Resubmissions

16/08/2024, 04:45

240816-fdextszepr 8

16/08/2024, 04:39

240816-e927kazdkl 8

16/08/2024, 04:32

240816-e6ft6azbpq 10

16/08/2024, 04:30

240816-e4t9rsvgkh 8

16/08/2024, 04:27

240816-e2417azakl 5

Analysis

  • max time kernel
    311s
  • max time network
    312s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/08/2024, 04:32

General

  • Target

    https://google.com

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://clouddycuiomsnz.shop/api

Signatures

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

  • Loads dropped DLL 5 IoCs
  • Drops file in System32 directory 2 IoCs
  • Suspicious use of SetThreadContext 5 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Program crash 10 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 10 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 48 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4140
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd8606cc40,0x7ffd8606cc4c,0x7ffd8606cc58
      2⤵
        PID:3948
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1940,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1936 /prefetch:2
        2⤵
          PID:2488
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1884,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2060 /prefetch:3
          2⤵
            PID:2992
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2444 /prefetch:8
            2⤵
              PID:4960
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3136 /prefetch:1
              2⤵
                PID:3108
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3184 /prefetch:1
                2⤵
                  PID:4288
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4568,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4576 /prefetch:8
                  2⤵
                    PID:2552
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4932,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4904 /prefetch:1
                    2⤵
                      PID:3560
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4612,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3772 /prefetch:1
                      2⤵
                        PID:2272
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4880,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5144 /prefetch:1
                        2⤵
                          PID:2008
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4832,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4884 /prefetch:1
                          2⤵
                            PID:4860
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4764,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5284 /prefetch:1
                            2⤵
                              PID:628
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4664,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4704 /prefetch:1
                              2⤵
                                PID:1324
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5552,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5556 /prefetch:8
                                2⤵
                                • Drops file in System32 directory
                                • Suspicious behavior: EnumeratesProcesses
                                PID:1364
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4864,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5500 /prefetch:1
                                2⤵
                                  PID:4348
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5752,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5688 /prefetch:1
                                  2⤵
                                    PID:3156
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5904,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5928 /prefetch:1
                                    2⤵
                                      PID:1180
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5972,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5944 /prefetch:1
                                      2⤵
                                        PID:2216
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4448,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5860 /prefetch:8
                                        2⤵
                                          PID:3232
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5868,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6240 /prefetch:1
                                          2⤵
                                            PID:2784
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6404,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6376 /prefetch:1
                                            2⤵
                                              PID:336
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6060,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5944 /prefetch:1
                                              2⤵
                                                PID:4236
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5032,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5800 /prefetch:1
                                                2⤵
                                                  PID:3660
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5424,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6412 /prefetch:1
                                                  2⤵
                                                    PID:2480
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6520,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5780 /prefetch:1
                                                    2⤵
                                                      PID:3128
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5792,i,17894020371222564890,3619411108039722544,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4704 /prefetch:8
                                                      2⤵
                                                        PID:4548
                                                    • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                                      "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                                      1⤵
                                                        PID:3076
                                                      • C:\Windows\system32\svchost.exe
                                                        C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                                        1⤵
                                                          PID:324
                                                        • C:\Windows\system32\AUDIODG.EXE
                                                          C:\Windows\system32\AUDIODG.EXE 0x424 0x2fc
                                                          1⤵
                                                            PID:2072
                                                          • C:\Windows\System32\rundll32.exe
                                                            C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                            1⤵
                                                              PID:4956
                                                            • C:\Users\Admin\AppData\Local\Temp\Temp1_SolaraV3.zip\SolaraV3.exe
                                                              "C:\Users\Admin\AppData\Local\Temp\Temp1_SolaraV3.zip\SolaraV3.exe"
                                                              1⤵
                                                              • Loads dropped DLL
                                                              • Suspicious use of SetThreadContext
                                                              • System Location Discovery: System Language Discovery
                                                              PID:3852
                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
                                                                "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
                                                                2⤵
                                                                • System Location Discovery: System Language Discovery
                                                                PID:5108
                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                  C:\Windows\SysWOW64\WerFault.exe -u -p 5108 -s 1112
                                                                  3⤵
                                                                  • Program crash
                                                                  PID:3204
                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                  C:\Windows\SysWOW64\WerFault.exe -u -p 5108 -s 1084
                                                                  3⤵
                                                                  • Program crash
                                                                  PID:3848
                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                  C:\Windows\SysWOW64\WerFault.exe -u -p 5108 -s 1132
                                                                  3⤵
                                                                  • Program crash
                                                                  PID:1848
                                                            • C:\Windows\SysWOW64\WerFault.exe
                                                              C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5108 -ip 5108
                                                              1⤵
                                                                PID:2320
                                                              • C:\Windows\SysWOW64\WerFault.exe
                                                                C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 5108 -ip 5108
                                                                1⤵
                                                                  PID:4120
                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                  C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 5108 -ip 5108
                                                                  1⤵
                                                                    PID:4692
                                                                  • C:\Users\Admin\Downloads\SolaraV3\SolaraV3.exe
                                                                    "C:\Users\Admin\Downloads\SolaraV3\SolaraV3.exe"
                                                                    1⤵
                                                                    • Loads dropped DLL
                                                                    • Suspicious use of SetThreadContext
                                                                    • System Location Discovery: System Language Discovery
                                                                    PID:4104
                                                                    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
                                                                      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
                                                                      2⤵
                                                                      • System Location Discovery: System Language Discovery
                                                                      PID:2220
                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                        C:\Windows\SysWOW64\WerFault.exe -u -p 2220 -s 1092
                                                                        3⤵
                                                                        • Program crash
                                                                        PID:316
                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                        C:\Windows\SysWOW64\WerFault.exe -u -p 2220 -s 476
                                                                        3⤵
                                                                        • Program crash
                                                                        PID:2840
                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                        C:\Windows\SysWOW64\WerFault.exe -u -p 2220 -s 1072
                                                                        3⤵
                                                                        • Program crash
                                                                        PID:4148
                                                                  • C:\Windows\SysWOW64\WerFault.exe
                                                                    C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 2220 -ip 2220
                                                                    1⤵
                                                                      PID:4108
                                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                                      C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 2220 -ip 2220
                                                                      1⤵
                                                                        PID:3676
                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                        C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 2220 -ip 2220
                                                                        1⤵
                                                                          PID:5092
                                                                        • C:\Users\Admin\Downloads\SolaraV3\SolaraV3.exe
                                                                          "C:\Users\Admin\Downloads\SolaraV3\SolaraV3.exe"
                                                                          1⤵
                                                                          • Loads dropped DLL
                                                                          • Suspicious use of SetThreadContext
                                                                          • System Location Discovery: System Language Discovery
                                                                          PID:2808
                                                                          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
                                                                            "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
                                                                            2⤵
                                                                            • System Location Discovery: System Language Discovery
                                                                            PID:3488
                                                                            • C:\Windows\SysWOW64\WerFault.exe
                                                                              C:\Windows\SysWOW64\WerFault.exe -u -p 3488 -s 480
                                                                              3⤵
                                                                              • Program crash
                                                                              PID:2576
                                                                        • C:\Windows\SysWOW64\WerFault.exe
                                                                          C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 3488 -ip 3488
                                                                          1⤵
                                                                            PID:1588
                                                                          • C:\Users\Admin\Downloads\SolaraV3\SolaraV3.exe
                                                                            "C:\Users\Admin\Downloads\SolaraV3\SolaraV3.exe"
                                                                            1⤵
                                                                            • Loads dropped DLL
                                                                            • Suspicious use of SetThreadContext
                                                                            • System Location Discovery: System Language Discovery
                                                                            PID:2612
                                                                            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
                                                                              "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
                                                                              2⤵
                                                                              • System Location Discovery: System Language Discovery
                                                                              PID:1612
                                                                              • C:\Windows\SysWOW64\WerFault.exe
                                                                                C:\Windows\SysWOW64\WerFault.exe -u -p 1612 -s 664
                                                                                3⤵
                                                                                • Program crash
                                                                                PID:1616
                                                                          • C:\Windows\SysWOW64\WerFault.exe
                                                                            C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 1612 -ip 1612
                                                                            1⤵
                                                                              PID:2212
                                                                            • C:\Users\Admin\Downloads\SolaraV3\SolaraV3.exe
                                                                              "C:\Users\Admin\Downloads\SolaraV3\SolaraV3.exe"
                                                                              1⤵
                                                                              • Loads dropped DLL
                                                                              • Suspicious use of SetThreadContext
                                                                              • System Location Discovery: System Language Discovery
                                                                              PID:4324
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
                                                                                "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
                                                                                2⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:4956
                                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                                  C:\Windows\SysWOW64\WerFault.exe -u -p 4956 -s 1064
                                                                                  3⤵
                                                                                  • Program crash
                                                                                  PID:2840
                                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                                  C:\Windows\SysWOW64\WerFault.exe -u -p 4956 -s 448
                                                                                  3⤵
                                                                                  • Program crash
                                                                                  PID:2392
                                                                            • C:\Windows\SysWOW64\WerFault.exe
                                                                              C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 4956 -ip 4956
                                                                              1⤵
                                                                                PID:2348
                                                                              • C:\Windows\SysWOW64\WerFault.exe
                                                                                C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 4956 -ip 4956
                                                                                1⤵
                                                                                  PID:4988

                                                                                Network

                                                                                      MITRE ATT&CK Enterprise v15

                                                                                      Replay Monitor

                                                                                      Loading Replay Monitor...

                                                                                      Downloads

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                                                                        Filesize

                                                                                        649B

                                                                                        MD5

                                                                                        a8dc405591873448b14daf2678f5df7a

                                                                                        SHA1

                                                                                        576c19c29da5c79cef87867c4e6c67d735e414ee

                                                                                        SHA256

                                                                                        99f20ca268d2f156d748a668739adf430099167f7862ecd2701564679cab3a4f

                                                                                        SHA512

                                                                                        1771ced236432494fe8a3172cfa3a7683503c866b390151d43dc15fe33c74da6c6bdfe8bbe08680d4cf77e4cc634f979ae4ff16c0fe3cb6ac858060784fa8140

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

                                                                                        Filesize

                                                                                        209KB

                                                                                        MD5

                                                                                        3e552d017d45f8fd93b94cfc86f842f2

                                                                                        SHA1

                                                                                        dbeebe83854328e2575ff67259e3fb6704b17a47

                                                                                        SHA256

                                                                                        27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

                                                                                        SHA512

                                                                                        e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

                                                                                        Filesize

                                                                                        24KB

                                                                                        MD5

                                                                                        87c2b09a983584b04a63f3ff44064d64

                                                                                        SHA1

                                                                                        8796d5ef1ad1196309ef582cecef3ab95db27043

                                                                                        SHA256

                                                                                        d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

                                                                                        SHA512

                                                                                        df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

                                                                                        Filesize

                                                                                        69KB

                                                                                        MD5

                                                                                        93acd9abaff0faa9bcbcd13166fe2ba1

                                                                                        SHA1

                                                                                        f15757fe2754f5183690d58607606e570f882260

                                                                                        SHA256

                                                                                        ea9e607e30fe355ed24d323a08cfad4edc3ce33fe02a214b86fc515c7a9f2ed8

                                                                                        SHA512

                                                                                        6cef03bfb49f7936111060c7b82f08f97f12f93cf099fe9c424572259dcfe5ee915c6fb99382a262457950fa0604f85ee8d29bebb4d46cdd23c8241ababaa832

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

                                                                                        Filesize

                                                                                        452KB

                                                                                        MD5

                                                                                        eb4d967b257694558348e7668453b5ad

                                                                                        SHA1

                                                                                        3dd2589c0fc9a06653773ce6b8f4de24f8693844

                                                                                        SHA256

                                                                                        dd499b95eda8054f7dddd80fc927b67be360a7d9fa8fc2dde36f4958ba02ba3d

                                                                                        SHA512

                                                                                        3b38bea9b3fef80b78d27f1e4c988d5daa5bb60693e9818cf193f70a2436305be8e39d95f9b4ce7519417e587b7fe1d37a6df870d4db874dfb3198d2ceeb799e

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

                                                                                        Filesize

                                                                                        256KB

                                                                                        MD5

                                                                                        a7be6dfa339a7ae100364bada521e5c9

                                                                                        SHA1

                                                                                        3c70af5e709577583755c2c5b272d115a15b400d

                                                                                        SHA256

                                                                                        ac563b6fb18798f7cb58a6a5711ddce1b2546db8a9c5bb761b7fa9715c3c4a2a

                                                                                        SHA512

                                                                                        d61784be729d78d84aacaf892c0b8297dc164fdebab7bfb98ca169da78710b805181370e3635d1f0249933ee7e01995da3a64490e9c2ca1b86d6bea8a8ec8291

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                        Filesize

                                                                                        3KB

                                                                                        MD5

                                                                                        eac4646c79b619b76384d828fc907c9e

                                                                                        SHA1

                                                                                        e99e505dd085d2cfd6fd11a2d334a33173beaf68

                                                                                        SHA256

                                                                                        74f15698a988a56f016c0163e42f3413a332e6e987c2dc9fed3bb0afd09db98a

                                                                                        SHA512

                                                                                        4328fbbc99317cb81c1a03fcb9ee87eeca6aa17b879e2329a84cdfe3da51d7055f935a9c494f59312044e16e3b10d73405ff6cb1bca57793954962fb75ce9d78

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                        Filesize

                                                                                        6KB

                                                                                        MD5

                                                                                        4c5088c114d550d5d77f434da21b9407

                                                                                        SHA1

                                                                                        5c1432a35f5ee7a233c8ad9415ba994c1640e3bf

                                                                                        SHA256

                                                                                        21d274071d6efdbeb4b30407dfa9554bfddae8122df28a4c4a0134812c6779a4

                                                                                        SHA512

                                                                                        c02815e54edd856ec72e7adbe739a8661a4b676e7eb6fc86d42e3c702c371ade7873ee70db48c81699b111adf4250815c64e2906d0e65700fdbf236c758b0372

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                        Filesize

                                                                                        216B

                                                                                        MD5

                                                                                        49ece2044a342af62b5589c6c5f62364

                                                                                        SHA1

                                                                                        a8e850818a9747e2dbcf41db9c0593708d3eee22

                                                                                        SHA256

                                                                                        2254e10f3fbea85738aafb809df3a3b8eec3d86da0287c1d899a67a33703c6b7

                                                                                        SHA512

                                                                                        9b97c5ab76774078587159a11a8ce87b091be61588d211f666398b1ced89dd53c0e3a92fcf62cd414d5bf801e38457596f57cd5201c047352d9d1a35fd716db4

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        c5b0b88800e15dc88290dfc085eb9e80

                                                                                        SHA1

                                                                                        244875aaf56cd99ad5e0455ae3f5670f6ba296eb

                                                                                        SHA256

                                                                                        0881351c949a6917a5e0b6cc1a6c453bab8402d498816fb890cf250431fa0138

                                                                                        SHA512

                                                                                        6706b666ff60c892099f1a17b57673becca971a8015cc2579092bd67e6d6d3b2fbb3e2018fadf92144b6201b38642d516dddc4e10628bbfab9d9de61c13aef9f

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                        Filesize

                                                                                        4KB

                                                                                        MD5

                                                                                        677b2cd8d4c935049d8f77e8bce2d500

                                                                                        SHA1

                                                                                        b94349601389fdd96693ace7b8a181deb784beee

                                                                                        SHA256

                                                                                        d6513fef545adfb00b8516c0a3f27187911b19782c84be501be7cac42f273f63

                                                                                        SHA512

                                                                                        cb60bd1c5751918eecea03ddba90c20367a7ba2a6b473702692396467aa07f2b3d7baa288e13f9b6264f0b002faf14086a4719a73a8f31f33cc6450898b86e9e

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                        Filesize

                                                                                        11KB

                                                                                        MD5

                                                                                        2d0b47e2e992fe820a102c73975774e8

                                                                                        SHA1

                                                                                        80a76e2aefc98d713947ff2fed70f136ff133fc3

                                                                                        SHA256

                                                                                        19dc59b5eb6e8869d50e10dc3d8ff0140df3591f74f489be4c1a4b7d745ce0ef

                                                                                        SHA512

                                                                                        4f623207c4e853878f632d891b5a761e7bdc93ed7b622dc95d5364c4bb91d7ed3a1f4412be2fd7f9391ebe73308f37472d8c28ed7c026a2f75aacf24d80b1ed0

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                                                                        Filesize

                                                                                        2B

                                                                                        MD5

                                                                                        d751713988987e9331980363e24189ce

                                                                                        SHA1

                                                                                        97d170e1550eee4afc0af065b78cda302a97674c

                                                                                        SHA256

                                                                                        4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                        SHA512

                                                                                        b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        354B

                                                                                        MD5

                                                                                        3b677b94c646fa977e19fee2d5f336e4

                                                                                        SHA1

                                                                                        3f87d8b14378854730d0f879b98dcafef7a951f7

                                                                                        SHA256

                                                                                        26e2db405e6cf519c913ee74586d6c7a8460dd164f7bf173cdc1942ee7d54889

                                                                                        SHA512

                                                                                        30618464a0bb2de63a038fd07904e6138fe9f00ef5348fad501fb175c9925240ce4f1a1ae8c540de6b6f7c04f034a7a1d2b1a8598f87ad2253ff9bb9685c4809

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        354B

                                                                                        MD5

                                                                                        4aefc4a47fcaa94e46cdb4169b7d9c43

                                                                                        SHA1

                                                                                        b2cb18041dbe4fae4d828e77978173eab772cad3

                                                                                        SHA256

                                                                                        9ebad2a4ec8b30f9a3d53d9f788ab9b6cc9a7887f039015c137a23dd245ebab6

                                                                                        SHA512

                                                                                        2d8cc533c72fad59a6a8e57b7db7beaa7119ac042bf244a0db620ca56578d4dcfa03c139011678af7249cd5a76e4a6874e0f1302bffbd59faa48199437eb294d

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        354B

                                                                                        MD5

                                                                                        ff842cddcc42cc75ef0244989aa26b29

                                                                                        SHA1

                                                                                        bbbb0983e7da6b62194b4a019fa4d584ab15a953

                                                                                        SHA256

                                                                                        2dd2a0511c906e3bb67c474fec7f0acb28b10d8ed36a031205f89f7fae8bdd5f

                                                                                        SHA512

                                                                                        a109e2827bd91281271d5bcf5a96e4475a7d4edfc9a3f403985be5f4731ee161acacf12aeefeb3b8b24a782143806a57888afe10a246e05581dec757951636d8

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        d6fc273f6e58523561833332d094d161

                                                                                        SHA1

                                                                                        e1fa7461f41d3e994fa989586bdf880335347f88

                                                                                        SHA256

                                                                                        68db883ca11dc9ea30d0a8b88f424e8458a8dc7c6e845c4c84ead36384b52a5e

                                                                                        SHA512

                                                                                        51ed07cab71345c87025d0e4459f37eb294792c770a0ddcf9e7a6464a23e05b342936696679fefa33507e96108462eebb827afdf95da1f3dc505a07b034f2464

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        77a5bc77925925a43b890f3c4b9c508e

                                                                                        SHA1

                                                                                        b5e3ac45c9eac45dbfed7c1f93b7f64406b26597

                                                                                        SHA256

                                                                                        63e179164b2fdcffea976831a394a968fe62d81ad14382e6d488183350894dc0

                                                                                        SHA512

                                                                                        af0815597b3d7841c80551728d98a1b400dc37ce0e4c4d46a2fd2bb18bc63f190aeb6be99765d46280b4683ffda646fa1caab822a92bcbcfad33708611fa38f6

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        c710def7feb5e73597265b9e61652b89

                                                                                        SHA1

                                                                                        16c63f05286541d5b1a0affdc4b176994015913b

                                                                                        SHA256

                                                                                        a00645d3bb3b750cef520e002a41818cfe03f3f948709af5405c1ee9dadbf484

                                                                                        SHA512

                                                                                        f5d9a09c8fe708f2758ef8502cd7db5606e98ffa50ecd4c19d67822bc7fee6fa30bedaa8f914d063346bcbdaa53e83ff6dd40aba5a1b15b445c22d20fb4191f5

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        9bdb1bae0c77804c6adbb8fca0148856

                                                                                        SHA1

                                                                                        153c9fb6dd0e4399aec60c1f14348f2b8b4f8788

                                                                                        SHA256

                                                                                        c3620599380ac5ecefbc2eb3f5372a36073ddb81f361ff1cb71dc229e350e9d5

                                                                                        SHA512

                                                                                        02dd6016e85e957178e102402780f70feac57c051ca6c40d429c044f0e2464ab89cbcff3831728d21f4f57687e9e423d5351952e5a048fa42f882decbeb5dae2

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        354B

                                                                                        MD5

                                                                                        e6b7cdbf42111863bdb5ad189aebe194

                                                                                        SHA1

                                                                                        8d17ce9cd095f34e540b715149fb0fb791e554fe

                                                                                        SHA256

                                                                                        5419ecd8c174f6c77d9c776e5dd7a93d7293abe94a9de3389f5def83cf87130a

                                                                                        SHA512

                                                                                        099869b6e5b3efad275559ac4af0e8f99cf0695803a02264693ec971abd7e583684662858beaf6e71492681e6c07a7e94734122cca25dfbfc00ff8b946c35386

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        354B

                                                                                        MD5

                                                                                        60d10fb4b88e0e94f0413ff5ddb6b1da

                                                                                        SHA1

                                                                                        0d46ff3a56474a6475a97e421c1c03ddc2783e8d

                                                                                        SHA256

                                                                                        7d67c2292869222f6c4a7fca9b7e59109a53190bb4ba2a209dd7a16a887344b8

                                                                                        SHA512

                                                                                        2c62fe4c62a75abbb4754782c4e63fe8ab1faa18f9bbf9ab8f08e78cd4ffc06ad9496567e75ab69ca70f7aa7bacdd2581c65cb7b3f9436c06690ed2a15a15c7b

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        040789b0c255d0455ba16d10e9404946

                                                                                        SHA1

                                                                                        2781f7d77688bd05d703a223573a989340c7b79a

                                                                                        SHA256

                                                                                        8ee1c52c2cf83f2055f6630b29ce702a796603d2b982c0ddc985cadeb64ddb6d

                                                                                        SHA512

                                                                                        2c271eb62ffe301dd2bba1cef879994bf01bd718080129b99e9784145af5986d8372ef9580959f705e7db3a297e5ea33799022ccef4724d6d9e5343d5192f0f8

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        613447d03f5d7a17a0b5c310263c132d

                                                                                        SHA1

                                                                                        cdc6355dd2d63eade957c80c03be8e1f696f1e6b

                                                                                        SHA256

                                                                                        40b0a5e68b26323c6835c3e022f08fdb1e13da56de8d0e768fd4cf028fd43b5e

                                                                                        SHA512

                                                                                        93fb1fd9afc5c045ea30652c88b375de48131464ea6ab7d26bc4568ae96e6393d1274ca30071296af4062747d81e69ce8b0d5b5fbbb7fc1c01119921c7e81230

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        c99daecdaefb97f2952b98831748dc74

                                                                                        SHA1

                                                                                        e125a21d3025f0bdf004a44f70ff61a998ea49b6

                                                                                        SHA256

                                                                                        828aed6541e3bf5725bcafaa1c846bfc78c0dbf5ce595669845bec74c4c0db43

                                                                                        SHA512

                                                                                        3c944423cdb596e8cc3872d4c59dee611cbba47bea036a33127ea09ea0490459c13ee6a242c558a884002ce8fbd40f20fa121cea1c4b6bc36a0d47aaaf8fe21a

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        1d5392bee5b6a771cd0de8d59677a4c0

                                                                                        SHA1

                                                                                        42391b7305d381c5ae159cacced2f321c9b751e3

                                                                                        SHA256

                                                                                        2e213ffdad4bd6ca9fd6a84818eb8c26960b7920c3e3737bff05421564a26f26

                                                                                        SHA512

                                                                                        7931aee388c01cf32aeddb016deb0d2e185c77d64df003b0c9444f3a7cc337699def04558a6e39463eb06c67f590ea428b7c779d4c851e84ea5feb042b067c72

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        805b3d92f51b13c28c280c01144e7193

                                                                                        SHA1

                                                                                        017292c7353703d9cad73c7e83fa4a5ee2b6118b

                                                                                        SHA256

                                                                                        5952ab0c0e62e880ee0b6443910ec6cee68a818afa8c144902e1403dca9f4cda

                                                                                        SHA512

                                                                                        e16d1095fe35a01bf91181db6c23d6da9ffa16e59349b7f630e7b5c5febfa5e8e78bbb14e5a677c225f53a06511133667019f7f79e94bb78fdf68be1b8f54f93

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        f8f6e310942152e63e412995d8e618f8

                                                                                        SHA1

                                                                                        62dc499ccbee97ed3c0b80f42c7efe04422e8a54

                                                                                        SHA256

                                                                                        4187c35130e01df32803483b4d881c3e8b997cfcc389296b2b514b6de87bb005

                                                                                        SHA512

                                                                                        06a0369f79610a25601ab91305401049c5082439a5037e5e714ae15060d16fd474d9a5ccc58c24a9f3460f79aeaa68df488dc335dceeb320f2bc778c830bf3f7

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        10KB

                                                                                        MD5

                                                                                        6fa969c98f75d7abcaab5cb520ceb627

                                                                                        SHA1

                                                                                        db78beae4f4d7d3f4c67027549b9194dec5c873f

                                                                                        SHA256

                                                                                        727a81bbb883bdc79f130bfdc2100024f2b5859db05f29766e998ad6c305f438

                                                                                        SHA512

                                                                                        1173b9ce489dcae50151595f0bb278fef3d2c23e12bdb9b6afef2d42c1cd53a8086c759b46e87b1fdf99ad59493e15281456762add29ce0f0eb62b385f9a35eb

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        11KB

                                                                                        MD5

                                                                                        74b1476b23f7882b7a03ff4488604762

                                                                                        SHA1

                                                                                        cc2c368d3cab3283f15e83d827506143f14ae26b

                                                                                        SHA256

                                                                                        387a3ab2cb177ddad124a91c79a838e9219f2644bc6d172742ae7a1be9b10fc5

                                                                                        SHA512

                                                                                        ba49107d63f3ec3329525c344d69db73ab0f665d7416241ce64c82e4a4e04cd75329d551a5da559bec5629aff21b256a7191d50d016e1fd26e0497b626f47e85

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        11KB

                                                                                        MD5

                                                                                        50c117ee4d4a187c084e0bfeffbf75cf

                                                                                        SHA1

                                                                                        4dd7e290036670a5717202e59c1f44c260c18d59

                                                                                        SHA256

                                                                                        8f8dce13af03bc8b4b6038b68204f0ac5b41248e61c10400ec50a934b08797a9

                                                                                        SHA512

                                                                                        f29001685d8de35cbc8252352bf330c6d902988b10a8db2bd435ffb8be6795ae036fa94ad350201b9d6465cd867ff70ad2e518c74b91abf285e3bae3081246b4

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        1842ede504f95f3edc499550274ed953

                                                                                        SHA1

                                                                                        60665aacc4712a179ee36efddfb97caa08598b33

                                                                                        SHA256

                                                                                        b63a78842d5857d387c499ff2620c5bb99adfd806eef8be15003e033d728a896

                                                                                        SHA512

                                                                                        45a72cb7ab581bb0993ef30e310903fd5ce60901971f3f967390a46326fc4fd83889497413f3276757b0a3e971f32c15ceba4aafce6aef98ea1f0d12c62dd702

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        a287e52d40ecb23d8439d1098ed583a0

                                                                                        SHA1

                                                                                        5a17e0d87bc9e9dbf7467bf6ae762d77499ecd93

                                                                                        SHA256

                                                                                        9e76ef6fc936c8a1b5300746bfb20a39abda31f90e5e8ff61897c25af7a0107a

                                                                                        SHA512

                                                                                        e32012b717ae5195c201f402daeca0f13088619d3c14621b79f5ad1193ab806d4a8316521564f4823eeb69a00977d631fa5180f1a6c3dd1318fd41eaa1d861bc

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        11eab670228bce31237613728c347147

                                                                                        SHA1

                                                                                        8faa463ef071d46910f31b9b3d69ee460d39981c

                                                                                        SHA256

                                                                                        e254b45fd0b3a0edf4edfbb31c5fe1b3ba6c865b59d898e33624e8363952ec0b

                                                                                        SHA512

                                                                                        efb40eb5004de701e296078ebeb6e248f880cc299bad6df6d09a75013262156b5c3ef0f7e4b913d4d3e1402da6311179f85cc1263e33cacba273a2e53b364ed5

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        c426002cf88014c477d4b8a9101749b4

                                                                                        SHA1

                                                                                        803c497e4a5aee81ce1e759038ab191ef8ffdfc9

                                                                                        SHA256

                                                                                        a69397d2e24bfdb9e8018c5faebd0f2a024bfd3d9fa7fbbd6d1ac33c1232cc32

                                                                                        SHA512

                                                                                        d39cb6fe49527bbbb3cb7f3d5f06f45ec4c9d42694796886ab2ccf2dfc145b345a37bed13462cc9d1287ddfdf2d709c28299df89b1f8d22310c4fb235a704eba

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        11KB

                                                                                        MD5

                                                                                        c1bd503a09c6e0501c9e43e31df0e26f

                                                                                        SHA1

                                                                                        effeb5bf6ec23fabdb6c0edee7c31a231187b5a3

                                                                                        SHA256

                                                                                        fb8a7fd52e876e1574821a23fb89ec831c57cddfbe85795c2b03524224a4da6a

                                                                                        SHA512

                                                                                        8c608acb33bfa8637c2a5a7149db28e83a5e08c81900eefdcd1a4edcb44db4766f7d93cc2cd2147f91b21a78b7cd2520b916a8fcc297d6223fbc998c88cde39b

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        11KB

                                                                                        MD5

                                                                                        d4b6bf3757d027d6b031cfd6da3d63ed

                                                                                        SHA1

                                                                                        7982a8bd5f7a08f06917cce10ffbb5ddd278f95b

                                                                                        SHA256

                                                                                        b3a13bbd557fce4a9373e65fe1cb06491c3729a282d85a190cbf8e78b26bb8bf

                                                                                        SHA512

                                                                                        d858c485c538ce273f8702d60fbfba65c944650c719ac6eb77ea84a40b41d14eb8e23f8e3d473d92c4b251c0e3471ccf95b5e9319213788dba971e6716db6d69

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        af05caadc4fabcdeb994f64b6d447479

                                                                                        SHA1

                                                                                        2f8d8adad1199a81c09733a47e163df377fe4f62

                                                                                        SHA256

                                                                                        8bcc2201644e016094124391175489ade554048d1d7a97a26edc2c9dbffcb7c7

                                                                                        SHA512

                                                                                        7fbe36c8a9c3a17b5003c302e05a4584ffba0726d365bbaf1f2bcd77341af9dc32d4a91f8ccfacc3701ce0ec1c12f5f977b8fdfdc21f5741c3b00dc399ff41d6

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        6d677de4d8ad0221b6f6b99f2417900a

                                                                                        SHA1

                                                                                        f2ef0c2ac2d29d322dea313fd1236d3427bb20ae

                                                                                        SHA256

                                                                                        a70c66e531f18e3a831a23f34b9031ae7daa4ec9c02689c4263347b241f62b35

                                                                                        SHA512

                                                                                        3e97dc813c773b0ada6283827edabe3a15b4edd6c4f014afb932f0e9518987da0f878d7abcc6ae0e8ee08a3506bd491f4661fb59f123f7939cd39f227a1311d6

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        6d370dd151d6484d2c642ff27d781f3f

                                                                                        SHA1

                                                                                        beccaef85d1660191f4a8b35ac4c03dd931fd9a7

                                                                                        SHA256

                                                                                        e116fa1b9efc8e1bfed1314949fc5a227a22a4a7c59120146550fc3cc99076dc

                                                                                        SHA512

                                                                                        f3bce5d6ae418414079bd19830cbe31f61a3d45cde7068bd0597b34ee0840d61340fec96c4d1b63fd5416229eb5c71bbf55a005399f525fdf9abc3f5eabe8886

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        e8adc6381aceaead8dea625be2ee687d

                                                                                        SHA1

                                                                                        7559529642ce1f254256e3ddd454f2407b3694ae

                                                                                        SHA256

                                                                                        0389f018e3f393ed53ccb9ddecec9a97f86ff8750c847db07e2f0769199213c5

                                                                                        SHA512

                                                                                        11ef1a0715a816edc9f3764ee957ffa78d98f383c8ce1fef8eafa329aeeaf7c98797cf2e97918439424e4e89b069db020d2361ece88908bec329b2af113a7eb6

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        c132644fa5b225b3ffa0871d82d966ff

                                                                                        SHA1

                                                                                        0d3cb423f28145feb62c1071e8270882d79e8d6a

                                                                                        SHA256

                                                                                        447ab45e508c50573871cfb158fcc62d8963acda55d48a80712641e3da921f9a

                                                                                        SHA512

                                                                                        5eea5a2b1829329787a0e916f76fc1b51fd34351a3c678b47c69ddf41a8d01632cc6fa2241626d8cdc206cf6e56bae8771ac19ed9518b74c0fb2f128a76ad711

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        06508a1c6767c3203a5b0f934d4df916

                                                                                        SHA1

                                                                                        90558ba32157e6ed8b5607d241ecd93ea5d57420

                                                                                        SHA256

                                                                                        437690d2f61fc1d472a4228722fc474c1b26742fc4ce4021f8ab13b30fea14ac

                                                                                        SHA512

                                                                                        9d6e374caed3f84c3f416bb432edea03c36bc670671eb1bcb0d41f385116c5b321aa429b4d625c934e0ca0cdebd8d112fff9902e7bed783002f092e41abc8630

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        11KB

                                                                                        MD5

                                                                                        a7a9c855ccbf0c3b2c05209512f23461

                                                                                        SHA1

                                                                                        808d2daa0a89f312857dfe26c0a8ec98f2fb2a90

                                                                                        SHA256

                                                                                        50386b7c361777a06bdbb5a39bef9bd98e089a3c94744446869dd0089ce2e80d

                                                                                        SHA512

                                                                                        625ac44fe6c581bb9973ce14d714b38fc220bd012cc12ff0418f85b2dba103451534190f176197e993c10374570b25efb324bf7d278e4923948018c6dacfff52

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        350b6eb7a6cf9241f1f7d761201244af

                                                                                        SHA1

                                                                                        cc91268630d0a157c750f468bad1892ade1cc44f

                                                                                        SHA256

                                                                                        afbd7b16f2eb50a765b5f27c1acfdb4cf43dac27b500de404d24cd0c6a72ab56

                                                                                        SHA512

                                                                                        67c7bc44604cc000da9d97a36be9619f1040fc6dee4071e0064744bedd0afe51f920302f62cad7fe991a96093e1310cc8f0550595b09e34671f1536aa2ba5085

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt

                                                                                        Filesize

                                                                                        76B

                                                                                        MD5

                                                                                        568e7e61523398473af556dae2918fb7

                                                                                        SHA1

                                                                                        4091b1e52408b3ab3d34683f0b442fa35e661f9c

                                                                                        SHA256

                                                                                        5a4c156e40caf101ec0a0cc726e631af8baee8c05a74c2822d16a4d9d824f541

                                                                                        SHA512

                                                                                        e58b30b6b81c7992eb7754974941b789b465e9caced2cb4fc27709c77da9eb0ec6375f1f4294ed2d3419abb7d13224dbb96bb93008ef94308670f2daa580cbb5

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt~RFe5a7fd0.TMP

                                                                                        Filesize

                                                                                        140B

                                                                                        MD5

                                                                                        19f5c92709146f75939efe34577241f4

                                                                                        SHA1

                                                                                        a645a7266b6b089e0d7793be26b1deb392c33123

                                                                                        SHA256

                                                                                        751d9734c139c8edb85dc42088a74796206de8cdaca1ae6034695d45f0e9e88f

                                                                                        SHA512

                                                                                        efa65f155fb7c85cb72394474a89998b2d34989702e6b52059c917a61c216fb4ff5cc0b02913d6891c7007ee22a9bf737a7f69e983ccae08163c278bda919c05

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\IndexedDB\indexeddb.leveldb\CURRENT

                                                                                        Filesize

                                                                                        16B

                                                                                        MD5

                                                                                        46295cac801e5d4857d09837238a6394

                                                                                        SHA1

                                                                                        44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                        SHA256

                                                                                        0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                        SHA512

                                                                                        8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\IndexedDB\indexeddb.leveldb\MANIFEST-000001

                                                                                        Filesize

                                                                                        23B

                                                                                        MD5

                                                                                        3fd11ff447c1ee23538dc4d9724427a3

                                                                                        SHA1

                                                                                        1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                                                        SHA256

                                                                                        720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                                                        SHA512

                                                                                        10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ddba42c6-7f5f-4a24-bb14-192ba4b9386f.tmp

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        55fd8fa2d92cd4f4ed7d6fca9823be85

                                                                                        SHA1

                                                                                        fa235b735a5722d47907a7cb7e85f82324ef4ea2

                                                                                        SHA256

                                                                                        a89fb373913b1b52900dbf9a930621a4c5667c69f5388e78278b83fd4369cf89

                                                                                        SHA512

                                                                                        4a3e95b26517f1ff67a9986d692db22dfd25d709c20181a464df5e28020225eeaadef3a9212aa560f1ce9d3371760f2a9d14f2d07d2eb7d6eb49437b06b9bfbd

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        99KB

                                                                                        MD5

                                                                                        95f2144049212b6ff4c4bec34dd7085e

                                                                                        SHA1

                                                                                        0477c11eb23999c97ebd23fa67f3694c740a8e75

                                                                                        SHA256

                                                                                        407c5e79baa7526f8772a6007ea050e67947ab766c88037e57d129f82c30aebf

                                                                                        SHA512

                                                                                        32f946e19f4a92ebe622d8fc419c4090f477f9d123f4aef227ec1b5b4d8b8f4cd6867cfed065c914ab93083acb816af4b3e5d5730e0b6605e41005f7f5ff7439

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        99KB

                                                                                        MD5

                                                                                        272f9134b19614e4c2f27279e1e921bf

                                                                                        SHA1

                                                                                        5829e6c0ae9af3d998b4a97a52a64552ab932010

                                                                                        SHA256

                                                                                        20340b1c674a0eacff9804c009fc8b2e9e63aa3e47c706e298d88f2cc9137ccd

                                                                                        SHA512

                                                                                        baabca2c3cf4269f2093c9cdac728d5f87d7ac7051d3fb097bad53f499c9b24dc82864d85b340d25774c64401c52793435593bd00d13055851f8fc6226827c41

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        99KB

                                                                                        MD5

                                                                                        18899947e09e7f9ceda7548252f6cedd

                                                                                        SHA1

                                                                                        3427c325b34985eec4373ddda70033c11c913c90

                                                                                        SHA256

                                                                                        91e0fb6998248287a41128f28d97548484a5a4d40a544f06a741242d0e299e24

                                                                                        SHA512

                                                                                        91d8ecb9442d55dadf427787f3416a4cf0ac5fbc68d95e64aeefff60b74d63765ad873c2098c31f39a22c3a645718a004e4d2e79e997f6db84cb673326535b99

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        99KB

                                                                                        MD5

                                                                                        79bdca897acf3d98389c5951d7a545b5

                                                                                        SHA1

                                                                                        02620438e981fbb9908638ee2ac6eed0999bda46

                                                                                        SHA256

                                                                                        d7305e5d731da85ea6a136e80557621b187c5fc4eb46a127e63dfc8eac24d9e1

                                                                                        SHA512

                                                                                        400a99efb187af27d2f3ead27a71feec1df5f525495fd402a5e1fb328d98bf54aa08269d805cd186ed294f14968f77ff782455d4eb640b0f1048cdec4dbb59e7

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        99KB

                                                                                        MD5

                                                                                        d8360b12a92bad8f8738bdc4bae32092

                                                                                        SHA1

                                                                                        bfe857ee6da78bbc8c18661c8db086034faca75d

                                                                                        SHA256

                                                                                        eac715b350a2a506a199aa540864655219c6941063b8613a1a70cb575c1b10b9

                                                                                        SHA512

                                                                                        ccc896c75655e8ed27a70f5b92df62d2f2434ccef7dcd0c817dbf57fc87ee27d67a924a974cb1e7404355d9e37915049005eefd082d3c6c373f6b9f292bc8280

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        99KB

                                                                                        MD5

                                                                                        b92c4e54ff888cbf3143a1876243d8fb

                                                                                        SHA1

                                                                                        540673a09c09a7c7eaa7cb7777d9ca740166018a

                                                                                        SHA256

                                                                                        47af3942e55555dd62091a09eb8a6b88186c4f8ac8e711605a60b009de9a567d

                                                                                        SHA512

                                                                                        5c7290db707287d1b4295b6aafacc3d1fdb5c1a90fbdf92acc4325cca3ff14d9c7064614bed3487f4bd375870978373a643b2e8d2cc07ccd3427a49150883e29

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SolaraV3.exe.log

                                                                                        Filesize

                                                                                        42B

                                                                                        MD5

                                                                                        84cfdb4b995b1dbf543b26b86c863adc

                                                                                        SHA1

                                                                                        d2f47764908bf30036cf8248b9ff5541e2711fa2

                                                                                        SHA256

                                                                                        d8988d672d6915b46946b28c06ad8066c50041f6152a91d37ffa5cf129cc146b

                                                                                        SHA512

                                                                                        485f0ed45e13f00a93762cbf15b4b8f996553baa021152fae5aba051e3736bcd3ca8f4328f0e6d9e3e1f910c96c4a9ae055331123ee08e3c2ce3a99ac2e177ce

                                                                                      • C:\Users\Admin\AppData\Roaming\d3d9x.dll

                                                                                        Filesize

                                                                                        525KB

                                                                                        MD5

                                                                                        e375b03b2faba14b1ae11bf83ea89ac7

                                                                                        SHA1

                                                                                        0d2dc050ed1d90863320a5185b3042f72d089b88

                                                                                        SHA256

                                                                                        1adbaf383aeb28e5dd2749b2e904162cd4a75b61218fbc7e8de8b5c974c29b76

                                                                                        SHA512

                                                                                        2929d3a2c71a55621c342761fff38a878361e7a8d4f3439b863ae39b6a1978a390f52785660cd08ba2db6bcc2b16cad502e585f230f89c03dc5a0f56a5d91ce7

                                                                                      • C:\Users\Admin\Downloads\SolaraV3.zip

                                                                                        Filesize

                                                                                        8.0MB

                                                                                        MD5

                                                                                        d42e98afa897489938a5b9c9d46b0ce0

                                                                                        SHA1

                                                                                        f4af1a3d7652ebf87657fc0df7296d589e3df82e

                                                                                        SHA256

                                                                                        6cf64f18c5694399f907311beeb27acff06e7c36356bb573c5dfb6540318cc00

                                                                                        SHA512

                                                                                        0ecd7c91f0330de5ef3f47b3a7c6807a9227c2ea5eb31de8dd5f14a6ec4e01ba085b121e721878b3206e869a3ecc35469fb575b90d89a53f01e717722e100e92

                                                                                      • memory/3852-1371-0x0000000000D00000-0x0000000000DC0000-memory.dmp

                                                                                        Filesize

                                                                                        768KB

                                                                                      • memory/3852-1370-0x0000000074E3E000-0x0000000074E3F000-memory.dmp

                                                                                        Filesize

                                                                                        4KB

                                                                                      • memory/5108-1380-0x0000000000400000-0x0000000000459000-memory.dmp

                                                                                        Filesize

                                                                                        356KB

                                                                                      • memory/5108-1378-0x0000000000400000-0x0000000000459000-memory.dmp

                                                                                        Filesize

                                                                                        356KB