aa5d04e82594f9df5ee2986dcfd81f9ef47d5970e71447ab1de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5c27be2785188d3582a944a0b2d19c5c

SHA1
ed8dfd3deef67dd44c9ebd37af5f69f9573b3bc8

SHA256
bd7165668f8e59c60a802bab2c8938612bb7537aee425bb23f7cfc7571fd08f2

SHA512
439339961ab9406c8578e26652db791f56b548b402205ab27ba9ead46dea7edec88ee61bb257faa9700f893871510181a9e2d21803243a7e248f7daef701180d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f7a9955295f315a211241129607ecd45

SHA1
48ffd4436d5ac077cee17512d149cf4daf5d0a2d

SHA256
c753392c70bb60c6da1af802b232efede18ca42077cffd1726817a1fb23e03cf

SHA512
0bb06b6f4aac70758e0c77439ae011a6cc3d555a0639fb2e630a55c0319c096566f7def861952f98df43f385c51ebd2277fb5675bec529c02cb0081318dd767f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4843bcf52e330d3e428df6fc78d79430

SHA1
08941563e8dd53056246a97e2316c8eafd6165f1

SHA256
dcff15ce6ad4733a2d3b3774caad93ed1c7e0806132a391be92d93d9df5e1ff9

SHA512
34644635686e16d4e7635492e38392381ccf5b050b2a0db993a35028533ff557086e2f29c32ad4798f33bb8522e40c90d378dfa239a5915b5ab5689da052ab9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c4f8a83f4a5d25da123418154c84824b

SHA1
f1dab6da48435ffa7de84d36e9d4ef2927945043

SHA256
d40f3bc2294a89e35b658b6fa2e9a31141bf66bd934b50de994717cdf42170ac

SHA512
97947c0ce29ae6b0e01bf40c89ff3337e7cfa78dca58f8ff718bb602e96ae6c11e714df6ed18db458a99330f265c19f69896f83ca2112dff5a281d082952fe45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b65083e7742040e7c89968f06ed6b49e

SHA1
321855c2cb751494d0b4bfd8ec5fc03f6e11a252

SHA256
ecf95bbb84d2528a5a834f55354ae557051b32d2b1a581a36079b3c0d50d8f58

SHA512
b74b310b267f7011e64bb41cd4625f791d64f111ee3dd330827684bb918837c737d45c5e5115bd7cffa29853fd9c3322327bc74d70bf9f32c93811111d8b5e81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6f29b1ffe3e10d61ead82eda8cab6060

SHA1
5fdf00d5eb55ee0412084bd1231ba2338df4eb28

SHA256
352dcd078e6b353dabaf9f3e90c4923b7f72db762ae2e28da3be5a46231c8dc8

SHA512
2b621470c4640a3f5d7ee9babacce76b4f56ba96510692db74b2cf989114fd4e0a429cde79a7e445da92a5e7623f30f4f03babcaf30af2a2f9cb7185233062cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5067d31443ea074ec964c6a71dc5c4d7

SHA1
513ef5bc3c1b4a73681ae3f35fa4daa079524342

SHA256
79484fc100464914bdb7abfa283ba5c1670c12d083a90d9ed5bce7ced15da2f5

SHA512
9ee9a5a1771ab379667b05e4d6e31f3f98bb4e21eaf371980b1e75b4586f57a60d37828225bee09e751ef696b8550e23f0f5967aee61453dbe16f3544f9f6d04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f0517df486b202f0f44f85f16e86087a

SHA1
b0b8c678181d35e8f54e793385bd6d749e5bbee8

SHA256
5fada50c678df0737447f3ec95f628fa9d76c60428e9a4c829f8932406103fe7

SHA512
3acbacabb42cbc2057af73209f30dbc9d47551ed7e50de16a7de2c651a0f07bc58e973d680539e3ff1dd153bb70acd474ca38a24821d027990e7dbbe736ef859

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ea030dae22a6dc07b3b86ae21d6ee9a8

SHA1
86e1ce2b62392e0c31f2e1995803b4a693cc9dd4

SHA256
779c071fb2cb8c0e153e2dec51cececf48af7206b38e48dfcb42a3b3bd66769a

SHA512
9978c0ceba5aa7198d7f07a97213ab597bc1682cd24025122e3ad39808db75b8ae286dc346c6e4911422becef8335aae63021090c54499e776226e7beddaf91d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
49edc8377dc92b05692aa9fa3a31d0b6

SHA1
5aea0e404e6ba5fcbc6b55aa780c77b6015712e7

SHA256
b89db247c4860224d2abd671c2dc00d93268ad5bc5e8202943236236fadd8cde

SHA512
276240239d23fc60b9326da3d289a4c7c08846d8a0d24ef4029c2a439fd2782f889d10aa861191b88a3fdf1ed8357ba454fa9f3e955b93249ef1d7fb072f2c2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b81280a30b47d6b233031ae067ca43e0

SHA1
f34d0fa560c294dd3a4c2fcd929713bf26341678

SHA256
95c83632afbefbb794cbb317794b61825a4e6aa88d99836fbbd6eefd0047d350

SHA512
044d35022944928e3822b1825e39086f58fd9dc52f83c2f353b9125ffb74972126f4805519cfcaed3c74d749d1fcf6dac4d793c706b5a0585e083cd4d0f475cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7f198c6b704f5fdc56e04d2f68b00a50

SHA1
1dc38850d9a5aa3cd49251006473e943b37454d4

SHA256
bd8c6e06a0dd3de718cb7e26d38724ce7822359c89afcf533046e9853360ea81

SHA512
205ee8a264f815963015ec0eda0cfa8293ab3d6a1017825a30fd5972fb7a2ddc1c366c5e06cb789a5c4baed8194b3aaa8ffcee8efd5bb9068ade36d8689fa285

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a77b5518521e993f9835894714b870c9

SHA1
bea5e647c317ffb5a8ffd449bc8366eb491bbb6e

SHA256
9b0a3035c19b67c9cead80fb651c9bfe038a62529e474bdbeb5fbd921b9ebeb5

SHA512
a153a1447caf7e3ef8cb2de9f559245b13a2823b585c77af56597fd9e0fc63f3055a41e14fcdf3df8372cc0c5c18b78757530c05f1085ffd17708f9bc77bd425

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5622b10d0cc325b222c44371ad79e82d

SHA1
975a47100907f98e8dca7a6da13bfd7ea1fb8d0f

SHA256
524108118861fee42ab7e5ededc963556249919a0f69a576c9998fe977189a36

SHA512
85460b8f3af6978d47ef3faf2447dd4d8b273861c0d104ca61a40ed125dbf00f21eeb615226528289e08b9d3a5292e655398f462cfe6ec6d1230af4b04f6c8e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
92bef1f6ff66d29b59ca6c8a67cccbca

SHA1
03a8318be96ae191ec7881ed5075bcdcbad51fc8

SHA256
38645ad7222fdb353d5f4b536d9b3e8b9045222b513b8767be0a7346202562e9

SHA512
7f12f22d38db72986b5bc9ff169ac90c41ca6bac93fb60619bda684e59749456f33d97a1a8f2eaf5a3061cd297fcd439a9ba69938918e8844e195a11ae8cbf21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c1f768651a6e922819ded491d0d777ef

SHA1
96dec4de4c53c543098037ddd9306a17fcd6e9cd

SHA256
67c6eb6d926c88bbb2a3bc04a3d9ae1fdcebd85dfb9991899bdd2d19a0e3b36b

SHA512
c7b35d050725b9cc3a28c46518e1eefd2f1f874c50b6db458daf3356dfb23b8d790236086f970a6521382bb8937b1f24154ca94834441ece24e4ca908b832b2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
da873ed0a85a296cb3744ecec07fa4f6

SHA1
76f5dc11b47b0645bdfc7154c2ace639d5f30ef2

SHA256
8fe4268693e7004be56baf79f9154dd264a572dad0bf942240f214a25e26e64f

SHA512
36de5462b3f93ca1bf15c2c112c8ecb8f20d2541591f1a826ef3357de617df2eb1f6faef3d5a78fe01211e0cd9bb17e22cc00c5e6b4f5e43c796033b3e0516ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7340cd64451058505b1cbe0d11a02e46

SHA1
2deec3564f8371399c7b0b6a23a0834f97ec7ea1

SHA256
aab0724a69eb33e3e9ab9312e746277077f395570f2488655037ce831a696c50

SHA512
37cb0fb1b0de851c90f088e1d693ea19fd2644d82170b3988951f9bed278aebe8c7488b08fdf90e7a77a848c71f0dd4ea07fbc4a47c95a21c685023052f9e6a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
c00a42039ac5ad0286aa21e9656c57ad

SHA1
dcd722eb432ce707287e19afcf981784c260fad5

SHA256
f906cdc538bd6b972c0fd15188716bdcebccbbceb4669799d5a6be6e3755f9c1

SHA512
6be26df31812d7de1bc5e0fdf7cf6e46d521cd4a713268b3b9e9fea3c9d0fbfdb9df2cbbba58616072b8a3e8d88c4bb0972ec0969922107d349fd07ff97f363a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d6dcd1ab-ca85-4831-a55c-274280d4c7fd.tmp

Filesize
10KB

MD5
c39b1add34315c830cf8fe166d9c1205

SHA1
2c5d89838fb833bc5877a6398fbf514a89034c8d

SHA256
8f481b6ccdd1129649304ac6144bff1b1556f530f8911b5a072271ffb338aca9

SHA512
900f72703f7dcb8ac470c55e4c4354736fe916c724e7e67801d26685e79be67c6d28238cf031d4dd16207be6de84f5ece810802f5e0c352f7ad948c7c68df56a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
185KB

MD5
1ff35fdd1bbdd1f893938e0fc99a7359

SHA1
07d2845ee60d35523994cdaef083cfb3d477ea0f

SHA256
5e4662d72c7ea248032bec3c38ea49ab8b2e93b492acef8463ecd711b199019c

SHA512
c10396217f97928648f4cd1dfdbc3012c7bcec86ce313e99f4a57f21ef43e29199bb2d5fa1b7b3ba2ed86c1f900da0c2a6f2f4f5964fd251746d98da8b9417df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
185KB

MD5
3a48a0249732deba41b6d7208a50f111

SHA1
dc57f53ac6e5e02f79476874fb2862ea1c59ac03

SHA256
e7f29041f5c11dae9f795528f67d5ee80df8e8244e21b20b83e4ada0452bce44

SHA512
22caf0eeb8f5282e554392f8724fb74bbbe5605ed1d5a0b16218a7c20175e57d4801c6f480fe8dbe3ff40fc88e858e333b2d8b2f8f37ff73079ef4b29d561387

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
185KB

MD5
49b839a5c9721e77512cc8e106e3fa57

SHA1
ae811c2d82c724451944d755e593d34822864e6f

SHA256
c4626aa1f58860c325ac6e976b192e64dd38723cfc79d7bb0db4023f334cb2c6

SHA512
6efa9ba7e737ae88f907b1708ed0836a18df0ef7f5b1c18dfad455c953626840f14d7ccaf5aaac9b5f6427f74a953bcf0aca63b7f92e4a32b81e82e01c38eb61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
185KB

MD5
4853c59a23e6b084314cad726390ca44

SHA1
72b90206d7dfec07aeab5481b1dd90eb9389f3af

SHA256
caf62d0e01e974d7e0431059bfb453dbb292553c4fc1de1f8771d4299c7b7ecd

SHA512
88fee1e96d654ac1686539d05d3c6f6790f716100611df4199c749a50d2345a31569004cefff6fa3da84ed90e787e91d9af7836f3817d432229ba41002c63298

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
185KB

MD5
7542a175b3a650eb2d8e309f5e444933

SHA1
fbfb88a51e659691c49759e203fea7511f3edf00

SHA256
35608233bc86f19df5beaca83466d4c3f1ad4bbb8d01db406e3f2a5bf2e1caa9

SHA512
6f7c5630b4bc7af07d2af79288aafbadf08ce7e7af2f8c822065930aaec0ca8cdd8ce1dac0477fd5a3f552883f0c81d299b31cbe4c1f81284b5e5e1515160eb2

Download Submit
C:\Users\Admin\Downloads\slinkyloader.zip.crdownload

Filesize
17.4MB

MD5
efd88c8bb5f2cf4f992f8d9069cab941

SHA1
f395f08785ed4309df4619cc77ba10395ce851e1

SHA256
a964201b566632ce76139f1a34be92a4d9c8166546426d64a6b1795cf52669b6

SHA512
8ecc5a44c807cd4406eff3c2d9279b3239588b34472006488bcedb5932e370d1d44c29e5d60440a2e0a88a24c88e3c5c4c127c89fc9a469bd8b74b780596c5fe

Download Submit
C:\Users\Admin\Downloads\slinkyloader.zip:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit