hxxps://www[.]mediafire[.]com/file/6bcu0280wb7kt6l/Shark_Predictor[.]rar/file

Analysis

max time kernel
209s
max time network
212s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
23/07/2024, 20:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.mediafire.com/file/6bcu0280wb7kt6l/Shark_Predictor.rar/file

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133662389914030683"	chrome.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000bf385fc808d2da014ca4b00e0fd2da01000ef0873cddda0114000000	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Downloads"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Downloads"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\NodeSlot = "2"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616193"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 14002e8005398e082303024b98265d99428e115f0000	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3728	chrome.exe
3728	chrome.exe
5816	chrome.exe
5816	chrome.exe
5816	chrome.exe
5816	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 39 IoCs

pid	Process
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3408	chrome.exe
5228	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3728 wrote to memory of 316	3728	chrome.exe	84
PID 3728 wrote to memory of 316	3728	chrome.exe	84
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 412	3728	chrome.exe	85
PID 3728 wrote to memory of 348	3728	chrome.exe	86
PID 3728 wrote to memory of 348	3728	chrome.exe	86
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87
PID 3728 wrote to memory of 5056	3728	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.mediafire.com/file/6bcu0280wb7kt6l/Shark_Predictor.rar/file
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8f5e4cc40,0x7ff8f5e4cc4c,0x7ff8f5e4cc58
  2⤵
  PID:316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1960,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1956 /prefetch:2
  2⤵
  PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1924,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1996 /prefetch:3
  2⤵
  PID:348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2268,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2280 /prefetch:8
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3156,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:4388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3164,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4676,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4692 /prefetch:8
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4976,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5140,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5280 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4708,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4980,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4764 /prefetch:1
  2⤵
  PID:3120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5484,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5500 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5628,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5648 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5480,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5788 /prefetch:1
  2⤵
  PID:3832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5532,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:3692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=6196,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6204 /prefetch:1
  2⤵
  PID:5124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4776,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5612,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:5404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6400,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5520 /prefetch:1
  2⤵
  PID:5460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6388,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:5472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6604,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6620 /prefetch:1
  2⤵
  PID:5576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6748,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6780 /prefetch:1
  2⤵
  PID:5636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6896,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6916 /prefetch:1
  2⤵
  PID:5692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6584,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5840 /prefetch:1
  2⤵
  PID:5748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=7164,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6592 /prefetch:1
  2⤵
  PID:5860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=7416,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=7420 /prefetch:1
  2⤵
  PID:5900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6544,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3568 /prefetch:1
  2⤵
  PID:6120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=208,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=7048 /prefetch:1
  2⤵
  PID:6060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=7240,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=7112 /prefetch:1
  2⤵
  PID:6068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7028,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5880 /prefetch:1
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=7312,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7432,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3356 /prefetch:1
  2⤵
  PID:5908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=5828,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4780 /prefetch:1
  2⤵
  PID:5892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6428,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5584 /prefetch:1
  2⤵
  PID:1404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7616,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=7488 /prefetch:1
  2⤵
  PID:3480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7864,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=7888 /prefetch:1
  2⤵
  PID:4292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7368,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6608 /prefetch:1
  2⤵
  PID:5412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=7056,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=7228 /prefetch:1
  2⤵
  PID:5420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=5988,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6760 /prefetch:1
  2⤵
  PID:5440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8044,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=8028 /prefetch:1
  2⤵
  PID:540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=6184,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=8020 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7372,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6392 /prefetch:8
  2⤵
  PID:1512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8128,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=8104 /prefetch:1
  2⤵
  PID:5928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8076,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5896 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:3408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5848,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6060 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:5816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=7232,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=8196 /prefetch:1
  2⤵
  PID:3896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7924,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=7948 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:5228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=8132,i,17076838681337537879,6949835149339592734,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6412 /prefetch:1
  2⤵
  PID:5980

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:2496

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2268

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
267ec1204c1ca23db661faf3efcf4188

SHA1
c38fece46ca393272c275f23868edd89df3d5ee5

SHA256
ded2f77d529648570f8856eb5e6199c6e55deb089fcbf175abb00a5c95e78f9d

SHA512
a5e0e4ee5919be9989bc82e0401e2695491ca49459c23476f832be30c8d88cb2f55e2f56b850e6e1c145e65112420426b7bd13c8b406ac12532abc0d66800508

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
901a1d4c8f2050f301e498780cc916f3

SHA1
077380410451baac66e28a93df4d5b056bab62d0

SHA256
0201f4ffd73877cbc7ca1c31c0cffbda127d3be397c683ded6f11318a46e9221

SHA512
fb5830c9f371a1cb4eb019993e11371a4796ba9b3698bf26dd8713de3e517c777b18e9cfb82c75bb8f4f767581ea4c45f7177b2d13c699f88bea61e3d386bb66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000046

Filesize
156KB

MD5
672e537a142db45b3a390174f6c0156f

SHA1
2a52276eaac1f56b3f64a15c987b1262afe271d6

SHA256
b76c2a4d4fc17e5a20d280a874e5338119266c012a2a04e66dd415b2859e3975

SHA512
ddd7e4e2b531e951e7a8f072a0ae4eb281e1c897388582418568b84d3b01594540bf32b700e946683f14245322e58b5dc8cf656e82859e62dcb8f64107f39c82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
1KB

MD5
060433855ca28325559e05b9658bd330

SHA1
24defbbca24f133c01c3d8d6c29c2d5020eb44fe

SHA256
1281cb69b0e5b82950e85c77fd7c9b550f6b2cd57ee61f7f1ceff52ecda2dbea

SHA512
a2384f283dab7a044c26ca7e4b0752558af9e07f074387e45d85a7a42f7d73a6707c6c3baf561253be361907c8be4a94cdd5914fd30d9e4bfe9c4be3776da29d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
369b37df9debd95803d64550c9479577

SHA1
68f82dc8551919c84092bc322c2e38383df04cb4

SHA256
2e955973ff3dc96facbe52082c5f45f975217ed3d4f34e3f07a4184c38b8941d

SHA512
f20a4b4a394c9b0c8384b61695bf0c961f01b20785c1ae1c8d5e15145eb1b0bf7af4736051582d57a3ddf1e6ebf3ba2a179da546317e204a80aefeb5c7c2e891

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
b3a8e2ac3a3904559dfd348c4c38ee2c

SHA1
c46165bab91f83484699588f3c5a82da7cf8b74a

SHA256
f49f25be841a78fd28bdd34340233dccc76e5ad608c098dc077ed9b1a756cd1a

SHA512
1b5db4856149d292a242373108700763aaad7d8a9be8b3fa8db274a533a0d86c653be251142d4fee089d380bbaccf8dddcd432ad14d248da68538c64844d5c9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
20KB

MD5
b9d83346ccf28e633c69f9a08e5f5bb9

SHA1
b551d6a86f342bdd3169833e0717e475674efdaf

SHA256
e72fe77fce9412433478125db90278e485f51f5e88953d5fc1d1f5f03ab9e1c0

SHA512
acc1fe99e5b2e269081bca763feb40adb45a372926adf8fc8a5dce9276dd721eca93a0b3755ee3ad478a9f17fe342084dd2f2952932f65c2af99e1562874c4c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
4b9828d44b990e7cc8ac720443236f36

SHA1
14d659ec6b83353063dd52ea7852241dc854052d

SHA256
789c787e3e7604fc152ca62e67958af8d8b8400693ddd2e2835b314498587c0c

SHA512
3f0d4331daf4d9a93c9e2f3f31c72c697f7ab9e3d93c1b9ed15cf1b2df63ad933e7e218519d5db74eca1cf235a5232884fc513e516aca0b285e625136bf651e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
af31e70f681b908aaed0438a648f2a90

SHA1
73584f216e2a2dfac38289b191ec30e0a72230e4

SHA256
192ed51eb1fb4487b0ddd148a9ab5762dad95b8788d14b993a954cef460096cf

SHA512
03da8d15525fd8c9f65fdaa32fc21c58539136b8bdc6a3f16b731b5a6e0f8541577de2ce660c5c8e18738b61bb58a4d3416b26bc771202011f142a77de0cdada

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
b2716f63154edad4ab8d2e4000a84d85

SHA1
e0ea2c5e0c040cbb5a2db464dd92cd3e4f9fd7a3

SHA256
14be8f92e56b5ed97b6ddd490a7f988a4fbf720e9b408a7a6f3e53c5e0565b2b

SHA512
b7c602ae2fa657296c8fd53f6d0a9f8ecd8da907e71ba6b493093e9612d3687e115112419b018f808759105ffcc4f44488a00d0e53d4c5cb3c032551633e857c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
3ae284c33c7fb3eb3ead98d1d1c85fe8

SHA1
45dffe6b7a400a7c1516b81a71ec93329729d127

SHA256
53f068912956b68031105e68886a83dae42b1311fa184276e84d3792bbe89599

SHA512
dcd3d82493c988f552f6bfa37b79e45dbb6f56ed4e5dd51eea02beffbae5cb15a2c4173589199698a50f96f930fb53a50af9e1a6236187d0d777e596213b77e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
a45a179b44c255a003de55f34b420028

SHA1
330627e71c26e2ab7e47e4461648a30c8f9ea324

SHA256
5f2648df22a5e48c9a00475a67729614032930d921b2c4c13e038d8b6dc195ac

SHA512
45280db7b5b570ebe6f13d47bab42ef487d871e7bf0fca67958c34c90fb49e19a8b048d1836da307fe9bdb81e8426e7f6f80438eef94f12c82095e2b650f759d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
c01dc28ed4ad6df93cd720008bd97dc1

SHA1
fa53f29e0ae4c60f5e93c7b9ac1a02438b8c76af

SHA256
e5f8abe0d31150ef0a4f20c6d37d2a12f2d1ecc3f1ee2b22238beb715811e8c8

SHA512
d67dad9c9db96838e52fd9d66d300a203b7e174e8ed652a1fd94dd2d28edbd6941abeb1a5a7dc393e84f266b70809246dcb7015ea266e197d378f27c371706cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
675dc1b728bb79605456cd15818ea143

SHA1
c397be6c21b6c3d1bf09dbc4ee14e22adba54e19

SHA256
ad089767a783698d0d0179258fc6eddd92393695fdfa03f4cae31d3e23635d6e

SHA512
fe0d2a081b88016ae3fef457afb70e5dd32ac02b6121e87fe864653994da5205742edfd887359eb1cb350a85323af661be41b19628749bce3ce5ab0af7feced1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
98336b6bab30bb68eae01ba82f111d4f

SHA1
592f8d0f5ab2405e6b78558c506eaf8b2e63e059

SHA256
858ea5d75814b6f29d0b1a334b5795cc09a6e8efaded0793bd780c330ca554bb

SHA512
ee3f8915f52a8ac262ada00a967112cd1c994568a8fe82d054de5bef5501153167e49568540240b8bb606ef998f2cf1d67ebdcb77022152b6db73a8fe636e422

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
683aee7482362343437c7f6b8b5ea5ed

SHA1
994448eef50163878c7aa5aca8da66edaa2f640e

SHA256
a0e6bbcf0e9b27ed459ddb4128e32cc84b7045e473b1251908e96574a2b5be9e

SHA512
63a3190038329c1e5cc8af019748a27cf21fe8e353c0d1b45ce87ca808f45b90119771723cf7d2aa30afdb147c1c12586d489de936c97a371374bc313b6d1053

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
10b12d92860da2cdaa8c8138026887bd

SHA1
bbec1e0d6e7abfcab36d57bdfb8aeadcbc27e142

SHA256
56dc3f35d25dac00a88c790e1a768e251e5512a92f9aa050e0f561262d9adb3c

SHA512
ec6f7b299f5a0c04c8eb0249c37c6ce475277b3ea9fe342b0bdbc1d7e2e132d8ce7dfb900c8b3a599a02d365a18aa03688805ce45a9e1fea5b75ab8e5ad844f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
0d38c4131bc3fcf9e0b2af787b2ee9d2

SHA1
554b7fb705e4b6809676b0add01dd120683261bd

SHA256
1277b4c5df9e0c841504d1c19e4fff581ac4fca74b781c62fb246cc14112d148

SHA512
ae289b83ea5334d8c3ab13f32c351a0b1e4afe83a98823969e165439b60497929de5ed0afc2a46639cf3e0ab62a0dee2a44a6aff691e09d7a039bcab6a373dbc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8628dcecc3c148d3d192907ae159f00a

SHA1
dcfac09ae13181708cdd14eefde2371212ef0a44

SHA256
219a5f14392adbabbd46277d2baa39c06ba99cc5b23fe354b767cb9fe9474f77

SHA512
9921dc458f07eed9cad55d79b69debbf58307ebaf13bd4c364587f32715de32ca398fa0f2609a717cf10245ee6c90b07563347b009981cf7e0b6fbb94cd5dd81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1075e8874442b0aa6665be00f37ed559

SHA1
61b52b6386deef99bf2df310eb59751dfcbb9676

SHA256
9f5e6a026bad53c3ca9d727336b6cdfed7550942a7f62c9de23948e6646d4d9e

SHA512
adcff3025c116de23995b741b335af4ab65207848a146577d3fa2fd0f493e3e2c86ec252c242c3b5e1dbd311a8ce8f7305b790cd2bc814a3e55cd155bb135798

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a5f424aea259c791bc8967a041fa27a1

SHA1
124f6ad2d882934e465121bbcc90d593f3fb3769

SHA256
d19bdcf073b6ebae4db11b498d2b32f71dc72dad5182f3aa384f70bc80ea6054

SHA512
9bdad80b71fa1148fc5207a3c5ac9e98ca0077cd5d8482e7f1a4fddc3b9f4b77d94280a4b3c7d79fe2bce64280c999ec2189f2de1bb22a6728965781f2d72935

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
fc2099fd56b340b190dca1766c4a38f0

SHA1
e5835b2692ce707d062a2d68f5859fe2e18b4eff

SHA256
a824e38e01945898e3d10c7d90419f237231064aa7867dca9421843f05b2db9b

SHA512
cc0fe36d9106d994ecfa81764253c646a60aee87b8f657aecbfcd1793a5653bcf8370b730c2b5b1787d707c5c9fa76a6196363512fa28446c8ef614df1eb8352

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
51d101f1a84f3df047e101004c677b21

SHA1
d917358311294cb74b41423f3978d93cb0709c47

SHA256
6ca6cab17d9a31ed96ebcc2d12d1e6a00be21e6d1a61d5f171247d1104eec141

SHA512
efe820eede4126bf92b8ffec4c0a7cd27a9e58108190b09864e74dfedbb80b74c7c417185ecbef07bce3f26d04a25672d5b4a0fd1046e9d02745cacec09edf96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
829c8dccf81cdaacfced836b57691782

SHA1
3d80f4c5af3427b3ec32b868008cec815ba88eea

SHA256
0792a96750bcfdcd05b7a4a11f2d8d50fe41ff6e13989936013c862f8bab5c9f

SHA512
ff39e8fa39ce517265d33c4d32d34a54202ae9009d9d8ea4c8a08203b59d60e2131ab8561c209b2c0f18d2991391734f6a4fb7e79cfc378aab4878deab929f04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
0afc7c56e4fd0ab8f7a3a93b4bca1323

SHA1
07d8875f6e844feb2a31aab2747ea3de4b627d1d

SHA256
e5a70ecb3259d70f430e9f9b09afe7cc5a12da5a56062896addac4a1fd808ba7

SHA512
5b13b621a50537c87c10f07404ea5795af533c86a2c14d036f7368385313448313fb91629150e16c47f3cadead1b6505f77f2559609dc179b52387eeb91c667a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
e16529596f24c1bfc556ed83d1341ec2

SHA1
348cc2484faaae524ccb7511c39a499212f649bc

SHA256
9ed990bc515b26af5a137e441b585e07ce58c4b890b62646e1837d358534d8ce

SHA512
66fbe0bf9e762c413e01886e2eb17b353e91e37f996f2e315e872a615485543c17565cdc27f0eae8930d67fbf707f4ce8fdf37a3a95d9f88faaa11c7ff01c647

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
44da3a69ec1527a23d32d001df827c65

SHA1
ac7bc12bbdce92e59eea86ae94933dfe35074346

SHA256
28ca52cad710b2d1298561b303b4a3226d67750c59274baa205facc2050dfd97

SHA512
f1f3aa241e29c4c29184ede098d2a0b58f224c210aac887ad8e4a88966c80472d20d0eee7c8f09119f8e781e013480b368682c824629418944a94a66d56f30af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
7243ab5ad5276bb7948ac8b3ca0f5153

SHA1
c7876742d3dae1d220afce4265ece2a990e37e20

SHA256
cbb18af365b2121408fa4efb6ae6798f63aed801dda5f784b37ccd62a58d807c

SHA512
a8dde48eec6479b97d25008a1473164de66b6f06c647381d2e2cf66946ae44dc598370454826d36e18dccddba68777186c3bd27cff958a0ad002a53372b14f6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
fbac56a2e1879e1f4b7e7ffd4e349fc8

SHA1
757935bae43f91fb36216a2014bf63c01edadbdf

SHA256
2fee48d217db18edf021f9bc03486004fffa6dc1f886f070ce6043e164897c7a

SHA512
30881fcd469322251dc5811e4f5d9df9b86f2db55b9180a111c1c43d5679c5a787208913e7df1eb795b1fc0eda3207a58aa82be5045f923019731f2fe8a3d894

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
de21eb06d9240db617d708753356cb4f

SHA1
8bf66264b8146d00c04c8d61e5b25892c6261104

SHA256
7d09bdddd0d4bfb8724e8b74ac3839bea7d7670f70ee52bce3fea8196124437d

SHA512
0e94dc03c9bac87767781485f7843352a45b6bc65e8d512696cb29351ce148cc6c463248620d54f005dff8463e48b407509fff87076a16109dfa9ef9616243d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
a5b31b0755cb4f7f3ebe43cfd90f0fe3

SHA1
df7dbb7a54ff0be9c853895d6bfa1fbf1714ae5d

SHA256
33cd5b78dff6aeca88c18049e639b1ef667b0bbdd6236428c3271f37f8c40eb6

SHA512
01439e1744c7acb403c5a5db94283ebac9fd599c781738f674f58870254bfd49399d8475eb2763b515dff730d76c0bf32c8e5b01b0a0938737fafd184836c30e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
7335cc99b661b4f845bea28147d120d8

SHA1
48a9cc9b719b9c71a578eefb0ce2d3192886c61d

SHA256
1988342c5e4f0a06b509ccc488a34b136a30e8cd34fc644218e4d66070458884

SHA512
06bc138464de7ba85fe1f2db91a9790199407115c33079e44e9f9f3bb07124a4967f3a4e121b219089e4eab58d4361a75ba753cfb219b912757c0e448a7b53f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a5c956b4-bb1a-41fb-b34c-5bc03658cca6.tmp

Filesize
10KB

MD5
1dbd163df9eeae929975f2aaf5c08513

SHA1
5a87b924902b2e9833d79af590061e539198e35c

SHA256
885ee94c850f30561f48321244c5078d49e0042c35fc33e2e5b876bc4058fde5

SHA512
211c36000d7989449326b2c963990778960a3f4fd013357bf93c82b68bfa7a2f562abe61589b8850d6226d48e363a9951975151e91562e97e94eca5069c6e1e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
d62f5af91749a9125cf7081d84c4f2cf

SHA1
ba0c7ba76731d69ee643e36bf9d39d16a6641582

SHA256
b118e797c3d80cfdf3cff9ca9e8f8cfdb4fbc418c9f39773354d742d5d3ac510

SHA512
dc15dfcc06cda7656d76dbe3a4d4254a9a26f7d518e3bd81dd1ab06186502ed474d8cc10f78bd2370a1f45b007eef6e0bce35853a6e4bca4c94daccea2e2d4c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
b95fae18d2d09809ec10fb6d1f7f53a5

SHA1
ed834daf653a3f3f4625b048f63207083bc0be8e

SHA256
210309db2d29e8244120adea00192b0f076342d42c01f88b7ad38e4d96d88834

SHA512
1c6b5a2691287048f80b765b6a11ecd644cb61cfb1053dd02fdfab6bc8132fb60c3a006fae087ebad1ca57d4005760e1d306968456eedc007170dc4323cdfc54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
1a1d095742a51715f0473e8fcc115425

SHA1
0eeeb6dee9fd6a4ee0a747d3ff1802822e4a3feb

SHA256
2ea108ab634ebfe0d28520c598e2874bcc26610794d607e62c12505632796b3d

SHA512
142e2ee8a302e307c265ff848d90000c5eee39c86f71b528c0719163b2b1310be16d2bac68e5a0306a8f8a031e47644c186f3726ae3c1a12a6b3f3535d754d31

Download Submit
C:\Users\Admin\Downloads\Shark Predictor.rar

Filesize
32.4MB

MD5
b1d70a351ecbdfefe818def2e9a9aefb

SHA1
6c710a3ca4bc4a7aa58931191d50184138640445

SHA256
fe1953bf3cd65b67d8be639508a6da8c95b8c44c4bd38a56403cdd621f8956ef

SHA512
b8749c00c6a953e65a11b2bef1e40d74a3bf2a745d8d72bd090628e5f9345ea0a26db375bb5ff4016fda4510174430660d0bcc0c85cedb462e953aacbf01d9cd

Download Submit