Analysis Overview
SHA256
44906b6e9015742a43e3cf30beef51642d7e6349d02a86ce12464d8b5639973b
Threat Level: Likely benign
The file Sad_Satan.exe was found to be: Likely benign.
Malicious Activity Summary
Drops file in Program Files directory
Browser Information Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-25 09:52
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-25 09:51
Reported
2024-08-25 09:54
Platform
win7-20240704-en
Max time kernel
110s
Max time network
148s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Sad_Satan.exe
"C:\Users\Admin\AppData\Local\Temp\Sad_Satan.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef79e9758,0x7fef79e9768,0x7fef79e9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1384,i,844207708877450685,15755215148446458142,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1532 --field-trial-handle=1384,i,844207708877450685,15755215148446458142,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1604 --field-trial-handle=1384,i,844207708877450685,15755215148446458142,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2320 --field-trial-handle=1384,i,844207708877450685,15755215148446458142,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2328 --field-trial-handle=1384,i,844207708877450685,15755215148446458142,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1708 --field-trial-handle=1384,i,844207708877450685,15755215148446458142,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1528 --field-trial-handle=1384,i,844207708877450685,15755215148446458142,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3640 --field-trial-handle=1384,i,844207708877450685,15755215148446458142,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13f557688,0x13f557698,0x13f5576a8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3732 --field-trial-handle=1384,i,844207708877450685,15755215148446458142,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| FR | 172.217.20.170:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | tcp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
Files
\??\pipe\crashpad_1448_FGHJIPKWTMDNTKUZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b1c5a7ab2a4699e0b1c8457627fd6afd |
| SHA1 | 2c80be89a411dbd349267bf67be79082b9af3496 |
| SHA256 | 582f29ded039b47c260ac87a2d6cc825b0fde4c73386cb453df1ae4c83d791cf |
| SHA512 | 1f64227231de260a20ced37e7e64b44e7e390a59fe48d3e9ef0dbcf7e1920e142e2345628029208e87377349ec9a2f1bd3159072653997f1d682f491b47d3cbd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dcdcffe9f8948a992404de63c54d5ccb |
| SHA1 | c831771ac9ae69fd9f58532c4b2ce10f4118fe15 |
| SHA256 | a8cd6b0bb969429930b792b0c8b7f71119175bde6a0210701b388e43660f07ec |
| SHA512 | 02acd692e0fa28e2c2eeb2653ca25b1c04c4ddec5d0909ca4bb996e57c0d9163a2f382b7aee3ceb54dce75e138af36530c1d2f5b6dc29005f5808d72edc754b9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3fb45cef0ebb11c8f01860190a19782f |
| SHA1 | c3e0cbcceab410779c14d7b0685f2e83b9b829a2 |
| SHA256 | 1d5d23207677b22b7efe632334608d3d771ba5289b2978d9db6c744de429965d |
| SHA512 | d5191c21934213ad02df67ea9fff2975c969a28cb46b9c0939076aefbcdf4afea834af0b7509637bd9328b1f1535c0a29556a649f73bdd71d36b747f23a306b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67828bcf264d16c1d5837c3b35cc444a |
| SHA1 | caea9b8b7bcddad525f53aae3d28a2de28482f44 |
| SHA256 | 718f877d1df43800da406c08bf6967baabad2a85ac344f1b5969211c8f9eec95 |
| SHA512 | 4d38780cbf2bf7997f8945a722a521bc37dc4020f6604bac3d80567cad520c33271f88625f7150fdba3cfbe1b2fa86251652268b4249e6ea8e341731b8853259 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 86be2d488aa1b62bc8d146fadf747e6c |
| SHA1 | f6b81e04fc05fbde84df1c54e6590dffcd540ad7 |
| SHA256 | 8f5e45c08bfbc6c5a31bcc6bbb012aadeb9ab412ea7c7afe32d822e669529a74 |
| SHA512 | 826880b40e023f8ad8dce81013b1776430054ee43a51974c0b3c8c176067edab7e98615a934f1e403f9f1f6499454bdaf7ce973177c89964b5be1abffaa3ecbc |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-25 09:51
Reported
2024-08-25 09:55
Platform
win10v2004-20240802-en
Max time kernel
150s
Max time network
157s
Command Line
Signatures
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Crashpad\metadata | C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files\Crashpad\settings.dat | C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690532093314573" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Sad_Satan.exe
"C:\Users\Admin\AppData\Local\Temp\Sad_Satan.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff8097acc40,0x7ff8097acc4c,0x7ff8097acc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1948,i,1097973094533492106,4284023907991050337,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1944 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2088,i,1097973094533492106,4284023907991050337,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2152 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2288,i,1097973094533492106,4284023907991050337,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2400 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,1097973094533492106,4284023907991050337,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3352,i,1097973094533492106,4284023907991050337,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3420 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4456,i,1097973094533492106,4284023907991050337,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4564 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4836,i,1097973094533492106,4284023907991050337,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4872 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4384,i,1097973094533492106,4284023907991050337,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5036 /prefetch:8
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x204,0x208,0x214,0x274,0x20c,0x7ff7aa4a4698,0x7ff7aa4a46a4,0x7ff7aa4a46b0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5136,i,1097973094533492106,4284023907991050337,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5180 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 42.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.74.250.142.in-addr.arpa | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| FR | 172.217.18.206:443 | clients2.google.com | udp |
| FR | 172.217.18.206:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 206.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| FR | 142.250.178.138:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
Files
\??\pipe\crashpad_4596_RKCXRJHNXIRLMXLI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 90bb35e0007660f05bff9bff38d72ca4 |
| SHA1 | 2581e854a03a11d62a687844b65e30436769dbac |
| SHA256 | f0450596b27e7d4313b903ca9d92e91e0e139b8c9c0105a5b6cba0653544e669 |
| SHA512 | d84ff99895e5aa7e1714910fa5d39759f9c4e0747b6da25036a51df47f047cd8646d4b522338fd2eed261177002c7be89757355b65e51491a2bb7edadb3339fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 67d59f6283e2c989442c2553015e8d02 |
| SHA1 | 8016bd669b90869097ac42b1d22a15dfd005ac19 |
| SHA256 | 0ee4ff654da49778f00e672ef5ffd0819d77cdd2678cbbf668c21861a42ecbdd |
| SHA512 | 7607177333803d008399aef4d479aadb996ec9d17fe971b783cee5912ca091cf7e4a4b857533e6a29de1b3e3b68a442aeddc23bcb905339b608db57a20eba7d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\9e20e325-e87d-4f4e-9cd7-c40255d428b1.tmp
| MD5 | 757e7fde34d5dd4d15ae162cf3ece95d |
| SHA1 | c5d486abea87496abb8f4173edc092fd6b691dcb |
| SHA256 | 589eab8f05d3e7945feec47191a24592802134f02f319c0c4d02118cbd174cd4 |
| SHA512 | 56175a933b8bd48b9fa11c2ae11c795a251a8c8b1bcff9efa4d58ffa942f6515b2a2ae31b3e3ffa2ded343f9dfd5898039c5a662238e19827328de91652dc3c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 17013ee86699123aa48b8f3a3dcd0751 |
| SHA1 | c410d1a11e309d308558f94a5094c018961216d8 |
| SHA256 | b4af819854697fb6756b378a087c4970b4be9273019bdffded685ae3b6050434 |
| SHA512 | ac885fa73257a74b091532eba52ef8d76e977a0f14b99377ca7fad34f546cd19b5b097efb2a6eaa0b970cff31667352c9fd90a90ab0de35c1faf32f0571890e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | e3a9cda2973e05bafd93f4bae983f691 |
| SHA1 | 5761e8b5d26e06b97da34b1671463aa80ba4f428 |
| SHA256 | fe24d79ad13a8bf3991e3c9e7d89776f6556affc78829e7128ca2048d3e4ce0f |
| SHA512 | 3028ce04af59a5306393ee60c2e7f5c08dff1034617100842f258efe95e2dca2287e8177da5501517d4fbf8a2abb149f279214caa375f5626256990cf0ca2001 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbcb9dcda94cd53437f83078ce1a0ee6 |
| SHA1 | 2247ef341837dc7bfa32105c42ac66c2330b1097 |
| SHA256 | 206af0832508a7e7080e27265925038e192286e294c739d3200d7a314381ee47 |
| SHA512 | 3ec440f3550591640f9b4ab8e3b9f3b3454cd1e88ae850b9dcefada21b617a05559e26930fa5f9b5f38c19d1fe27d990db98c73a382aa63fdc75111670f0eb22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7d96e3b7bd34378d2f3a47e93f024657 |
| SHA1 | be010ad536fded23e792447628111d8b540604a9 |
| SHA256 | ecb9b7ec8664555191fc50359a91f2bfdfc57cdd86776acffbb2aeaf00edbdbd |
| SHA512 | de1f81c12fb9c11e823a8acaf8fab3a5472cf0bbbc76b45d8a655dd37165460394e74dc572827d43b7591a9a7fabfdf92d66fa3c261e4edbe1d0cde9de67ad95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 825e8631943eb5b9dbce91910401b45b |
| SHA1 | 0d9787eb26ac384bb605025f258342a4fc69c63e |
| SHA256 | af8b80d9788fa217dbda2f51865b098259a9971f6a43c0fe081577e1f5e2682f |
| SHA512 | 028adea324d047eca06cfbcb8e95f373cce5ac89204146a882ae944a88f3b716afc6b34d5b82dc55b86ff927bd0f0149249e03f88df89f68b2e17353a9185795 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 367c36c134b710368a0836b9a8c6776c |
| SHA1 | 0cbc2e48a01eb5e4de81d13502c4ce459c706cc1 |
| SHA256 | c24eb12c01467690b04e42bca8651c6f38b8012ebfdbe9666911c353c70aaab3 |
| SHA512 | 373f79bbf71b30d4b1e9063580c957c9bebde21052f8a6f7fc941221057b24a5cc263f01dcfd465c3360ea1263e2e2cd6f6f8c345f57121f22d08f23754b7d09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c3953ac3f846a47b73134f03d0158b42 |
| SHA1 | 0fc241dde6f3fcd1587a25a064496b91b51126ff |
| SHA256 | 751fe19e69c3b5a21cc3de01e243a7dc6f8a4b2935f743395be5a22aa3b9de53 |
| SHA512 | 4c064ebb93b701fa99503d893c846e6de0e1b7eeed85c63921af10f4edf8ff541c78f75daf3a67c7b3b4e07cbe46d4483674d70b4261a054cb8369cfe2c06234 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e8b66e01b3cca38062d29c327652ddc0 |
| SHA1 | 05b90274f3eecfc2cec1e625f31f7780252ce76d |
| SHA256 | ffc7490b5089902eee96d1f1289fcf42d96b499b39d70463d620c679845b9b02 |
| SHA512 | 81e1897f057ec6a4389c4da2231821b137607d793a09987c4c29392b869f4f41e19de0f3e15a6cebf7539a299677546f0f549b0d3481d3795d79d2a31f4f8de4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d91b991bfe1eff542fd83c673adae4bb |
| SHA1 | e212469200562925067ee9b726c5e943c53c4303 |
| SHA256 | 3ed092b1a57343b0101b16a64f3a2fdb9ef2c770f54cd0091b2e0492def9f117 |
| SHA512 | 40d1cf598e8dde5c47a7194680c46f1c329c8b7bb2de619cbc0e44a1238a493a3fc762abb3da4a3d350644f813999831a5d6e9590ac6446bcaa9b0bbc50ff74d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9b0e2ef9ff1f2adeb8cba8006f7fb75c |
| SHA1 | 5fdb77c631cd185c083f86bc50c76a5c4cc4724f |
| SHA256 | 9311d77c6fd573248d09b21d92388a0fedad870a5d7b99423c05b30f70297895 |
| SHA512 | cc4c64cb450b81b7177e7c549a617e6a8f5c1ebc16fb222e7d16cbcc5795b6320ce6ef8d62b05fc8cf1ca2ee0a5ef21db957234ec2d935a78eec5b89351c1570 |