Analysis
-
max time kernel
131s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
03/08/2024, 15:28
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://google.com
Resource
win10v2004-20240802-en
General
-
Target
http://google.com
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133671726106662635" chrome.exe -
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2170637797-568393320-3232933035-1000\{51944BDD-2DF2-4399-B283-2FF56CCDC2C5} msedge.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 1584 chrome.exe 1584 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
pid Process 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe -
Suspicious use of AdjustPrivilegeToken 10 IoCs
description pid Process Token: SeShutdownPrivilege 1584 chrome.exe Token: SeCreatePagefilePrivilege 1584 chrome.exe Token: SeShutdownPrivilege 1584 chrome.exe Token: SeCreatePagefilePrivilege 1584 chrome.exe Token: SeShutdownPrivilege 1584 chrome.exe Token: SeCreatePagefilePrivilege 1584 chrome.exe Token: SeShutdownPrivilege 1584 chrome.exe Token: SeCreatePagefilePrivilege 1584 chrome.exe Token: SeShutdownPrivilege 1584 chrome.exe Token: SeCreatePagefilePrivilege 1584 chrome.exe -
Suspicious use of FindShellTrayWindow 27 IoCs
pid Process 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe 1584 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1584 wrote to memory of 2832 1584 chrome.exe 126 PID 1584 wrote to memory of 2832 1584 chrome.exe 126 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5216 1584 chrome.exe 127 PID 1584 wrote to memory of 5232 1584 chrome.exe 128 PID 1584 wrote to memory of 5232 1584 chrome.exe 128 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129 PID 1584 wrote to memory of 5300 1584 chrome.exe 129
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com1⤵PID:1612
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --field-trial-handle=3936,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=3944 /prefetch:11⤵PID:920
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --field-trial-handle=3940,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=4204 /prefetch:11⤵PID:2016
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --field-trial-handle=5384,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=5380 /prefetch:11⤵PID:4988
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5524,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=5532 /prefetch:81⤵PID:3296
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5536,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=5696 /prefetch:81⤵PID:2916
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=6052,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=6068 /prefetch:11⤵PID:2424
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=6244,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=5064 /prefetch:11⤵PID:5056
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5020,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=6204 /prefetch:81⤵PID:3100
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --field-trial-handle=6016,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=5444 /prefetch:81⤵PID:2516
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x490 0x4541⤵PID:1212
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6428,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=6436 /prefetch:81⤵PID:3440
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=6584,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=6600 /prefetch:11⤵PID:60
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=6392,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=6808 /prefetch:11⤵PID:4596
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --field-trial-handle=6600,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=6620 /prefetch:81⤵
- Modifies registry class
PID:4176
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --field-trial-handle=6664,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=6640 /prefetch:11⤵PID:2984
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --field-trial-handle=6384,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=6840 /prefetch:11⤵PID:1780
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --field-trial-handle=7096,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=7120 /prefetch:11⤵PID:4616
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=7300,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=7308 /prefetch:81⤵PID:1000
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --field-trial-handle=7356,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=7372 /prefetch:11⤵PID:1564
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --field-trial-handle=7520,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=7516 /prefetch:11⤵PID:552
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --field-trial-handle=7864,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=7876 /prefetch:81⤵PID:4556
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --field-trial-handle=7872,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=7896 /prefetch:11⤵PID:3264
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1584 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffbee84cc40,0x7ffbee84cc4c,0x7ffbee84cc582⤵PID:2832
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1856,i,15913987633076721448,13454604070017360735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1852 /prefetch:22⤵PID:5216
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1948,i,15913987633076721448,13454604070017360735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2076 /prefetch:32⤵PID:5232
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2300,i,15913987633076721448,13454604070017360735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2484 /prefetch:82⤵PID:5300
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,15913987633076721448,13454604070017360735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3168 /prefetch:12⤵PID:5472
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3328,i,15913987633076721448,13454604070017360735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3312 /prefetch:12⤵PID:5480
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4544,i,15913987633076721448,13454604070017360735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4600 /prefetch:12⤵PID:5736
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4720,i,15913987633076721448,13454604070017360735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4800 /prefetch:82⤵PID:5876
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4868,i,15913987633076721448,13454604070017360735,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4812 /prefetch:82⤵PID:6004
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"1⤵PID:5672
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc1⤵PID:5948
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=7904,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=7984 /prefetch:81⤵PID:624
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --field-trial-handle=5588,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=5584 /prefetch:11⤵PID:6116
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD52631eb659c8a5b00be36c2d7da4ed412
SHA1e082bb9ebb2e4667f9d904221f413a3bf2e4242b
SHA256d6a5a41d323a31469013732ff92679257f10196ce63c4a7b7bb3be0d1355e7e9
SHA512da346a9c36341c7680ebe0449e225d8f1ad5557b1c85d3c26d2c7745ce44273b45df8c036283e6f60f57f6f763cf74c47bfbbf63c980f1422988eed64bfc66b7
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
356B
MD5825fb5e1183c08c0e22c6fc857092bf5
SHA1f51c0794c82d26e13a599e2672ab56de694d22b9
SHA2561f5ad0f98f1c5ba0bb78248274f093240c0eeb9016dfa13fc457c22297c1fd23
SHA51237b4eae2799e2a144fe1ff3ff129a41176aa0be787c05258c11a8e39c19597a7733dd9d1eaa451cd029064adcc795e5d63446eb01995ca0f62ace6dd6eba625a
-
Filesize
8KB
MD5b175092a12a3b59ee77a1681269d02f3
SHA16f2a3b432223adca4e3813bbe3a6bff4f8cd8448
SHA256a1417f2ecdf1278a090a684d1f103d32710d181466b8ec971f63567736aae9eb
SHA512f1f23c9e2d89ef05bac6217fb479b5fd4e8839ecc0c2913f3711dc946a4cc0a32b33dd11f6a9c6a7d834ead1230390ede69f32451d64eab0388ef902f461c2ae
-
Filesize
15KB
MD5f19d96f695ab957e153841853d4b8b79
SHA18fd98d9775a08a5cb273dad4b6c41e650910cd7f
SHA2565f515692e5677188dccdc3f44b179d72741cc99e13a4c0991650831e8f28268e
SHA51238e4a2ba6dbc0a5d7340bdfc1d9c7d4c1e8a07d5fa294cacf6c56015334260867a4a40fd2c5ba056e00d80f145809c3245476b414d64764ccb8a323ce066112b
-
Filesize
195KB
MD5a2438fff3a8d92b7de49f09cb87b02cc
SHA1ff9fc9216dcb2f9a287dbc0f2a8e66d6b7a75b69
SHA256369849fca36d61ea4bfde3805520c8546056893b1acf4c66fe51b03e20f35851
SHA5121d67c8e1d6aa374111bd9ab50d9b597e0bc6ddc93ac95f1b1ce76daff9f5310dcf446757fd04ed55cc1e1e784d56b657808c789dde89cf9077cd39ee095c9385
-
Filesize
264KB
MD5f50f89a0a91564d0b8a211f8921aa7de
SHA1112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58