Malware Analysis Report

2025-01-19 04:30

Sample ID 240807-x4rgzswcqc
Target https://secure.adnxs.com/clktrb?id=273568&redir=https://pub-3ac24ae5186948da93fbb2eae41adb90.r2.dev/0nedrivedocc.html#[email protected]
Tags
phishing discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://secure.adnxs.com/clktrb?id=273568&redir=https://pub-3ac24ae5186948da93fbb2eae41adb90.r2.dev/0nedrivedocc.html#[email protected] was found to be: Known bad.

Malicious Activity Summary

phishing discovery

A potential corporate email address has been identified in the URL: [email protected]

Drops file in System32 directory

Drops file in Windows directory

Browser Information Discovery

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-07 19:24

Signatures

A potential corporate email address has been identified in the URL: [email protected]

phishing

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-07 19:24

Reported

2024-08-07 19:27

Platform

win11-20240802-en

Max time kernel

149s

Max time network

149s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://secure.adnxs.com/clktrb?id=273568&redir=https://pub-3ac24ae5186948da93fbb2eae41adb90.r2.dev/0nedrivedocc.html#[email protected]

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133675323092133763" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2336 wrote to memory of 2024 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 2024 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 2292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 2292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://secure.adnxs.com/clktrb?id=273568&redir=https://pub-3ac24ae5186948da93fbb2eae41adb90.r2.dev/0nedrivedocc.html#[email protected]

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe42c6cc40,0x7ffe42c6cc4c,0x7ffe42c6cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1928,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1920 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1380,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1956 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2188,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2212 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3096 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3076,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3140 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4360,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4196 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4536,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4256 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4508,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4656 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4436,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4872 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4932,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3300 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4772,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4912 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4532,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5056 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3348,i,6265170019652314112,12787961461479914757,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3296 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 secure.adnxs.com udp
DE 37.252.171.85:443 secure.adnxs.com tcp
DE 37.252.171.85:443 secure.adnxs.com tcp
US 8.8.8.8:53 85.171.252.37.in-addr.arpa udp
US 104.18.2.35:443 pub-3ac24ae5186948da93fbb2eae41adb90.r2.dev tcp
US 104.18.2.35:443 pub-3ac24ae5186948da93fbb2eae41adb90.r2.dev tcp
US 104.18.2.35:443 pub-3ac24ae5186948da93fbb2eae41adb90.r2.dev tcp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.2.35:443 pub-3ac24ae5186948da93fbb2eae41adb90.r2.dev tcp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com udp
N/A 224.0.0.251:5353 udp
US 104.18.95.41:443 challenges.cloudflare.com udp
GB 103.83.194.5:443 rememberthetime.com tcp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 151.101.2.137:443 code.jquery.com tcp
GB 103.83.194.5:443 rememberthetime.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
US 13.107.246.64:443 aadcdn.msauth.net tcp
US 13.107.246.64:443 aadcdn.msauth.net tcp
US 13.107.246.64:443 aadcdn.msauth.net tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp

Files

\??\pipe\crashpad_2336_TWAYMXOAGXKVJJOH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8508cf1ed47406f267dd32498298af45
SHA1 1d7d045150794994bfb02386e5175be7d481854b
SHA256 91685f4312009ecd8b1528763d53e2e072f6fef31845c438c74c7e6edb36af47
SHA512 56491dc7fc8968612dc0a17b6e1205875ad73d1ed1807bd35939fb2f8453d0440d3677dcabd37aba70f07ef291002a8be5c3d493d62a5d849df4f113aedca698

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a6c7e03450f3c0c60b5a36d3c003a559
SHA1 df30f64a128c5670cd3dad15e4ad2475b87e958a
SHA256 bea946f8fea68b2e9fd48a6ee3f5401b20abdfb660bd8059c5666e72093a94f7
SHA512 47b4bf7e5045e84a1d01acb01a5b16a94b7917c13a640c1786fb3b61762898bfcfed8eaf6e9935c876f73ac6b084b39941e07797aeba5e217410f4d6939c6d4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0b42a3314947091273fad603283149d3
SHA1 ed726b048b8b556564abab8528ce2e7672328563
SHA256 135256427566af2c7fa05629f6596c625f8d2b6dd416b7fe25ceb12ee1fed3ea
SHA512 37a847447b8aa40d3c361b33a2c0376e43786c058f7728037ec024ff9e89712eab6163e02f6e12f41d1def3129c73d529380c1fca1c71aa052031d80d1defefa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c1bdc296ab41242515b7efd5371803da
SHA1 4cbdaf4ec66391f687deb418d923055bdba6b10d
SHA256 ea5fe37cb9e5ba6e0d52bc69ce57dd5f1618c25e4d6d6084f08714210ba3bfb7
SHA512 87714e4a8f655578a12643b9d3a5829382605a8797f0296afd1e4c760bf3011a6b70a1885474377284f56fb8b800a68b0ea25c42aba9c17c6f929abb33e54164

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c89467d99b019399cb67e57ad4dc51aa
SHA1 1aa32e03e98a9fa9d2566b8e2403a4ca6bac6715
SHA256 049b2cdd08d7d1f02999ab10c171fcda21245b86e3338d2d1a9ea13dccadbf2b
SHA512 827d7448bfba1d9399ce2589302f05ca975e07cbee28c10149814a2bc1e658c80e69cac18a47132dc1193cb0d86ce608434899e2d83df0cc1103adf674f7e8a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1538d23d385125174eefdb79707c594a
SHA1 c4628a0b3432790eda0267336381ec96da91ed86
SHA256 ff84deae4f89a529317a164c90002aff69d4ef7589d49aa41d3a060613c60e3b
SHA512 0358eacb786961321b5c57bcdf92ede3ded6ddbbe814fdcdd6fd9ab9783c0170fc3b2e890cfb5cce71f2670b194f271877998f5463926282ccb294a061b940d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a88eda6fffd7837ff151e53edcb28a39
SHA1 63aab01200755268166850571b9b79b8889bac58
SHA256 3b264b9d8ce361f0eeae82f663fe26c977b974d3d5c12143db2a77f771d3a8e8
SHA512 a810da4a8cefd439c96c3805c7a0137330fdb2b2036ae85eda01fd5b6f632e6b33de365e461b532e75058f63f8e8c79b9554efa6cfc40db24c2d641db735efc9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8b2c28e5ada3dc8e3302701fbf0d6f51
SHA1 0f65afe031972a6c4c545ebdba739975364ba917
SHA256 37a6018bd16e9c5e73ccf99344b33521177dc800446b883b57ca20da9fafa636
SHA512 7035b227e65a5799f8a1064b2544a9f41ab665a4918ae8050c1776edbf160240d906f598f607a9aa105d908e000c1eebecce61099a9933490fd60f4e8ef35825

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 883779630c91fa9896064535d6f62a43
SHA1 b174c493eb521062217377f0cd31dbcf80ab5977
SHA256 abf3d60f8e232ec5aba3e269ba497a76fd61a4f59ee2764b09616628d5640b6d
SHA512 ace034402c40c210f897374685fb7ab0d886c71d42f758f2a6b492aed4150a05aefc096838921aaf6d3d544caa397516585a1b1e27601ae9c563e098bf3127cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c377cb753fce1b3a0dd18adddba0ba67
SHA1 7c94e66cfd6d47220a1d915cd907f18710929cd9
SHA256 d397f16f8785731d9adf6c1ef35cd7a3482438dbc81a81d13e400e6999eed2b7
SHA512 8915b5e18a113a2a88f87511286a3339c6fcd267a066cf82801c28fe11b28728ed366eba9f869be6f3d2c578b4123196269208b4887a3a48bef84834383bc27e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 666c4330582f766e708aeba1dad8faae
SHA1 3280073e1a76423de6e15a591ff6f1234614215b
SHA256 78fb11a2f8b70c5b50fd18fbc20ec7008b1c9086d9887a39c85022ba4617dbbc
SHA512 e2118690195b6228dea4047b3cf56e2d6d8f68f96af25096eed6380241314679304413b5e172e4fd818448df7c1708638dce18e19d4345aa66f85cb7b1a1c194

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc4da8936a4116c8ccee3ec156d2661b
SHA1 2a8c9b08e5c6d273626250cfad5d21b9bf04bc0a
SHA256 5992ab1d048f7a724553f4be0f1d569f15d1a9ed942d4c5f324e1b0aa5c81258
SHA512 64c74ec5556e5561846fdfb7267ce5148561110156f3593b4ce61556bbeacaf586ab3ed0f31d8aebda23ece57ef430234da1fd6042f494602e6e87e0183dec9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1562fa4d09ca39110d198cc0f1cf945a
SHA1 c344e8bd86ad6fa10edee880f23a19c667ba63ae
SHA256 783972014508f63ecd23dd28aaff9bd4ebc8e06e570b0710f3c132885a5496e3
SHA512 0f0e68b2ce7bc187c7f1c423db13f6617df3d61a729e76131eb339eaed8d72854f939b5a419ad212e343195036b421d9578b88ff1215e326dd68ffd5b4e26274

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 be7a08ca2f24263af8d3d4e0558a0947
SHA1 1f54ff38ea059bfd7dfd16df41b1af3f1f57633f
SHA256 1444f343b67c13cf916db3130ce7def78f5e605aa684a21e59d6331a8b8cfe7c
SHA512 ac34165b6016bb56f9a3c50880a93a903e0dcd71f835366845e7555e48df1ac68015d3c8b7a0ffae440d2c07d18b4ba7df1db5f5cedf532da7372e59995a3c91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 236033261c4aaf0efd35870f75a5cff0
SHA1 84cec01030e426d5332b60f81b3187e1e0c1fb5e
SHA256 7b8d745f7692ac7c8923564f5399c71afe1a66ba4dcca22fcb2db41fe88dbd14
SHA512 dc213412ad215ff5fd4d1685e4601bf6ee6d4f97be7ff49072ff19c93b50173ae41588c631853bff098a300775d2c3ef39f4a6299698778634971d2b25633cd6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 87cc44c933242b373c7ab6abd1969201
SHA1 0938dcea6f6a56b1af8c332611ce287048e285cf
SHA256 e0002cc025078f11e8f9b43dac7293e47797c0d992e8fb85b2070cf7fcf39c42
SHA512 d7164a3abd94b9dadc72ea442164af8ddf52db72ed8e761d50c0bcdff8611a9037abbe084cad475baffb9545d3321aa521daac941d716b0361b19097f656aac3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e2b6981b8b3b22b73c27eff1170c7ec
SHA1 9cb4d2d5da96b546ed99960b9331f5edff84efd5
SHA256 41a8e8346dc9ade283514cdfa3c96bac4223eef0139e4b20c15c04a70edb79ed
SHA512 3d1268fb0350f58f01ceb7c60507c217c0e81e85264a1e107bbac48c0b7d1bdb5c0c55cea01de2dca26f00a248cde183af1cfb865e17225bf34d38562cdc726a

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 275f1cbafb50c0c5d5e4bb4734a05e2f
SHA1 837c54e3c41d9b504690c9759caa8ca463162d53
SHA256 5cfe940dc3333adff09d9fa82c4e6dca7480d7bf4e0688634c2b1b2929acfef8
SHA512 b2f3c5b385c67fcf5deec10fa5be63719fe0b91c592307497f183ef2b6837a34c8989fb43113a27618084d777db24dfa1a72be640ddbc7d8b6175d6220cb5eb8