hxxps://github[.]com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master[.]zip

Analysis

max time kernel
299s
max time network
302s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
05-08-2024 13:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master.zip

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133673398535404474"	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\The-MALWARE-Repo-master.zip:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2376	chrome.exe
2376	chrome.exe
4256	chrome.exe
4256	chrome.exe
4256	chrome.exe
4256	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2376	chrome.exe
2376	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe
Token: SeShutdownPrivilege	2376	chrome.exe
Token: SeCreatePagefilePrivilege	2376	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe
2376	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2376 wrote to memory of 4988	2376	chrome.exe	82
PID 2376 wrote to memory of 4988	2376	chrome.exe	82
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 1080	2376	chrome.exe	83
PID 2376 wrote to memory of 2300	2376	chrome.exe	84
PID 2376 wrote to memory of 2300	2376	chrome.exe	84
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85
PID 2376 wrote to memory of 412	2376	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master.zip
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffa09dcc40,0x7fffa09dcc4c,0x7fffa09dcc58
  2⤵
  PID:4988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1760,i,15719566853191276553,7519016100477629367,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1764 /prefetch:2
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2064,i,15719566853191276553,7519016100477629367,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2084 /prefetch:3
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2108,i,15719566853191276553,7519016100477629367,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2340 /prefetch:8
  2⤵
  PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,15719566853191276553,7519016100477629367,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3104 /prefetch:1
  2⤵
  PID:4328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,15719566853191276553,7519016100477629367,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3140 /prefetch:1
  2⤵
  PID:3676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4796,i,15719566853191276553,7519016100477629367,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4784 /prefetch:8
  2⤵
  PID:4640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4920,i,15719566853191276553,7519016100477629367,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4936 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4088,i,15719566853191276553,7519016100477629367,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2632 /prefetch:8
  2⤵
  - NTFS ADS
  PID:1008

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3036

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\27f7dd9e-e480-4d50-ad8c-1e3676815a86.tmp

Filesize
1KB

MD5
71a6124b1bcd48d742ce24606021afad

SHA1
9e344ce88cd262983ee71585af6672a0376f4b81

SHA256
6ae59f9177caafaa382822f83637e45da82fae9387929dfca3ef12136969afff

SHA512
fac1af645e49b5efb6703d66abd77b95ea21d0afc890b7aa6c36bd3fa5af0afd342e5bcf6223df998a82280b74caed9f78008011e065529bf78b5f4aa57fcc61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
8769aa48d193613cde6de3550e1568a0

SHA1
8215dd8169fe518f31a5e5c3d268f74d0f68e191

SHA256
af05883a4d24a7da36e58ca6acb78da8e1b7bccf73ba54a04299aa21e4f1c7ce

SHA512
ac6ec56012112b4f966f3366251557434f294660c8ce4f1a563bf2b1d40bb0bc3ef4707120caf35270803e7380a27bd353ec522676d75dc30942416fef1352e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
090274f1f28056e764091ad02dad4b1f

SHA1
95198f8b3de2da91caa98c8256cb8f5da0e4a250

SHA256
64d8c4ffc7bad8dc0f6033997d03948e098a1c9b7a5508a7b1e0d695f4f8856c

SHA512
7adb516fc885bed0657c8d027efb6018a191ee528389659475ac7ff67923c1de881f6502b982adacf83cb221f5c943bb8f51f223dcdcd8b45e916335755fb7a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
fa9e8a22386c186b7c75b060ed77f042

SHA1
01565d21b35a03ea60be1791fd522c34c0671a46

SHA256
3fff31cd1e5a188d76058f5bc1457e7dd96ff0949f95a8e17cd5ae079fb7a20c

SHA512
8bb0853bbe789feb4e561f17a5321e67523f7f1bd7190ca5eb2ef07bacf0886953c1aab2ec3796fcdf70a6c067ec915d76c1120a8874749574c5a14f40a6ec09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
acf47eed930d29d858fed9a5896f4581

SHA1
342345190a92b19f012410d33021111ebc043c9f

SHA256
16744fc15d5325b31c651476ed35f42c52cecf4996260cd22f7b45e124cd0b9c

SHA512
8921e57e8348904358c057e68627a03735b47390e2b87ef5c90b60b537327b511a52f854c0f38a8f081a14d70aa689fde24e056f0fe8cbdf8e1c85be96ea836e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
b987b3d9eae332874fe6318169cebece

SHA1
d54ec9c2d590b4cdb2fa69b3ed14dc3d18b17e0a

SHA256
c7b9daa87274554b7bde3e942560ec167f264d1498ec8b7705d75a6adb1bca99

SHA512
773feee22065f060d7685e0b04f4509d50ed60ce2a8ee6caa0596a989404827718aba0da180da7395c5f50f8745f9284a4274e3a2b5affac5dc8cd92775aeddb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
e29775ad1a77e6ed18b03377bee05cef

SHA1
ba3c82dab28f5beaf8ecf0a745daffe09297e24a

SHA256
1e72be73bf64135d228190ef02d64bfbd4467f1a21d8f5056202a24432629d64

SHA512
20010e9ea49ffef783cd39972aaa8710db5a2997e127da82735669deab84c851657c5f68d73e89e36131217b69b896731ba2ddf998be6917577cf8df080ffd84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
f6b32a93c3a395251ab5af7ebc3a693b

SHA1
7066f6f4b90167b182cec085755c090fe450cca1

SHA256
e148acfb0aa6fee7dd22a4ab6195b2082d551ed720af04ba00ced3976f19acab

SHA512
90a0f9671df471336a1a4afba6a13b1b08065e550ecef15fabf9e98aaaa85051652104c1e14256fabe6239e1157b3c641dd8e8293954579249dbe031033d4bb3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
98bd76e608c36cace9ad1635f2f30f59

SHA1
5858b8a9689601ace69307ebf107928e587d8007

SHA256
9782e7942f0955edd93752d0011049f82dedf2551998ca1c2cdf880ee95f51ca

SHA512
e0288caf8d1c55eda72cecc146dd466417ea66182a2b2433eb8be8e1b119e8a3181b6a3256323eb320582a6dc20e6e4183a9c1eb78b0d21be18ce4c09100c4ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
88a3df82fe6419e11add842646f34543

SHA1
25c8ddb8a294502de4cc4580d1184b8175495fb1

SHA256
72f3490bf765290fef082e89b50968f3002129a09dc2b2d5707a576b21574428

SHA512
0306fdd52896bd8eafe1b364df8dd944faef20bcb3c3688cc502ebb9e82f6a32199655b305f1606ff12c0404d03c98090b64cbeeb06b47bc3e002a20b310df01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
29689e360e338d7d275b6053822f01f5

SHA1
9929a734ddcb4b0f1464be9f70b260b08ab6f247

SHA256
92a4f593cb3a711adc590fee6d605110de935a574e8958cb2bab3360b749c008

SHA512
ace8336943d81223c7233b43839ccf3338687fd03021a640a28108c743f183d7a2e4b21ea446dd861918a808ee50a3059e5e33b672421c137ca890c9b69cef51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
4022e20358d231a79e63db8b06a621d5

SHA1
d55250eb68c6d5ea4edaaf9d61d90ad10353670d

SHA256
4f3548d4704c0bbeba49e849fe9bd551c2c8e5bad2cc2b81727911654cb28845

SHA512
89c34f620f30ea9806bfcaebcd27df3b5394d2c1cef355c1f9a6996af893770233e6c892768e282787a8d14e1e4318ca294de6a17c003afa73529edd01fb1627

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
8d3a22b7df39690cf7cd499fb4bf74f1

SHA1
caa7d2861a2526959aa4dd67af43bf3af3beeed7

SHA256
ad52869786325c7c74dfc197a62a000162cfcd663d1b84bcf3a2a46c4f465b9f

SHA512
c59985d148cf444435f29f5a936f4e160693919ffc4b5f30a5e6312678473d6b2bff57b06541e6d6b6e9edddb0210971234bc9f7d4258d6d5b0d317914255913

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
c070a78e7e0380204a94fd250fd37806

SHA1
31119b447392a8412335a4f075a311a6b85b7e71

SHA256
1c8dcca25f4d6f841f75233fa4dcd6a6485adea04e0295a5664a96ab14a09c86

SHA512
f83a8934f4f4a254833ff5f888ab5eb38d6efd100ee2e57606abe7de88621dabed8d1fd32d7d930c4265e1cb51d98d1bb9071f0c813e7bce20a8698f44832409

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
f3f0bdb3c78798f3810334a49044f1f4

SHA1
48a8bcb5a90f0d99ec03d58f18c0674fe6256988

SHA256
36f34ba780ab139012ec49c5455b9410d8903b0f111c6360a2c8bd21411fa52e

SHA512
eff2fd353a076bb5a3dc49939e7d65a1941973112c656554387290291a4f290fead3077fae7b0fdceca0ba7581fa286d1120b33e17b7a48079b4d6fe6b3a3623

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
9ec0276ed434a64e09148af9e27c9c87

SHA1
04f9b397d8656cd805b46d3e6978b0d79db4e37a

SHA256
1f8ff62c53c762113c18817856fc6da19bc85a449ff0d5a16d53bbff20355dd4

SHA512
7d95c66cb24adda07c628324ba6a8861f13243e6e3ce534f6927b56beb5d2857004b9b0e9929a8ec544678b46039cea48b93af3778e6e035c346b1559455c960

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
25be3f4846736e49ae4815b015bc983e

SHA1
a70eec6aacdca620ab1091f6f47f9d4836891e0d

SHA256
5aa84703d5a2aea5825b443cf65e8c8d2d7cd365e4fd21c17029a40d84ee09e4

SHA512
d9b7d554cf09ffda27d05cd7b3673cec52dbe2ff3a65ab5b35d4ef3d7914730d2b64cae4a87890773f927ced3ee2558424a77eb5c239562136bd40f150b4fb16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
9408e40503884dfcc3149f4f6c44f1fb

SHA1
a1aa7cda70aea0c3597809fd6c2bb31d0a43ba50

SHA256
322dc529bd2a2d622a838e7ec367bf23a3ce696c2e2dcf93b4da49ddd77c811a

SHA512
624e7bb69d10ee89c3157fc78bf490a1df1330ea56fc36227d1a604454feeac93e9d237082d29c3f33117a2a0847a2c49dd9583fea13ba3a30ee65b52142e61b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
6c6d42dcf5cc3475f92b7316bcab8b5c

SHA1
3394f9d0591b284bc9c8155c34b23c8666e16495

SHA256
1d5fdbc921926b626b02e97b4b7a3ab1b87efa5742b010031dd31f0bc11abf04

SHA512
479c5ac3b20d4881f51b45c834e0db541f688f5107e80e614ba3e19e2bf3726fb9a08fb66427b7f0849a2cc1ef927e19bd210d3997b47e93b9c91d2949537767

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
85912785130d09b8afb769084c1140be

SHA1
77e899107670049027369402d210c82921050547

SHA256
e24b7775a5237a13570a64b027276422f10d4f6d96aa0e4799f0865ede0e91a0

SHA512
1296da2b5908e85ad3dad40ecfc6029ba76ed14a2545a8bfc8d1ed35e176bc0ab72d44d1827c683d7cb783470565e63884c5633210c35567a05b932e2cd0125f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
57f075982e611a336bd3fabb58a5f6d7

SHA1
76f4dc1b3ace6de31d8e7d572c862a8faeae116f

SHA256
ea5795c5c686137fd0dcd9b5af381e209049cf34b0dd8c0fbe418540f918e2c6

SHA512
5507510934d038c1b9262cc98f3e38f11193888e3ff241e60afcdea23456a015966016242f420b486a88a4dfff1831c5a605d3569e391659e2478c996e5ad566

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
100KB

MD5
0acfd5966115f1f65762149c13394e94

SHA1
b206d1d9ef89518fccce4e62acb25fb739f1468c

SHA256
e074f22550e0e9e05d87b4837237e18046e851ac1220be1f9a742a0f1ece3ff6

SHA512
f4e0ee4536d0433a043b329db7a6403596596a96b1d532322f961a09723a5b964e9bd89061f88b93b19cff9cc7251800edbda33f2ec2a5af4c1462d59d2c8687

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
100KB

MD5
391b257468080a8cf2934084ad568ff6

SHA1
8f9ab2895c75e004e11160fc409a0fae926ad462

SHA256
7fab9e0c3022316c06754bdbf64c5d47eb371d485eb6a327637960db8763e62a

SHA512
05ee9e926269dcc7b56079ea44ef478f319d067c8d1cedbcb2134cccb6baaa64ecd87ab5f09e587387d531033ac4cc247403ea799827a0520e5d392dea165420

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master.zip:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit