hxxps://github[.]com/SilverBulletDev1/SilverBullet/releases/download/1[.]1[.]4/SilverBullet[.]v1[.]1[.]4[.]zip

Analysis

max time kernel
259s
max time network
1860s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
11/08/2024, 13:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/SilverBulletDev1/SilverBullet/releases/download/1.1.4/SilverBullet.v1.1.4.zip

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133678575991707896"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\SilverBullet.v1.1.4.zip:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
984	chrome.exe
984	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
984	chrome.exe
984	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe

Suspicious behavior: LoadsDriver 20 IoCs

pid	Process
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
676	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
676	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe
Token: SeShutdownPrivilege	984	chrome.exe
Token: SeCreatePagefilePrivilege	984	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 984 wrote to memory of 788	984	chrome.exe	81
PID 984 wrote to memory of 788	984	chrome.exe	81
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 4976	984	chrome.exe	82
PID 984 wrote to memory of 2280	984	chrome.exe	83
PID 984 wrote to memory of 2280	984	chrome.exe	83
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84
PID 984 wrote to memory of 2120	984	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/SilverBulletDev1/SilverBullet/releases/download/1.1.4/SilverBullet.v1.1.4.zip
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa152acc40,0x7ffa152acc4c,0x7ffa152acc58
  2⤵
  PID:788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1796,i,9145749488401250742,9009330929399142881,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1792 /prefetch:2
  2⤵
  PID:4976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2080,i,9145749488401250742,9009330929399142881,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2104 /prefetch:3
  2⤵
  PID:2280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2196,i,9145749488401250742,9009330929399142881,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2356 /prefetch:8
  2⤵
  PID:2120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,9145749488401250742,9009330929399142881,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3112 /prefetch:1
  2⤵
  PID:1624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,9145749488401250742,9009330929399142881,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4580,i,9145749488401250742,9009330929399142881,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4584 /prefetch:8
  2⤵
  PID:760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4964,i,9145749488401250742,9009330929399142881,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4336 /prefetch:8
  2⤵
  - NTFS ADS
  PID:4064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=212,i,9145749488401250742,9009330929399142881,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=976 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4360

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4532

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1012

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5188

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:6132

C:\Windows\system32\SystemSettingsAdminFlows.exe
"C:\Windows\system32\SystemSettingsAdminFlows.exe" SetNetworkAdapter {3f6fae48-2909-4832-81b2-a3db1df76c1d} disable
1⤵
PID:4020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
068865f257ffca9defc9f7446e6869b4

SHA1
10446d147a3d0a3c5e8e5814186f4a17d07a2752

SHA256
7c57dab78aaa7dd23691ce0eb51beb4abdea6bd701ba2e70e676427cdd0f9589

SHA512
20547d1fe7543c1b354d27e3e1dcb78623c0656dbf268153d98b7e94ba10247233a45b3d86943c10cc14ba625fc6b3492c5a944274dd498353e9072bd6dfed65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
20ffa43e2e30355f856bdcd0414fd3c3

SHA1
bfe62b512c5ac6c5bbc93dc2b6c6f8fbe83d7dc8

SHA256
540105bb3b2958d8be14a5f77a5cc471333a9406e70a58f810842f8f4c8f9936

SHA512
916e4eedf3a5a62cf91a8139d35754163796af60f4bae0537de514a92a3047963a011a458a2a798def854942235091917a58e592d22eb23113d2bf5795f3b922

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
3d84fe1775881f237a91c7a0dcecded6

SHA1
cacd5c3fa6bf034eacb9822e6bfaa547dbc6717a

SHA256
9ef1b0e985944719d5144879e6122b059474af7fb45be848bb537672d224934c

SHA512
a408ebc7f048e509eab9f58d2f36a3b832589fe3b64c1519d7ffe99f9547187447a2cd4e8a2703620cf1357084dbbebec22241bc0e2f8aa8c503d2f48649f037

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
519B

MD5
e172bdd9b30b705666808f6dd5bc481d

SHA1
d615a1b6464fa367cf3817e5dff1fcbcbe18ddec

SHA256
bb8e44d00aa4f1135f2b8141ba6c903b81dd9f181fc365ce4fc79829c66b4a77

SHA512
c2e31e12fdaea673a991f67f13a341e75faeff94f86dc7bade24401e5e6e6f2b4d2e4486b0e6dfbf65e5eb61cc41e3917d4c265bd35f6c04e23dbb23c30e5e48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1903b6631a5b2840e513ec87cc8a3cc3

SHA1
05a24580cfad0421260fbb16e89e908578bfe82b

SHA256
3131b3deb103974ab69c70c8cebf8c980730928e005bbf2d1c4da85ad9e02b9a

SHA512
ac73a7507964441d4f7078b77350f6e90d4fcdf3fb1e5b17cda2dca1432c22665688cc03a0d6f938b416590ee72ee1a9430e1cdecdc439e56f76e9dfb62d174b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0097e8ee716ec4a209fc97d797061f02

SHA1
f7ca4d9734e69bcf8ec2df818206fc574571a358

SHA256
cb3d6cb4378caa29973070cee11abeb159ff79fc70aaa775fce27effde3a929c

SHA512
1fd111e8ccfe43850a67e88f0fe63a723705229dc1c5811008e8a86f618a81c8d3cc52aa20418d9361f0594fc65b7850e2adc24780421cc17d22f2b1a687a3d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0f01337d342db10e5fec291413179164

SHA1
a77145f75da2c13034d91c8de052f737b4ff1cd9

SHA256
87ea6d8a67d105680079cf721ae4049a2bfb27f8e67458b91dbf812e6d3bc9d6

SHA512
34034baa31dd1263b891b418927203209a78c8c4dc81acc2123ff62d6d781478167a54f46e08403eee68e9afb3911ff395544e85daec048b86642e86640a9649

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
32345bbc8ebebde68f0338a06babae29

SHA1
502718e0ea40e82ef3f40b72ecafd2774debb99f

SHA256
2283be0d30f4ca67988abfe78d687f13be5877fe35c31602f65a5feec3923cd0

SHA512
3e03e0f6dbcd435f12afd65e337b86a59a03fc5a4f2b12e9a8634c4aaad9a0eaed134257fd7d5ecb580b257a9b7b76e0ea32b846e859ab560b9901924e4dfa2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
63505b2a96014e768a9f92f7bf406234

SHA1
fd990131a0b4b4056647aa686b86bb2b2556b960

SHA256
29eba3f3f8b009e8c32dc82ce7fe0fca1e9930e15cde6630d899999a813797c3

SHA512
1f1c5855ee140dd3c51d9da27a7a228c172bf209290b3f54e142f68216607e45f4e281056b666e9306808b5182457e8610c12276d57e3a91e6272a4080e6e1a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1d6df360674ac089ef4724fab059a69c

SHA1
0b05ff52868eea4e80effce3aba74295e5302cbf

SHA256
676acec6407a8caa15d53c21bde3245040b1863e5e9d154363996fed52ce2558

SHA512
8e563515a07c93ef282b7273d9ae599d5c742292e159a1ceec1b7c985bdc61a575047b4b9f3e3e87a344a930b07adb184d067d3b7dcfb915499f1edac8c56ba8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e1bf4498ce61381159169f79c10fd016

SHA1
b55217ae63ae6aee27aa1e4cb114fd30442117c6

SHA256
e9031e17ad2426ca879ea92acbf0d82519541c5708a91c005d4345500be85366

SHA512
adee919d1f8cf7baf564fd3dd6bb63320693d9ae25d4db6e858de87ef18e657ea1659ff031a96da7cc52d697829194be20454c0ea112a98a9ee8b40164999cc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
581331556d8fd2bcdd3fbdd605e383f7

SHA1
87f87bcd6932d108e976ac2beaea666747d2be6e

SHA256
10d076a1ff964f24ed6ce09ccce3093b508554ed959e53f54ad0b92a92d30349

SHA512
4f8042db0365f2d898effaa75caf314b3eac3857a0cb957af2199331d69e3a9c78a8e93ce830dea2117d8390ee40543b75feee316cd09bf2f365a0f386b03fd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1f38b4e835444752e1db4f8f70e5ead0

SHA1
58e2e3ef2615375c71cef11b0d48e670d0be09fd

SHA256
e3618d64b011e404f23ceb4964f2481a402ebc0ead3fd9b8e9db7f9c2cc3e88c

SHA512
d39f31f7ede758741eccfaef50908065ca2aedb79673ca4266fd547c58f5448a953a110de4ffff5802bfe32f8e23086b7b0f93776eafb30eda9cd0b74b36704c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
41ad32ba8c0fafa375e926d62e7dcc00

SHA1
fba43dc6b0b8695f1390a9ee4bddfa9ab50f03a6

SHA256
042d351563d4bf61256f0ab3259be833309f974e98fb995da6fdf1bca195de74

SHA512
68dbfc6632a728b82c7f88694d10cd933af4732e375fbe558fefef9249790db9514f26f2f07098a4a1ba9b9adaf02442c263420436ba26a82b1897d843dad7bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bd67203fe99bc0dd383a14bc2d50d6db

SHA1
6af29039fc81ef27466367f83da97677ce9a01f5

SHA256
7b6e4253c31a5002e402bb60bc8c6ad3114bb30151bc722772d078332f5df3e2

SHA512
264eea086ca4ede2decf639d1a2df3694ebc76111f229a6802fd58b29e565d84a32f247ab298989d30337b33ef1cfd406fba67295f0ac3cec5aaf9111687b668

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ff4db1f114381c6ee43d2100d6a31135

SHA1
e006bad4830d2a6bb75875c70b9191a0447284d6

SHA256
95f04ec0d4373a6fdf58513ca5a1f892d12305a078d328855b1a4ea5b6496411

SHA512
6fe3f5f37fb6491d03126a3c4e19eb2822caf3e70bc8220bdff57b95816239af26cf5322d0a3ac432a50649671947cc39ef9089feae1def62119a723b5c8de33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
c698dfe6d8b1878f25ed3d58856e5f41

SHA1
0b038bfd52fc7f16eb0fd4c4aa93cfca5abca693

SHA256
75c3a141ef36aff0ee8ce00f3510406afec323456441a338751675e58def738b

SHA512
7a7b17ddda3a85fe19edba751373521157c9e6babd43edeebf2812dd29712a73382d45e5298e4e10acc9a331cdf12b6c5bc461569172123e5a9da2dac8f438ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
80f9c6e4478cf2b6eb9155716a3fd9e2

SHA1
142a8dff4e62f4db816a7af2d196d3616f729ee1

SHA256
9118d33cf3f79e5e186b362030ce3fd9e46fd31d16a5dedff9ec501ac96d1038

SHA512
427dda0529ca33fdcc8d7d08a74d381c9d4d876109772b29eb033d687669b4aa31058f5e9524bd5dd09b8c4b1d0874bd9d036c03a8df44be61772362c980107a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
54c4c44a2810b1f8ffb8000a49c3cbf4

SHA1
29b8b5282abadb6f2aee7cb2cd993b462e62c46d

SHA256
75731684914ecb6c8e2bf84b74cb9e8404cc9e08bad13015f178caccd1cf2923

SHA512
f3208132295a5cc0ffc5dd59603916ec3629ca9c61acf45f8ea30e1bde6359115d8e536dc72343a876717a6f27a2144743d85765d78fc787fcb12e0417e9592f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
25d5ae7f4bb321789334bafc23199c8d

SHA1
85011e935341ec19b6db2baf76a811598684d909

SHA256
c7a3ebf7ac52d740e7c055d3d8cd4b420175d8874ceb5441c51a213bf55be7a4

SHA512
034c7edb3955e3b642376942204b2e2c174b6aee7a8114d697fb16bd9f175ca81486c91a19c7d9f11822b480e95bcfb143226b5902a0952624c2ef31f4241fbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
c580985e2c52e604c8cdde2479b429f5

SHA1
f63de3674f78d92a1d9e01b1ea03e8e4ca8bac44

SHA256
c89e06f4d8808612f8ffd0d39b23c55c1bb19b86880f299aaf91c363792471f5

SHA512
05733e1adf530514f45852b274467d00a982ad30b678c2e3c32c741c6522c4bdd7288eabf713f5f1251a2148549c5e7638ab1cb620a9b79b306b7e6ebbda060f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
d6ebee72445dcbbda65ebf0c670f7026

SHA1
f8093c9c2ac8b19fcecd5d6ccad7510c73c2e9e4

SHA256
faf15fef65413b3edeff325312d0ce35b788ec192f0c7b85cb01be2dab8133ed

SHA512
15e31ab6444994dc18da646207b3c65afc4d1c4b335e88878c693cd12d076632ba4f4f662309ebfd21b50e5e5e9b38647b2fa5545fa2ded928791be3f3c0edfc

Download Submit
C:\Users\Admin\Downloads\SilverBullet.v1.1.4.zip:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit