Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://sourceforge....

windows10-2004-x64

10

Analysis

  • max time kernel
    125s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-08-2024 05:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://sourceforge.net/projects/black-myth/

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://reagoofydwqioo.shop/api

https://interactiedovspm.shop/api

https://charecteristicdxp.shop/api

Signatures

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma
  • Executes dropped EXE 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Program crash 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 54 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 3 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 59 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://sourceforge.net/projects/black-myth/
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1848
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc49f046f8,0x7ffc49f04708,0x7ffc49f04718
      2⤵
        PID:4508
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
        2⤵
          PID:2460
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3676
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
          2⤵
            PID:3784
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
            2⤵
              PID:4732
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
              2⤵
                PID:400
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
                2⤵
                  PID:1480
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5372 /prefetch:8
                  2⤵
                    PID:3164
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5372 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:452
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
                    2⤵
                      PID:2196
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
                      2⤵
                        PID:2504
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
                        2⤵
                          PID:2272
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
                          2⤵
                            PID:4404
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
                            2⤵
                              PID:4660
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4192 /prefetch:1
                              2⤵
                                PID:2196
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
                                2⤵
                                  PID:5204
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1
                                  2⤵
                                    PID:5316
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
                                    2⤵
                                      PID:5324
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
                                      2⤵
                                        PID:5484
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
                                        2⤵
                                          PID:5492
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6380 /prefetch:8
                                          2⤵
                                            PID:5704
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6828 /prefetch:1
                                            2⤵
                                              PID:5712
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
                                              2⤵
                                                PID:6088
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4260 /prefetch:1
                                                2⤵
                                                  PID:5636
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
                                                  2⤵
                                                    PID:5696
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1
                                                    2⤵
                                                      PID:3356
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
                                                      2⤵
                                                        PID:5848
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6840 /prefetch:1
                                                        2⤵
                                                          PID:5256
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1
                                                          2⤵
                                                            PID:5184
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7052 /prefetch:1
                                                            2⤵
                                                              PID:4156
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6336 /prefetch:1
                                                              2⤵
                                                                PID:2760
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5424 /prefetch:8
                                                                2⤵
                                                                • Suspicious behavior: EnumeratesProcesses
                                                                PID:3360
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,7470782385921432241,4330115026165545422,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4884 /prefetch:2
                                                                2⤵
                                                                • Suspicious behavior: EnumeratesProcesses
                                                                PID:2432
                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                              1⤵
                                                                PID:712
                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                1⤵
                                                                  PID:4176
                                                                • C:\Windows\System32\rundll32.exe
                                                                  C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                  1⤵
                                                                    PID:6000
                                                                  • C:\Windows\system32\OpenWith.exe
                                                                    C:\Windows\system32\OpenWith.exe -Embedding
                                                                    1⤵
                                                                    • Modifies registry class
                                                                    • Suspicious behavior: GetForegroundWindowSpam
                                                                    • Suspicious use of SetWindowsHookEx
                                                                    PID:5744
                                                                  • C:\Program Files\7-Zip\7zFM.exe
                                                                    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Desktop\Installer-master-BlackMythWukong.rar"
                                                                    1⤵
                                                                    • Suspicious behavior: GetForegroundWindowSpam
                                                                    • Suspicious use of AdjustPrivilegeToken
                                                                    PID:1376
                                                                  • C:\Users\Admin\Desktop\Installer-master-BlackMythWukong.exe
                                                                    "C:\Users\Admin\Desktop\Installer-master-BlackMythWukong.exe"
                                                                    1⤵
                                                                    • Executes dropped EXE
                                                                    • System Location Discovery: System Language Discovery
                                                                    PID:448
                                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                                      C:\Windows\SysWOW64\WerFault.exe -u -p 448 -s 1148
                                                                      2⤵
                                                                      • Program crash
                                                                      PID:5584
                                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                                      C:\Windows\SysWOW64\WerFault.exe -u -p 448 -s 1148
                                                                      2⤵
                                                                      • Program crash
                                                                      PID:5620
                                                                  • C:\Windows\system32\taskmgr.exe
                                                                    "C:\Windows\system32\taskmgr.exe" /4
                                                                    1⤵
                                                                    • Checks SCSI registry key(s)
                                                                    • Checks processor information in registry
                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                    • Suspicious behavior: GetForegroundWindowSpam
                                                                    • Suspicious use of AdjustPrivilegeToken
                                                                    • Suspicious use of SendNotifyMessage
                                                                    PID:6040
                                                                  • C:\Windows\SysWOW64\WerFault.exe
                                                                    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 448 -ip 448
                                                                    1⤵
                                                                      PID:3696
                                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                                      C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 448 -ip 448
                                                                      1⤵
                                                                        PID:5604

                                                                      Network

                                                                      MITRE ATT&CK Matrix ATT&CK v13

                                                                      Initial Access

                                                                      Execution

                                                                      Persistence

                                                                      Privilege Escalation

                                                                      Defense Evasion

                                                                      Credential Access

                                                                      Discovery

                                                                      Browser Information Discovery

                                                                      1
                                                                      T1217

                                                                      System Location Discovery

                                                                      1
                                                                      T1614

                                                                      System Language Discovery

                                                                      1
                                                                      T1614.001

                                                                      Query Registry

                                                                      3
                                                                      T1012

                                                                      Peripheral Device Discovery

                                                                      1
                                                                      T1120

                                                                      System Information Discovery

                                                                      3
                                                                      T1082

                                                                      Lateral Movement

                                                                      Collection

                                                                      Exfiltration

                                                                      Command and Control

                                                                      Impact

                                                                      Resource Development

                                                                      Reconnaissance

                                                                      Replay Monitor

                                                                      Loading Replay Monitor...

                                                                      Downloads

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                        Filesize

                                                                        152B

                                                                        MD5

                                                                        53bc70ecb115bdbabe67620c416fe9b3

                                                                        SHA1

                                                                        af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

                                                                        SHA256

                                                                        b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

                                                                        SHA512

                                                                        cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                        Filesize

                                                                        152B

                                                                        MD5

                                                                        e765f3d75e6b0e4a7119c8b14d47d8da

                                                                        SHA1

                                                                        cc9f7c7826c2e1a129e7d98884926076c3714fc0

                                                                        SHA256

                                                                        986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

                                                                        SHA512

                                                                        a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
                                                                        Filesize

                                                                        93KB

                                                                        MD5

                                                                        de68d3b9210b4e656b232ab278c9ea6c

                                                                        SHA1

                                                                        1f3f003ff606328fd4e8af92bce2e91fa5cbf2c5

                                                                        SHA256

                                                                        5fc71f5eebca4c5a7770c3c6839fad5f4646720a238d69def5f63d1a5b5e707a

                                                                        SHA512

                                                                        f37071ba97c479e9655d12a9fd363cf8a7d3d32b8fcac6498fcac257fb980c36cc37f71118bb40b21e45233806c705d395d711fc23c9cd5a6c93616994f73692

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
                                                                        Filesize

                                                                        17KB

                                                                        MD5

                                                                        0c6e9210620b1aad072cda6a4abbc2c1

                                                                        SHA1

                                                                        c1c94e6d221380ed6d4653a868dcaec2c71264e5

                                                                        SHA256

                                                                        2abbf4a08b670f399db91512e99d8510f63f1bbc03357ab409a4d8fe32085e22

                                                                        SHA512

                                                                        16c486052e59d875cea394ce1b8fab78eeb0da136fab992164d0ab874b65f88f9c208d3c02aa35a83fa0fe1bbd93581c7551d37772e2acf4de0d4783402df81d

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
                                                                        Filesize

                                                                        18KB

                                                                        MD5

                                                                        8f836ccb46c27b76dce2e37ed28a7745

                                                                        SHA1

                                                                        a7958e27914fff29dd80c300d158752e1900e4d4

                                                                        SHA256

                                                                        79d0ea2c357ca32b3e51f5bb20629033efd31778e2f70a2f50dab7f20f921590

                                                                        SHA512

                                                                        21a4080e3ad74ae1b494630f0b0dab4bfdc4efc0a4d2df4bf2ec6e0f4a15680da09d02c6e003deb4e88692205297006b0b946c544a11a786e61230a214e6530b

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
                                                                        Filesize

                                                                        18KB

                                                                        MD5

                                                                        4e33bbf96eb422644eaee9c5ef68ce89

                                                                        SHA1

                                                                        e1f0c0ac49eb6508eca9fd132ad20f12990c6c2f

                                                                        SHA256

                                                                        dc41935a92d73a94855b7d975069cf6ba6880aedc4dd1098034ba51199c652cc

                                                                        SHA512

                                                                        9ba0d659c5945899417bc097fb53d39be5a1c90708db4a03134364c31d325635c91bf6ceea86d77b2514c27086573db5c4ff2a0c061f1acb9661b86942c3cc66

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
                                                                        Filesize

                                                                        31KB

                                                                        MD5

                                                                        7e84326b569ca7a6bb3f265c34888d6c

                                                                        SHA1

                                                                        48e75a44df4786f6c33ee2c596271aeb5226f62d

                                                                        SHA256

                                                                        f9250c40691d6b185f91506c2c77198e8ace32a6a95f8ba0a97e8e0d369a8ddf

                                                                        SHA512

                                                                        9c27bf9db64de27f3ff1301fd01ce6df000ae482e8c4c448f6e577b85dbd449222cd47bc39bfa4eabfa808af267f309f5ed9edf4ea742ab3860b5bcdf561c005

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
                                                                        Filesize

                                                                        148KB

                                                                        MD5

                                                                        a85641dbbc2e737f08a83875d8e7706e

                                                                        SHA1

                                                                        6e4acbef413babea2733c3c689ccfd7788e2091e

                                                                        SHA256

                                                                        c274acf372114f67c76a61b7df530b657e371997ba617b000363342c0abaf3db

                                                                        SHA512

                                                                        9b967a390c47d29be598ea89691f9944927ce2335bd4f296402055b9432941707e2a22672e55d5d6684adf0f2e46506749585b51c53b05631e316065af3916c2

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
                                                                        Filesize

                                                                        33KB

                                                                        MD5

                                                                        1aca735014a6bb648f468ee476680d5b

                                                                        SHA1

                                                                        6d28e3ae6e42784769199948211e3aa0806fa62c

                                                                        SHA256

                                                                        e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

                                                                        SHA512

                                                                        808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
                                                                        Filesize

                                                                        62KB

                                                                        MD5

                                                                        6b04ab52540bdc8a646d6e42255a6c4b

                                                                        SHA1

                                                                        4cdfc59b5b62dafa3b20d23a165716b5218aa646

                                                                        SHA256

                                                                        33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d

                                                                        SHA512

                                                                        4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
                                                                        Filesize

                                                                        31KB

                                                                        MD5

                                                                        c03ff64e7985603de96e7f84ec7dd438

                                                                        SHA1

                                                                        dfc067c6cb07b81281561fdfe995aca09c18d0e9

                                                                        SHA256

                                                                        0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526

                                                                        SHA512

                                                                        bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
                                                                        Filesize

                                                                        63KB

                                                                        MD5

                                                                        34d5015941e4901485c7974667b85162

                                                                        SHA1

                                                                        cf032e42cf197dcc3022001a0bde9d74eb11ac15

                                                                        SHA256

                                                                        5c166a5d40aeefd0679a14f95e47ff28824e66abba82adfa30be41803cc25632

                                                                        SHA512

                                                                        42cef1d6847f535a6e8afc0469b9f5ef79ce4ab21512ac7eeda8ef9667d5f24bb33b30aba9a29824b3d853d41d4addf6bdee2042cf4fbd0a033b61657c671f0c

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
                                                                        Filesize

                                                                        20KB

                                                                        MD5

                                                                        98f7ded41df9df121c853574b3e7f15e

                                                                        SHA1

                                                                        c33dc8e6b84300e1dd99600e453b1c1103719410

                                                                        SHA256

                                                                        52dad93b12d78578fb838e07303cb9f137cc1f46a9fbdc8bf4bbf1ace762555d

                                                                        SHA512

                                                                        de43441f031169efa3dd8ba99d9735d72f07272c159a505634a53a5cc34cedf7530cbea6aeb720e69c91c903baca27c271fa8288c97c9c4541aac74821118d50

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                        Filesize

                                                                        1KB

                                                                        MD5

                                                                        9ace0e65274b404e8fbd87950b9ff129

                                                                        SHA1

                                                                        0d501c993f009fa2c0e421ed4ea7fb2e3798ce1b

                                                                        SHA256

                                                                        2a96b7f5f81f705d4a866ea2810aad028e89d7ca66d1c6e9bf877f50e0edbb26

                                                                        SHA512

                                                                        028044b52b2968cd412a20b4f5cc94039667896ab044e53153e21fa83593dcece884a04524a1dadeef1c1818eab71c8c33dd28fa3fb062ef519a4049b6a6a36f

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                        Filesize

                                                                        1KB

                                                                        MD5

                                                                        fd63bb650cbd41290d1893bb37555e07

                                                                        SHA1

                                                                        99f4b6f53acd7999db5f317c55e418af03d6ecbc

                                                                        SHA256

                                                                        e5dbf64848f245aca4b0f2497625c234c9c97e35cb664a03955df781797839fa

                                                                        SHA512

                                                                        1192b9f1824095542e765b324f9f5d9182d229a01cb2227f8ea0bd8fc7ccc346dceeb735aa571b318f64150560c01b2809c9346b22076cae3394f48d3b76cea3

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                        Filesize

                                                                        5KB

                                                                        MD5

                                                                        70a3494cafce9820d22dd457c1824572

                                                                        SHA1

                                                                        062098189e1ae029dc9bbec2199ccc6f6945e4b0

                                                                        SHA256

                                                                        8d8a26accd71618d2bf7e83b3afd62ebfad5795a616c3f976a628c783e11f8bb

                                                                        SHA512

                                                                        82364d307da7a000de2ea598615e7e79be09c54608d3981ea47391df5adcb1d40a67eafac9e3da352f5ad10894e84508af73254512593d28fb3a4583031b3a24

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                        Filesize

                                                                        5KB

                                                                        MD5

                                                                        527148fb4c2bdc3adbc8aba2ecee7608

                                                                        SHA1

                                                                        fa153261845c62371955870f6eafdeb3aec95145

                                                                        SHA256

                                                                        3317b248179ff92c74d388af063c4281be2d0641abfd4643fd20f322037840af

                                                                        SHA512

                                                                        d32cba5dedfd758100432337514941288135dec32a3f83d84d47eaa00a197652e3bca6a99ff80ca56d5af1b1816b1ec780dccc53f06ec79ef91d50ffa507b788

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                        Filesize

                                                                        8KB

                                                                        MD5

                                                                        0eba3f99fdcceea7768c6cfd16abbc9a

                                                                        SHA1

                                                                        06cfa18e3aa8ec091ea73c58360c2a1145bb2fdd

                                                                        SHA256

                                                                        e5e9b8231632ba48395bd4365bfa99f2ea024003b9276adb0df501aad993c6f3

                                                                        SHA512

                                                                        e8c9971d15fc61199f2b737a4a495f0f24da5d6659dcfff6125e3f67fff71435cc04bc424e2e31f464a3760c60b5e8c5ec7290e6d2606e811c5876073ccbd2b6

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                        Filesize

                                                                        8KB

                                                                        MD5

                                                                        256e8fd9e04bf223e0b80725fdfcc76e

                                                                        SHA1

                                                                        53f5550878c2db717912ff8eaca79909601121fa

                                                                        SHA256

                                                                        e0cd7eb45461c42ef33954cd9297d299cca34cb86df8fabf7ce092db0a95d401

                                                                        SHA512

                                                                        d746b0dfeca29cd3c4d0cddb1a07ba43466a1d0d081a3fd10b966b91e52f962c333070c387ae3293c4fe091eb92a8296c211bb503a3610f8f2696ab5e9b91661

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                        Filesize

                                                                        8KB

                                                                        MD5

                                                                        da8de23787da06a960346f9778dcbf02

                                                                        SHA1

                                                                        35904ba2d7b0b76f43b89a8e331bdb2104cb33da

                                                                        SHA256

                                                                        cb619a1916c2584eb362c39e6722a3731863742d55e4cbb44c8e442839a8ef87

                                                                        SHA512

                                                                        82d2b7f5fa395d37365d67dbce9d72f03a311ab4352280a06193b813cde0dfc9887022a40823a67a4e4a7c5197b646d99ecce3f07922c55483b9b471738cc1f9

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                        Filesize

                                                                        9KB

                                                                        MD5

                                                                        1d03d95cfdaf64adc77c52102823d690

                                                                        SHA1

                                                                        6c51fca9cebf6a9cf60f535d9f45febb6a6686c9

                                                                        SHA256

                                                                        db15aec33bc43ca6308007a94d4dc4d741f36acff2514432bfd08afd7bab339f

                                                                        SHA512

                                                                        4a1b1ba52214eadc85b6d77edc844f79cc5d5611b60cd028e0468ed0ffcfa0e3cf5110011d19379fb81e74e81d33d5ac55e881094050712b5b70627cdd0c64cb

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                        Filesize

                                                                        9KB

                                                                        MD5

                                                                        c40a93ffb52f953cd52577205ba66c73

                                                                        SHA1

                                                                        ff873f5acfc4497eb1a68cdcf7c1a55a132c63ca

                                                                        SHA256

                                                                        dd65b42e4831c9c08346f61e70e40c2700aa9a668efe725d1b4ba8b64390c086

                                                                        SHA512

                                                                        bcbd01d8ab59873de5e8f2655ac20deefdc129e29d73543e5dc1643406581d516fd5bb22aa17e4f2a25f5a0524344629d952e70aa99d3c192bd571f68e31aa16

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                        Filesize

                                                                        872B

                                                                        MD5

                                                                        c06a2149de5c2ba6e2ac14431ecdd444

                                                                        SHA1

                                                                        e8a8a3d35c0d286f1d56c1a6d8596e1045347165

                                                                        SHA256

                                                                        49c97050e3042a7b0fcb91f9d15571661cfa02ad0483a7c11bb0e3f54dfa6d99

                                                                        SHA512

                                                                        c1b11d5b9206d2aeda85ea682bcfc443519dcb040e8dd9e4a09b2b2e472c5d3e4af4760111acaa049fb31c66ea6adfb181f0ac1ce1791bfe4b69c5d9a95d5f1b

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe583822.TMP
                                                                        Filesize

                                                                        872B

                                                                        MD5

                                                                        a801d350cb07d76c69bc6b325277c903

                                                                        SHA1

                                                                        10f2d5c52f5dfc23e64a20020d8fd9e7a1d07182

                                                                        SHA256

                                                                        e7e76e2b5805f33447655d86b48203b156f45d5813dca75ebbd9407fbb77804f

                                                                        SHA512

                                                                        1645fe7b8668513924587340332e9486448e090bd2722ae9c186c4fc996f80b8b36bd29b9dd66b0a62cec96d9d85d03fea1366a650a8b4edc068ada6a79e5995

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                        Filesize

                                                                        16B

                                                                        MD5

                                                                        6752a1d65b201c13b62ea44016eb221f

                                                                        SHA1

                                                                        58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                        SHA256

                                                                        0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                        SHA512

                                                                        9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ed56bea8-ce0c-4850-9e01-f8c6d203f329.tmp
                                                                        Filesize

                                                                        872B

                                                                        MD5

                                                                        ca6738d1e8040c2f7e6abd9f52debf33

                                                                        SHA1

                                                                        ac842c88c651ea812f977861bea6bde213ca32db

                                                                        SHA256

                                                                        36ae1148fc153658106d01c71339bfd3f4f76d70ab37494d2a92d3dec840d775

                                                                        SHA512

                                                                        b60901d0f3c528d94f2b70b8cbb6522243af9b11b21962d7e3362d09a4b52080f66562678967176558b5dd8797061637cb08e2585270f90704f0b3dd75d2d2e2

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                        Filesize

                                                                        11KB

                                                                        MD5

                                                                        ed1e1728b187c94ce63429202370ebaa

                                                                        SHA1

                                                                        bd096c5b5507af041c88b70851dc0277933f194b

                                                                        SHA256

                                                                        c04de040d08786b2b28f131524e6ba0eb83d0fdc06e4e7514c46a534518c4382

                                                                        SHA512

                                                                        bc3f1bf2b56ae480d33a8da002e168b78eab92ae152216ba4558924fa8aa289cd3991a866b6056ca6a2174cd95dd1d5e7efa875dee41b57249a48196ce234e31

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                        Filesize

                                                                        11KB

                                                                        MD5

                                                                        f6fb0104367b26b2aacf90ff6062d1f7

                                                                        SHA1

                                                                        9feb995df9fee8886bf360bb8e43e79f88c2cbc3

                                                                        SHA256

                                                                        e640c5884a001b37c38c7d65154c5ace4c34a5d02206a1487722806f9fec6e9f

                                                                        SHA512

                                                                        eeff7d85318a49d1349aab5464b27ef58bde8943491762877b0107ceaadd83667dbd928ad8625d489a2103078f39eda2effcd82ebc9116f640d183d87f411b55

                                                                        Download Submit
                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                        Filesize

                                                                        12KB

                                                                        MD5

                                                                        5c00bf5c5d0a5f69c48a272f69d72c3d

                                                                        SHA1

                                                                        bf24a652f93cc4c3c1edea556833a48e8af29488

                                                                        SHA256

                                                                        6eaf2ffe2dde1ec1e4d7705e7686b4fa425d01d0713181caf25d66c05a41a49b

                                                                        SHA512

                                                                        2e79e2a9271db1796680292b567763e7125b2d8bf87f12a709ed92191fe45a5071c3fb61cd3682f63c941ef7b96ab240d23efaa362428f7016017a9cb252cbb8

                                                                        Download Submit
                                                                      • C:\Users\Admin\Desktop\Installer-master-BlackMythWukong.exe
                                                                        Filesize

                                                                        27.3MB

                                                                        MD5

                                                                        89bb07ba8cb10736717b02985c2f75be

                                                                        SHA1

                                                                        13b0b624efcc3f88b05a247670525511e7214f71

                                                                        SHA256

                                                                        d0d4a4b50f19ba8f85cc4726261baedfe3dfd613781f8deff3010e2dbdda0321

                                                                        SHA512

                                                                        62b84b044b26b9cad46fbbe502b1f3885cfbed2eb407c2864046b57eb13a6a5356194ea31ef6cf43e85291f0365d19a47377eee98602fb54a2be8bc5311d937f

                                                                        Download Submit
                                                                      • C:\Users\Admin\Downloads\BlackMythWukong_MultiSetup_HPSupportSolutionsFramework_13_0_1.zip
                                                                        Filesize

                                                                        35.3MB

                                                                        MD5

                                                                        4678b82e0a09feb93ddf7cc1c0ecc68e

                                                                        SHA1

                                                                        bcd7fbf741d58eee6a402c0ab03ce64f79e2f580

                                                                        SHA256

                                                                        408ff3f7b91b2054736ffe22cdf815028d6699719792b6a66ded0fcb043c5d7f

                                                                        SHA512

                                                                        8f8fdc868ebb5c5ec3de362609ee5f6f20027361800b91d6806a2b2b2ac3037c0dac47bf5eae84751cf0f4bd745ac3a39a36ed9626da79871a961f0ce5b0816d

                                                                        Download Submit
                                                                      • \??\pipe\LOCAL\crashpad_1848_UTMLOUWBZRKPPZLL
                                                                        MD5

                                                                        d41d8cd98f00b204e9800998ecf8427e

                                                                        SHA1

                                                                        da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                        SHA256

                                                                        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                        SHA512

                                                                        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                        Download Submit
                                                                      • memory/448-527-0x0000000000400000-0x00000000004A4000-memory.dmp
                                                                        Filesize

                                                                        656KB

                                                                        Download
                                                                      • memory/448-542-0x0000000000400000-0x00000000004A4000-memory.dmp
                                                                        Filesize

                                                                        656KB

                                                                        Download
                                                                      • memory/6040-529-0x000002CEDE820000-0x000002CEDE821000-memory.dmp
                                                                        Filesize

                                                                        4KB

                                                                        Download
                                                                      • memory/6040-530-0x000002CEDE820000-0x000002CEDE821000-memory.dmp
                                                                        Filesize

                                                                        4KB

                                                                        Download
                                                                      • memory/6040-541-0x000002CEDE820000-0x000002CEDE821000-memory.dmp
                                                                        Filesize

                                                                        4KB

                                                                        Download
                                                                      • memory/6040-540-0x000002CEDE820000-0x000002CEDE821000-memory.dmp
                                                                        Filesize

                                                                        4KB

                                                                        Download
                                                                      • memory/6040-539-0x000002CEDE820000-0x000002CEDE821000-memory.dmp
                                                                        Filesize

                                                                        4KB

                                                                        Download
                                                                      • memory/6040-538-0x000002CEDE820000-0x000002CEDE821000-memory.dmp
                                                                        Filesize

                                                                        4KB

                                                                        Download
                                                                      • memory/6040-537-0x000002CEDE820000-0x000002CEDE821000-memory.dmp
                                                                        Filesize

                                                                        4KB

                                                                        Download
                                                                      • memory/6040-536-0x000002CEDE820000-0x000002CEDE821000-memory.dmp
                                                                        Filesize

                                                                        4KB

                                                                        Download
                                                                      • memory/6040-535-0x000002CEDE820000-0x000002CEDE821000-memory.dmp
                                                                        Filesize

                                                                        4KB

                                                                        Download
                                                                      • memory/6040-531-0x000002CEDE820000-0x000002CEDE821000-memory.dmp
                                                                        Filesize

                                                                        4KB

                                                                        Download