Analysis Overview
Threat Level: Likely benign
The file https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl was found to be: Likely benign.
Malicious Activity Summary
Drops file in System32 directory
Reads CPU attributes
Checks CPU configuration
Changes its process name
Resource Forking
Drops file in Windows directory
Writes file to tmp directory
Reads runtime system information
Enumerates kernel/hardware configuration
Browser Information Discovery
Checks CPU information
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Checks memory information
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Analysis: static1
Detonation Overview
Reported
2024-08-31 06:52
Signatures
Analysis: behavioral13
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 06:52
Platform
debian9-mipsbe-20240418-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral14
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 06:52
Platform
debian9-mipsel-20240729-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral16
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
ubuntu2004-amd64-20240729-en
Max time kernel
1799s
Max time network
1678s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gdbus | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glean.dispatche | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | pool-firefox | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | pool-firefox | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glxtest:disk$0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cache2 I/O | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Worker Launcher | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Worker Launcher | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Softwar~cThread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Softwar~cThread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Softwar~cThread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | CanvasRenderer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | CanvasRenderer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Compositor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Compositor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | WRWorkerLP#0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | WRWorkerLP#0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | WRWorker#0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | WRWorker#0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Renderer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Renderer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ImageIO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ImageIO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Permission | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Permission | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Breakpad Server | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Sandbox Forked | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Chroot Helper | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gdbus | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | pool-/usr/libex | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | /usr/lib/firefox/firefox | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/online | /usr/bin/nautilus | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/usb/devices | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/bus/usb/devices | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/uevent | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/class | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | /usr/lib/firefox/glxtest | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/fd/57 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-document-portal | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/nautilus | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/cgroup | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal-gtk | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/81 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/gvfsd | N/A |
| File opened for reading | /proc/self/fd/10 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-permission-store | N/A |
| File opened for reading | /proc/self/fd/84 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/118 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1732/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1526/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1683/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1789/status | /usr/bin/gnome-keyring-daemon | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd/119 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1734/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/cmdline | /usr/libexec/dconf-service | N/A |
| File opened for reading | /proc/self/fd/108 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/gvfsd-trash | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /proc/self/fd/72 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/1591/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1408/attr/current | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1816/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal | N/A |
| File opened for reading | /proc/self/fd/111 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/gnome-keyring-daemon | N/A |
| File opened for reading | /proc/1526/root | /usr/libexec/xdg-desktop-portal | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/gvfs-afc-volume-monitor | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1589/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/77 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/99 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/110 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/mounts | /usr/libexec/xdg-desktop-portal | N/A |
| File opened for reading | /proc/self/fd/35 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1576/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd/115 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1799/cgroup | /usr/libexec/gvfs-udisks2-volume-monitor | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/libexec/gvfsd-trash | N/A |
| File opened for reading | /proc/self/fd/116 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1716/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/gvfs-udisks2-volume-monitor | N/A |
| File opened for reading | /proc/1799/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/goa-identity-service | N/A |
| File opened for reading | /proc/1595/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd | /usr/libexec/gvfsd | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/tmpaddon | /usr/lib/firefox/firefox | N/A |
| File opened for modification | /tmp/firefox/.parentlock | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/xdg-open
[xdg-open https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/grep
[grep -q ^file://]
/usr/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/https]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/sed
[sed -e s|-|/|]
/usr/bin/sed
[sed -e s|-|/|]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/which
[which firefox]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/firefox
[/usr/bin/firefox https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/lib/firefox/glxtest
[/usr/lib/firefox/glxtest -f 13]
/usr/bin/lsb_release
[/usr/bin/lsb_release -idrc]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/libexec/xdg-desktop-portal
[/usr/libexec/xdg-desktop-portal]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20982 -prefMapSize 234904 -appDir /usr/lib/firefox/browser {75303a05-d3a8-4691-b1d5-d1d3b8c529b8} 1526 true socket]
/usr/libexec/xdg-document-portal
[/usr/libexec/xdg-document-portal]
/usr/libexec/xdg-permission-store
[/usr/libexec/xdg-permission-store]
/usr/libexec/xdg-desktop-portal-gtk
[/usr/libexec/xdg-desktop-portal-gtk]
/usr/libexec/gvfsd
[/usr/libexec/gvfsd]
/usr/libexec/gvfsd-fuse
[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]
/usr/libexec/dconf-service
[/usr/libexec/dconf-service]
/usr/bin/nautilus
[/usr/bin/nautilus --gapplication-service]
/usr/libexec/gvfsd-trash
[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 20185 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {6d34515d-eca8-4c9b-83ff-9af064d4fe8e} 1526 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 26597 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {7728cf12-efc3-48f0-ab8a-96fdf75a59f6} 1526 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -sandboxingKind 0 -prefsLen 27460 -prefMapSize 234904 -appDir /usr/lib/firefox/browser {ec444767-396e-4517-95fb-80234f5f59b3} 1526 true utility]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 25603 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {7672ef86-b8b8-43e5-90ed-5d5f302d124e} 1526 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 25603 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {f4cfe015-0d96-4db3-802b-49be87dddae9} 1526 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 25603 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {e3ea7ca9-7c50-4a53-9f37-e983725239ac} 1526 true tab]
/usr/bin/gnome-keyring-daemon
[/usr/bin/gnome-keyring-daemon --start --foreground --components=secrets]
/usr/libexec/gvfs-udisks2-volume-monitor
[/usr/libexec/gvfs-udisks2-volume-monitor]
/usr/libexec/gvfs-afc-volume-monitor
[/usr/libexec/gvfs-afc-volume-monitor]
/usr/libexec/gvfs-mtp-volume-monitor
[/usr/libexec/gvfs-mtp-volume-monitor]
/usr/libexec/gvfs-gphoto2-volume-monitor
[/usr/libexec/gvfs-gphoto2-volume-monitor]
/usr/libexec/gvfs-goa-volume-monitor
[/usr/libexec/gvfs-goa-volume-monitor]
/usr/libexec/goa-daemon
[/usr/libexec/goa-daemon]
/usr/libexec/goa-identity-service
[/usr/libexec/goa-identity-service]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | www.steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | www.steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | support.mozilla.org | udp |
| US | 1.1.1.1:53 | support.mozilla.org | udp |
| US | 1.1.1.1:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | shavar.prod.mozaws.net | udp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.155:80 | ciscobinary.openh264.org | tcp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.98:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | content-signature-chains.prod.autograph.services.mozaws.net | udp |
| US | 1.1.1.1:53 | content-signature-chains.prod.autograph.services.mozaws.net | udp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.48:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 91.189.91.48:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 91.189.91.48:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.97:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.48:80 | connectivity-check.ubuntu.com | tcp |
Files
/tmp/tmpaddon
| MD5 | 30082ae40dc48af6343db2fd22cfc645 |
| SHA1 | 3eb577555ee638e8beb01173e8f29e172747a728 |
| SHA256 | 85d4b95f9b2075daee9b0e64bce8d9d7343d0dda10e6072d7f9485a68472ee76 |
| SHA512 | 53a58bfb4c8124ad4f7655b99bfdea290033a085e0796b19245b33b91c0948fdac9f0c3e817130b352493a65d9a7a0fc8a7c1eedc618cdaa2b4580734a11cd9c |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
win7-20240729-en
Max time kernel
1800s
Max time network
1684s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7419758,0x7fef7419768,0x7fef7419778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1152 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1496 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1592 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2244 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2256 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1132 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=976 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2396 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2900 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2100 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1456 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1860 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2884 --field-trial-handle=1088,i,10107395139530779988,1466674127682363379,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
Files
\??\pipe\crashpad_2300_HGZERLMIJIUVNAYN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8fb3cec77957bfd46f4b40149c26b45f |
| SHA1 | 44d9f9836cb1cd44fd8bfa6029a2837867f3a134 |
| SHA256 | e968dc233b5689cf8aa683873360aae8cf29fbf917b2efa8942990887952577c |
| SHA512 | 2013ece73e7b6c71623ce796e339b40932b7252cee4fe1766ce1e6e7a107414486fa1db6f33ea92490e396122cbc7bc252972f9e15dbd45ed7fb4444710a6c01 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 07009f83eb0cafee6fcac93440bcbcd8 |
| SHA1 | fed101a19ae3fb2bb1d0e144285183a471bba65e |
| SHA256 | 6300de2dfa9ad62bc1c2e20c89d700300fbb223a9246af3df956bc57020e72a0 |
| SHA512 | fd1b013a30247fe70a5914ac4f743de6698794b8c58ca47da5f6364288e435c12e2b5d243594cb3bd385dd9cd04facea5bb33c5a288daa4e4ab6fd999fb19e64 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
win10v2004-20240802-en
Max time kernel
1799s
Max time network
1684s
Command Line
Signatures
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695607722044851" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff99b48cc40,0x7ff99b48cc4c,0x7ff99b48cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1936,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1932 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2136,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2252,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2428 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3168 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3652,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4512 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3168,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3312 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4808,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3664 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4912,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4024 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=208,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3264 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4640,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4576 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4624,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3380 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=2460,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=728 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4604,i,14159465447826864131,1150838386351550761,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1460 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
Files
\??\pipe\crashpad_2076_RHAKXETRSZMFCYHV
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 42458273cf2695d6260508e0a3c84362 |
| SHA1 | 51da6261630cac2fc434f69f2913300fd7491fb1 |
| SHA256 | f07f979751cd5a24c5875550bde01d3b85e854034cbe35caa752df9d073afc2d |
| SHA512 | be4783f209bd9f5ce137ee721b2e9f835c4bc95fb09e0895e24718c5176bbddf0fcb1c2a15eb538a8e7bbe17fe5378392a1616af23d6c10a214b8e0721699afa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c039c4d401998198e9671ebcf1721265 |
| SHA1 | b95914d1f4965e7f923a492e2dda0842bddec854 |
| SHA256 | 0a34a7d173f2d47c661b0128c6cb7f4173a7e11380bda0791e52d02d322668dd |
| SHA512 | 21397807a474f25694086363eb730279fd588549acee080bc882e33146b2b64661cd6b3af386b397065b3c391074286fd5ed19abba90ac68003546163d3b056c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f946698686214de60f294da17a25c8ee |
| SHA1 | 165f7e00449e7501316ecb1524b0b99a0931550d |
| SHA256 | d190ecd4bb22cd0c0f5dc08732ccb1395c1697c6f9997a0fe609de18c2e3b4f0 |
| SHA512 | ad3cdf83492f66310eaa9b866a4de136aea78f6502d1fee78b41d1ccf8f87cd3deda6357a8c349ad191da9eaec55e49f61762d4ca8a2ea9cd567e8385359ce71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc71712bae0c40b8ded65d2f1b0c6cda |
| SHA1 | 9965cd17a310be8302e03ebe83ce0e6177961cd8 |
| SHA256 | 85abb5bb1bae68f5d9c2539c42b14d09b91210183454be4adabc15a7294d9717 |
| SHA512 | 1b8a851df6c9d05211e5208f781be8d17c2364546527e7b707796c7623bc287635a3a6fda16f4fff98946f3bad29c7f32703036348ce12b563fbea90ecf2b5d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 29669d656db9d8082aa5b50f3801c865 |
| SHA1 | 708e2941877eeb320ffdc906559bd242f4c936f0 |
| SHA256 | 465c6906515d276659e4d43d3c35fc099d34e07230189330650d0dbc2098084f |
| SHA512 | 270d084f94e4b1143a6959003cce2be84cfc1dd4bd13ece0e5ade4c209fc55c82c2445ef8e2d65826c3bfc7600cdca068c93050979426cb26b8f925fc1f5a34f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f940fb5da32cc04996ff5208be800829 |
| SHA1 | bed578fd72d42c7038fef8d7f40b95accd1400f2 |
| SHA256 | a4051f7b548cd4805614116304d4ded2e71b57757dcab890cfeeb49c3b0f3035 |
| SHA512 | 930fd113a06048c413e68053349d1774f1a741f6586ac5b57243dfc62c5f5c20472bc0f3955f390ad26d522322744f58b4be9fa317239377913bd2f1770af155 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 2ee822bbcf02167b4fbf101e7de074fd |
| SHA1 | 11dfbb2100af9e1729db540bb2fb155e11c646ca |
| SHA256 | 1b9dc8787edaf0b940c0750f1b94b229e21af1c9c9eeaf7bb38888380d087a68 |
| SHA512 | c82ac6790eb3965787f980db8dd9a1966afe1b8192816b7d00adf1934364dee07fe48307bec83bdcf221c798066ba7cc3c7a8d1d74c16d6fc14c40f5a51a4c20 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 802ee64da6d82b43bcd00e1892a39352 |
| SHA1 | 47cca054d745556287114770a5a6b2230d838a34 |
| SHA256 | 979fe08d9c691ba7a99d6a3eab525ec4ab3e1ad536db15da33b2a063f5190a38 |
| SHA512 | 1ec022845bc261f2669504c23fbe7c18aec89b89cd60349ab05c8c41c25b56cad77619d1a96054de8960831e0800b8375876607851b3217361e26d5a1e7bb53b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ca09af4b6f28fffd3f643977c4df037f |
| SHA1 | 09c588043a0242087a340303994875665d361613 |
| SHA256 | 5c884c164b1296a3fa00a044773851a1065f66e7a46893c53ab3dbfa2810bd34 |
| SHA512 | 182b0005ec40b9a2bd3845e92f71fcdd5d5c22cdea7c16e700b5e3cb69973c2ae880c7260a86061ad074da0e9a4d05581783a2d918c1a9089c2cabaf8f63d8a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 03a04b60ef3023a54e6826b59585cc3a |
| SHA1 | b1dd18f9c18c54bb1437726ca98393df2c4f3eba |
| SHA256 | 0297234ebb90006c7fd5cd06c2005481078b28713facde5e269a2661324c3949 |
| SHA512 | 473f24d78bf66ee80438f70fef9d5e462f5367b0b1ebab061828a1c39672b1f102e0381322a4e37a6d5e860d700409174c8f6b3204220d27268a2e79cf16f538 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d65305ec89c69fd58f426eca280d44ee |
| SHA1 | 00a51768969fb723bd88b2db15c0b3d1d599e7bf |
| SHA256 | 1dedd28cce7f722fbb9bc60e02ee00f084b421fcdcf7452a522afda91a6ed968 |
| SHA512 | 4358df0aeb7877d0bce108b0a32437c9a8de283ad75444e8d56627191821fc669f51187b12bfc177ab8761b9e1136b878978d21e8b254c621b5e515a3433fd7e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d727e6ac485a19d747423ff5e5cbf996 |
| SHA1 | 210fdaf7d220bd53a6d9288303dd43c34391be3e |
| SHA256 | 7a59c37f34a8190eda55d391ff926f81e907bedd3b6ea9e0aef3f20e201b9196 |
| SHA512 | 3867409bce33b41adce066926e80025ae93ad7e8a59a58342294ed5d9399ce1e8ef86434e6f8c36ac6646de3bbb2d6b483b0b72d30e1a61b67f13253a1eb129c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 25b412ff8488b32b97882c79640db626 |
| SHA1 | 5a85ee833bd11bc54fa8206b9df6a88db92f16ac |
| SHA256 | cf0d5045e6883e0a4e2548ec45cff0c578acd1b8762c5a349790feec9f329e6b |
| SHA512 | d9bf4ba1bc7ad924a763e50604c8778a5573e8382d871e167a243b4a401e284068d32317e72b5e93fbb5dad63ff2fcfd23a7d9bfb41b306a4d18ece4b5c1fb9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8b88c3006459b7ae5bd64e3c64be5ff8 |
| SHA1 | 2c394c14fed1bf957f90ae298c2bca9523d9a46d |
| SHA256 | e5ce69ede6c58627470a7f147366749b318ad08c061b2dfab52d57122c370f39 |
| SHA512 | 0b53ed75b57500fb51dab16ac81c9b562ff05e360154c42a04407c9149136d043ad3b5794f5085f2e8ffe92d44a0e13a54fd01b6dfabccd0f86f5c88f1170277 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 54e038b6116feabbb7b5a5ed315791f4 |
| SHA1 | 8ab20dfee0e58f0c5588e08376b3d3ab33399963 |
| SHA256 | 87cc597027412c16134ec32da2696a481eb7f9bba759a87e4b0fce2228df9fc0 |
| SHA512 | 503c3506de62857d09a800b79a1ba260bd8cbb40fd4a82f686bd4ce874140fee9f719c1e0daea9f322425fae68ac2cb87828fbde1500701850b1680292bfef6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 20ac0c446c9338cd78414bc18ab19b47 |
| SHA1 | 6542bd3b851a39aabfec542dd1549de70c6cb4dd |
| SHA256 | 795e222d763569ba7df6640d232d21c410b30a0b208c0a2ddf3ee5a508c2a13a |
| SHA512 | 0217428d350bd915917d7b39647318fd5533c184662643a1e588eb819d559783aceca583f7bc26b1f0f9b62da025c871206591383229ad42682bf5642de76a31 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | daa1848c9d5e4adce314a90bc0f692c4 |
| SHA1 | 00dff0909f626bb9f7dbcd8ff9488b3836af54c8 |
| SHA256 | 49cc13177f8d6f9fd3d7f3c218cbcd46f01b93124feffcddd29b30e243247ae2 |
| SHA512 | 16d0482875c98a34096c75e6670ed213d947910452343e8ffb5fd69fc4bc69ad9e197574ad6a81eea5ed7ced995e526acb89cc9ac2d7ac341952bfabcec79e7e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 07468ef0dd5c96ba5cab8276a19b3473 |
| SHA1 | 16333a10e07698f8ca6f62422b1a221ff6fa0b4a |
| SHA256 | 54c0a9bc9c7c8b2af2fbb62e30826481e4ac3876366a157e025822137729ee91 |
| SHA512 | c61c6a4b768b1b4aca184418c281ef5d47dfe651c7d6b34ba5f8c110789cbe86676222e0ff4c8cd0a44f437eb4f8ab199a66e9149df3369789d05ec0a0e66e8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 66ae5207a64f2ceeb413214d3a932dd8 |
| SHA1 | 4a6da43253158c511409036481fc34cf91869ead |
| SHA256 | 53caf36a35b97dd86c1cef7778d598e038af43a16a984653d63c780dcdc53229 |
| SHA512 | 9db9b16c6f86b914717fbf04728de04e7671b658af633a6a18f55500ac4a766cb30e0ac71ab2c08d5be3b74f22497029a59f2147f5dc06581e3e9e00511d713b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a638a1bca06e87eca0e6109c42dc55e6 |
| SHA1 | 489561cc764e869d4572600e0ea4683a763cb613 |
| SHA256 | 320bc9ab41a9a6ba97e004428017a3198755586dd47961345ac01fddc2b21e1f |
| SHA512 | 92676cd7725f50ecfe34bbe0d79fe09c6ad60e00b5c332d1517a560142bdc747efd3a5648d6a396e8da1ea0b7089407696c4b6470094f9cff57f525b4af3f1dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 256c0b180df1129baf3e29019304f1e0 |
| SHA1 | dc8002377672759c7f655ee4237248101afa5eeb |
| SHA256 | bf24de5c975004b9ec71bafab4c3f15ae8c2502d196704c0d76cafb14b8517b4 |
| SHA512 | a14db0d15390f2a352f0ba8a8fa2a3cbfb0503f828bb7e24b4c98202cbeb7b5df2ddb02b372cc187838dfae88a996200c048466598efa2c23cfce5ab2cdbc16e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4401e7f17ffbc99de975d64368e52d13 |
| SHA1 | b95e2f81f8f88055987c123012cc7106c354424b |
| SHA256 | fa87fba53b205ee6e1100379ae59f9c63135962db3051d41355740bd3f232f07 |
| SHA512 | 70710e160c8f9528649544274d96d2c28b7ea9ff32700c081515bce5395c8501a791d032a5240a292e71e2dcc0ce616161050755259e957e04c9c1c6e785be91 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3191a4fc6eb7aa888846ce2c5494ec97 |
| SHA1 | 62bbb8f5e395a18af5dea28edee7556dcdf8996c |
| SHA256 | 3234ebbb362f4fcfc48a8b05d8a45a1b444e8e2a45a7d6fd76c32d09bedab407 |
| SHA512 | dc285ff9d9c5a181e152a2d25450a963b38bd78b901b449bddbbf3ba35380c36d635b3371138a85fb224cfa960ca394c915443d5a6fd72d1ea79fc86f62322b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3d914c08c73289535283abf98ac66e69 |
| SHA1 | fc7e5323e3e34f71830d6ef85cdc73681f89ddc2 |
| SHA256 | b481a90e79755b8505378b5d81df664345cbce69dbab41cb9bfd7eb7b5b83bb1 |
| SHA512 | 5004ea557880212cb9b3809b21abed5430a03e2120b709a03ac3dfb0ec643788c8581652bd60ebd8a62a75006a7a6150bfb62aa0e38b687931e882c127aaa989 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6b61aef7af205897aebca02eb5e7628a |
| SHA1 | d701ebe6009397a74600604667838c619c8e47b0 |
| SHA256 | 55a7850f5e2c47a49f3db7c29ef5da661d2eb63f76808f2be5c60efd1103d083 |
| SHA512 | 83a12eb9f761bf13e4e97c67aa0e0cdae95e814606a26649dcf219d880783a9304ab9c8647fff6ce87df9891d32176f539e720ba93998572f34e49ae6eaba186 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6c9dc728d7dbdc4194bf57ac046e4781 |
| SHA1 | bc7d353d2b293151594a2aa494e49640985d747b |
| SHA256 | 43c6761bbc0911055ffa3aa9f9175c5d04e74eb5197cb4d874e1b9e21ed24112 |
| SHA512 | 1f5eb791bab3c814fa80aacf054b2f937b97ff88fefe0511253261908c035f3db218a886451d3e055a7b2b219ca780c9b1bb5cc7d7e0258c223d769305c28afd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fbcde6a3806a6e831a665b96c5820ddb |
| SHA1 | 1575d781f53c45da1839db3710db4582ac611bb3 |
| SHA256 | 7c5a21cf8a0469a4aafcce322224344f14d12d8613d44ed75a7d1ff80f5fbaf7 |
| SHA512 | 242140cc7c0fecce3ff16e9912e20b8fe75095bfc44ac3c22cb3f7bcc17bd46c67658b9ec95cbc561e729f3828dc423c5802766087d620f6c74262cca76085bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 38b10baaa928512e1f69f5ba9ef51731 |
| SHA1 | a7e90cb5a72192a599ec45650b64d78f9706bb59 |
| SHA256 | 9f7591c831b55d9ef87718a315711a214b3462f808bd1065d78ca74f67a250f5 |
| SHA512 | 9c7201bee8dc28363f84a526ef7736691057e60bc8764f7f74015291f3df8da1a65969e10487ff5ea2dd527ee09bb6d66e085eaf5e88b4fc5a15cc966a19dc2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9614b419093412d17a94d1d42ee18dc6 |
| SHA1 | a03a90ec5e9bb0ad21af221d41fc84e28833b58a |
| SHA256 | 2e7c541d8a553fce03d552ff8231021f2ec3643ddef75716201cba8be2905929 |
| SHA512 | 31177da1b777953d4a1700deb579af48299a3e6d96eec0ee3fe5636aef657ca1552ee62ceccdc7c28a40f960e41bb3ea1e4660089775767520c5a8e65aab2566 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a8df6a4e363b4fc9e6ba29ac7f4580de |
| SHA1 | 74cb4b29a289c120bb838592c9a801883b30a80c |
| SHA256 | dc58ea8bdc73eb9b9e946a3942f9eecb6e0d2b340031c915373be2ed8ff083ee |
| SHA512 | a4679258f2e5257ee9b527ce0d5331ad4a363bdd8dd5ddb7ff178a51ec44db56f4563d8a1f33bcaa79d092d9b11c75ef7649fd8ef5ac20d8c18e403d469ca994 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d9d126cefc02daed69266010af185382 |
| SHA1 | e27288f8d0af10d7e203c380932ef20c00ce23b0 |
| SHA256 | 9c4de9af6746d5332fcac9c311924c3d40e935a484994d7481031560ecef4b05 |
| SHA512 | cacbe00ed3b5c2f0c91ceb734470a294c02697b04bd6ed79c9460b36ebceec3380dbba3829b0f4f330d0b81fa406023a7e17559bf5a39a4d6fe4c176d449ba08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c5e5fd233c1b7bbaacea6f27314725b6 |
| SHA1 | bcb22a4edca0ed29bf13170f17655751947260a0 |
| SHA256 | d6f382fb1b0ed5a7a6b825cb3b10db1064b453699b2d35271441cf77acd14033 |
| SHA512 | f1b8d2b5ecf0bbc8322249a1cc28e27c0a87373d027a8e75dc86d217898f5df18af4f4163aa98f0edebb46a263ee690514b36a0ed553b12f12073c204e03ffa6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 403351050850ba47c09ba1a0265e81f0 |
| SHA1 | 1f42060b4eee3145b456d22991332119e6b56317 |
| SHA256 | 3ffd94d31cf99c3087747802bff91e1cbc8d146e6da04154d5b911cad2f0004b |
| SHA512 | 8a05ad9281e740995281230c279c2c13acee0d58be802b66dcbc49507825bdfead0ffb7b3605101107f57a200ae7c12343c579134c8c3bf4a07facc8bbbc05b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 74eb9e044c718106d84234cf3527edf4 |
| SHA1 | cdbe951052e75ad3da511f93d028822ae6efeeb5 |
| SHA256 | cdc3c563051584a83ff4db4bcf031d3a6b0aa60101cc1bb18aea1f6e9787c993 |
| SHA512 | 9d3c03a07284969415f5a195e34d6909c542f7dc7a5268bb8e04fae4847eca5630cc2e7cb6dc4789033070fee3ada2b6002a6b5e3c5fd419c136fff3c14fe6a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e0e33453ca067df80b7907aa2f1fab65 |
| SHA1 | 4d5fafa2287ffbd2925805bf4c2a782fc73d9b3f |
| SHA256 | 0c07b8b52af5b90c62ab3bddb33fcf9b925119a4ce5796ce511355a8c33ae9f5 |
| SHA512 | c8973817b5ddf05758114e75d55bb35eff423a5ea1bd35f48dfce86e378ddd0e0cbfea1ed350c38c7acacd37da584f827348ce32fd92f51634784ddf304796ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4a85632e22047f16f452fa0653b4f702 |
| SHA1 | c3c74d7a24ce24fc6c5837c371c3b21f98e9dc3a |
| SHA256 | fcf2ebebc7b1314b652f2f06987173a5ad984ad02725e2108f4b23ce4e492a14 |
| SHA512 | 0919f76c4a03899f3579926b0022a17dc2679f4d75daf3e81306c96cb01f4f661707c4e07f8895976b1f60cd1f60a30a928b79f25f3f7857dde011c60f19cf44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b5571f61f015e0feeaf4e27c06841865 |
| SHA1 | 77b63f0e58f00b46ccf602b753bf2a1354819f3b |
| SHA256 | 20258cefd44b73b1a846d3a0e6c37cba200c27e435bf341e8dc1b3fe9651eace |
| SHA512 | 04beeb6374e530a2a4649bb1afdfaa97c15d661a27e3a1a1a1a7bbb920b49fb93907343822a4337598676b643ba0cb8bed6bcfc8ca13e0f0132519107ed5bfee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c3a10e48c68dc53ce1b6c009f49f199 |
| SHA1 | 3b65bc25b986111d3d1afedb7054d0bdea467d1c |
| SHA256 | 867e6abaa1ed208a601758d7be87329493d3b005edebdd2a02d1ded414894a87 |
| SHA512 | b45323383a75f0b4b29448321c5d211b9c45660df3754ff198549cf0f1abedc4b3dfe37ee9496b83b5941066d460c2e48101944597d10551ff6dbfd4121d0c55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2078dba1eccc485124d3cf4db908f557 |
| SHA1 | 6fec6e41a74b02b249e2a8b7af6b7fd0723eae59 |
| SHA256 | 086e627d3ac00e030d35c2feac88876fd2dcba8f32985a9b6a57a5074735ff87 |
| SHA512 | 59c0fb4d8ceae832b36209be2b7dcaa6eb4f1421a53120c27c9dfb77571882ec9b45acdd4e8839494221a6c8671fcb70f91bb0e97b64675853d73abde6a688a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3a2b9faeb3c595a491e3e46c2b416377 |
| SHA1 | 25a379aaa47ce2fe6fe290e87cb94a2bb6aaa54e |
| SHA256 | 447433b3a47fb2ed0eb154ba1d3c96844f49d5d98ec7933747d85d2565707b10 |
| SHA512 | 07c1959a1625ac0f5e7cc23bf3a137abe4cdfb70d3bc8ab608ce3b1e261f8f6e42527cdb5287d9f279d8ea81a316dd5c97c7ee70f946cec88838b343cebec48f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cde78b2128fd66206b6796b3c591a38a |
| SHA1 | 2494ee6d9ef7a7602e03b7ac5bc02f179c10c881 |
| SHA256 | 30117ab06f5b07415f754df09299fd6beba925b098462e7336ebbec7d6e4d09a |
| SHA512 | 93b67fbfd4f99cad1d1e665eeec67c96e908d176e2246ac704959e048fed578cd6d449ed18ff08d1318ba2db23dfda839ff5f487a42b50677998157a4c1c4d3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fd3ecac24ea0a7f717b62745fbf5620f |
| SHA1 | eb308398441b3e89279b9e4f169d6203d0eb6137 |
| SHA256 | 189a73ffda658f415fbcf0cff08e4b520413664f6b6c1729b5b8164cdd45528c |
| SHA512 | cf6f39f8766c3682412692541774521555ddce80d9dd0590b56a89ef24f0ba0e73a20b2c7d1ca2176d5f5adf0ef7d3c5519624e98c4e407bcee69793ef80566c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0fd886ac268806cd10250d8388bee3a3 |
| SHA1 | 4bbd4c246e9be0ae95853623c9be6e492372084e |
| SHA256 | aa0d90f9e6e9fe5026935d619cfd514ec398fe7170dcfc49b6de38836582f8e3 |
| SHA512 | b417c927dd970c9ec36f17e48ce8dad45f7b13bff646b88eeb55e537fe2b31b324d4cee4ded12f41686b7de1a321bd28a326209a19314b9c06d376596a84bde2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 15880642e13dcc9cd08ddf42baad74fc |
| SHA1 | 031fbcad98967c87e1c7f089b62c3d536d046344 |
| SHA256 | c94ae777eaa377c9257b55fa81a5806506c37d0805ed9734b9043103e3870322 |
| SHA512 | 3dd5d8c9314e4e76bfcd7b90516ac792eac1dfaa923817622da66b6ee3d017d4a1868b4905fbb2136e839ef421bcd8f4359df7639a0a4185b0290f3bff4cfb41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 01b2ac2dff8bd95e54fd75b28abeaeb6 |
| SHA1 | ed33a7b545a6fdbbce5e5d85b79a62f29a0236bf |
| SHA256 | 7c139be7b5fd5d4e5fb7f0a3f089f86cbe213da3286f6c4aa84d890994d8e3fb |
| SHA512 | 309f88745a387d7c6ad732fd5bb418a19e5d076516c6f2bb7ccea8d64c78869d45d662ae71727ed17555b7f4d672958947b1572e6fadd52e72a083df8c53f735 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3d4f29a8f08752d66760007f6de4e574 |
| SHA1 | 7a6e46c50e050572fc287293b9da6d78fec13e18 |
| SHA256 | 6959d6d39d38002cb2632227f8492df75b508855cc24467c9535926b064bd857 |
| SHA512 | e3305c9cf21b4046c1735fa7aa3443ed5364a33abdf6e5b987104ee49b2108675c931b062144bbc32178ca7b085d5f4974a822ffb4810b69467404ea4f69c1a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5c981f6ee24e49b9bf1edf3178e88305 |
| SHA1 | 18f3abe01a9bb56cb9cc099c9d3f9867ca211a89 |
| SHA256 | 1623b5a2dfe88290acfd5e76bc70dfee726720fecbc47e3988a2230596344954 |
| SHA512 | b4832b17e08ccbe61c914c0ec19034e324ae9461eb7844734b5fb8d8a53cf9292194bff59721b826b378130c0bfdfa681a35a87d6ee34876280fc18e845e76a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\97e5a047-e17f-4ad4-ba49-5e8c7ad54b97.tmp
| MD5 | eae227da27da7ed42c6d923840722891 |
| SHA1 | eb03f81deca55821069fba8870e3d74f9ec2d8d6 |
| SHA256 | 75e7054897e60d0932fba3480111a5e25b59ce000bf6a14c6d7c7854269c3656 |
| SHA512 | 87881df5ff8cff4c99acb6d77fa32f8d2f3377c676afb2bf548dcaa39243f0f7ebd469604c88d239cd5e87274fda170a54c9cb61447f50fd3a0c47967845d54f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 00b34374e18e32898bfa16a9a42c7f69 |
| SHA1 | d46e2a3a7d07a24ba04797b54cdb756d42ec3a61 |
| SHA256 | f8b5ee4e2b25e3956f19d5f3993a232bf33e8e8670b53b712e541ecb836fc728 |
| SHA512 | a1b8520c3ed92509a2c01f14e30258082c3a99937d8d93c66fd94ca535f468a2439776ca092099007a61699700978b067702fc1c22b21a3254b96cc9632f677c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0da70c38c82106e65b21a6aede2b7b1d |
| SHA1 | 201d61a175f2f4a700b7438a2b59879372e01c5b |
| SHA256 | 2ba6f1e135f786d4e226db0d9a32edaae8da84b41c549d84d88c65139b6c4007 |
| SHA512 | 199daeaa26cb537ad384e17d40688d357425f0bae29674fd91c9471e7633aa538915a5c54ca06b3abd6bd3f619f5093fbdcb494320e6a5abd4adabb9e2801239 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5283b79f-cbb0-48e9-a33c-c17e85547b63.tmp
| MD5 | 115324f638f88eafce1551a2a7afb303 |
| SHA1 | 44f149dde2e3992ac9059c9c63d70001930e49a0 |
| SHA256 | d9754ca3676b91c43115c831b8f8f3bb7773175e4a3933a1c2fffddec460cfb9 |
| SHA512 | ee4e0c48ab8ba3b978f05a541aace3ab30b0ae33bb381269c9956c6cf3a0ad1916b2c8b98995755d2a2de18ab2005c0afd5326aea4338393050623296505aafe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5af33d9b29a8e13044dfb9346b980ff0 |
| SHA1 | 5c452d7194fc1d07994eaab4a03c6174843b9c8f |
| SHA256 | 44a729b77d9ba1029db8ed56fb7f163614da5e85d917336471b8a46624c414c5 |
| SHA512 | 758d93039f90c3a0f9cc903d199b0d5196aae9b58e8b281c7b33ef48b2281e52a750b7aa0b39b1697e0574a1fc6c6672eebea4bfc4eac07754e412cf38eb6e3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 57f2489a1ae500502fb81fb777460a5a |
| SHA1 | eba86d9b80104b37b1b35cee0badef5f0dd722fb |
| SHA256 | 99eaee65d5322e9620e51d7f0906da5e9cf35d8c33db00cd4a4d1e755328e916 |
| SHA512 | e1403e38e7c2d794bfc1e5db78700d1f06a5384761ff664e57add92eb8adff0189d3040b7b12637cc913f06c608262d50331daa06bd4728ece3daecb637f4644 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f8a0c6d37e4592b158990d9240ebaf9 |
| SHA1 | 93accaa52c28562a9b8ed5976d4c78beba599bc9 |
| SHA256 | fb4fa5fad7c128dee83da2be8e6ab15c9e940cd48022d4b86dd1c1489e7c6de0 |
| SHA512 | 07baf3b31a8e32274bbb7c627983e28d9497422ea933d3d161f95bf3b58253187cc674df9e9199a252cfb0e2a9e63aba30470d48e94a1cb5739b019ddb554068 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0d3796f643977fe92deca012e052aa8 |
| SHA1 | 4fe4d33f07f0ddf080f2382e2dac366d92f417b3 |
| SHA256 | c05d38cbc41ef3debec86d36ee7dc57355c4e29130417e00bc874884c31ce3dc |
| SHA512 | 035bdc489a60595540c55fae6deb9ae89d45e379be74e7646c435cc7eb68e8bc335459c118a5a51fea1f52266f115eb301bb0b8ee9d3cc1ff8ee6394772bb570 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\3b7098ab-41d0-4162-b1d2-09d036a3fb8c.tmp
| MD5 | 22f1c73ca4cc217636400009410584ec |
| SHA1 | 40ebd772312556c68a0c76c0e3fe60ff65a0a5fa |
| SHA256 | 8201241141c6606edd704eef8c38402a94b130d670c1e334d0f0efb79fc77276 |
| SHA512 | b97de2c69275bebd6c3186c56fec3a38f27abfc1eaf347b4be323f6683879edec4b5534c6fa6df435fa52a342ea2003e4699c10997f0a65736d028a22e050544 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4364924bacc3321a60e7ddf8c03accf8 |
| SHA1 | 558eae5f882eaf3e284314c7bc8f1e03ce29f584 |
| SHA256 | fe66ca0892c6444cfd153bd2d73d4a78f46dd8ece1c187ef6a1a33f9e5d8c720 |
| SHA512 | fc2d3b506cd1f85762dc3c47f42909d3eabe2efc508a2ad0cf57ff045dfcdd281f0c2b4ed24af2237fd827e76799292932b9673740f18487f436955a96e6af37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc8ee041e246ba428cae68c20eda8e4d |
| SHA1 | 076a631fe634878708e5784ec7a40b7bfebbac9d |
| SHA256 | 52b732977dd13c5f2766225c3939572791d94c870c7a2fe685ac05632443a68a |
| SHA512 | 2b4693c45acae2270f3cf82abc7ccc59330c94bd0080d124e345f224a812077846dae0e49c39a9da53ee44f04ecf54a31b8a53da99781a640cd279def4ab6794 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9839ec318074736efd155217b2c9990d |
| SHA1 | 87e319c1c2ab575d88826b5de0447104c3192b1a |
| SHA256 | 56b4f437724029ca9f169fae67a86f4616ba6b62ba5531abfd0ee83d1e778a42 |
| SHA512 | d432f95d722c50525056b6a3e613adc1ff09e921a861ece821cfd22997642bae65af6e64258ae6d5c86464420ab29eb883164cd94701821790130de4c799140f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fbf4ce1fa9b97acd7bce5466a8a563ac |
| SHA1 | 2cd17630e7dd533511099a6a55300ee48567b842 |
| SHA256 | 10a305496c1fa047f14e3156ab10532b607c58e0d068387affe60daef68905a4 |
| SHA512 | 7e67503b5bcfb7c76976dfee0ba205174379fe259b838907371b1b602e8ca0e3c4645424f421ffa8b20e5e5c65a2440f0b0b018ee11c97b44b1c80de1c302de3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6a21b2887776d32cb431bb5b302abbfb |
| SHA1 | 285bdbd4f2b945f131124183c31d0ca8fe9d2737 |
| SHA256 | 8a8f2329da2103ac4dda7d251d8aeb09de9f7ce6835643f1a0cde541dcabb68d |
| SHA512 | cd67dd280af895354d25a0ebb3740b9256db15615d256ce6b000a9ca8c336923c417f169df8bf4f945bc89e9a381b9c778634b796c9ed7c9621b30ea33923de7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 565ffc4ada88d942ed2428c6b684d920 |
| SHA1 | 7aef4519a9a676c638531e7f5594eaf5c8586cb0 |
| SHA256 | 4f912de8eb5ec7abf3f19b22531aac98aed4427e484697f554d9fa11088e4e4e |
| SHA512 | dac706625f5d93ce883637c4ca788446d01371dbcf00cc27a6a0a3e9256c4a3fbcdcd13196941d1cd419af78511a5161f9b306114250fa7f0c07ef63e951f1aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 74866f05d6fe1be9a18b43730676676d |
| SHA1 | d8dc31e771a402962022e249a30b7f76df28728f |
| SHA256 | 4b0b2b4621b4d4887fc0c13da00b88e146e7b47791e164b1cae320b17f455d13 |
| SHA512 | dc0e8932004c091c640dfb3da9fb59d9af4de94f2221f56778c2a110bff26fd3928580d4b3c151bb5302a48abe98324ed422c1966060a5b7ff5536faa61ecfcf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5271ae4af0fd47e5a456bcd7c046cfd4 |
| SHA1 | b69d00c33aff4c8831f35e51ce66dbdf46360e6e |
| SHA256 | 6263243056df66e5384a5dc10b5c4d576fbc78a27154de68af7483ceb0841471 |
| SHA512 | d870a8c1c3249ef0b438d5081738ddb94042d78e832b672b0d8d8c5673637a29e3fe97631e426f672fd92ea47c60981d9334b54af1d548cb34c402ddc74eb640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 432ea443b71260804336375f53183bc8 |
| SHA1 | c4d8a7bef253db7ab65e068b72eab6c62566af11 |
| SHA256 | 7de4944d29e6acd5ea8d1ff7e2dbd3edfa0a33c350c6cd0d1a71b0c215da1eaf |
| SHA512 | cec50fd31ad0f700a356dd68c55f6056ae98472b1f4ae13521a8721bf5c8cf0b380666db5dd9769eadb87dc62e1de625187bb11c8d7c20170e1c002073d05a47 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7b10868ed755d615286af87f47e9a11d |
| SHA1 | 6a40ea7c60e3467d34e9e9f6823db6efd346ef64 |
| SHA256 | 68ca1d901d7da031cd1169f3ae17c7a0a0aafd2943cb53695ec3475385fe659c |
| SHA512 | fcb65c0024886aac5f891388e5989011ae6e3b0ea8afda32ea4dcba7c17de09caa84fa07f8dcda04b7881ff057efa7237aa98b97f190e5ba00eabec24a29bf5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 358f3688657f89799bb08a6bd256b5f7 |
| SHA1 | 626cca20f6d6bb0fe60f7c3cb557b31cfb91f99e |
| SHA256 | f3d8c73c45232105aa86eb79a72ecfb5dfdbc344b243ededff043baaf916b126 |
| SHA512 | 4af6587591f6f1821cbe17b7405d76d3de43fba2125b0f584496b9703d81cfa349eae1964cae5c47d40d95e70868a35859e8ecef637f200b74af9defb567f571 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dfa90349d41f43ee7f47dca9793cfc29 |
| SHA1 | 34f1bedc0d45fe29e72e141ed3db21ca4a974c8e |
| SHA256 | ad08c54edbfcc34c08159f333bbda970104834f1ac7ebaa0342dac7807d06d88 |
| SHA512 | cf453ff39b11a8ca60b4ff1d1a91a31f8ac97e91882f712f8f05bd6f5ecc172996b60866121a1a1d3df821e9df93f538836dd8645321c1eb5adece7c346982e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cf78e4e8304fe41f6f850e04d3bccf97 |
| SHA1 | 5e22d42f23f4280d51364fbe8a81c893deb4f6b8 |
| SHA256 | 734f974df6b6c72f0f0f22e0d495398c8e5800d47d5b345090c1b1b8f3e09cd9 |
| SHA512 | a4d69dc442e1b1a9968449a3d7a34151f5b15ee8f2af900023ff4d257333b62149ae184e4462ecd7b525ca3646ad119b4a470d3421b5dc3c1dd2f0a3a170beb6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27693839f6af0ed4e6cb7121e010b94e |
| SHA1 | e95e803037c2b83986eafb8e983b255bcf6e0ddd |
| SHA256 | b3f07823400063c71e6129c1bb835d5ad770a7a084f93396b868f5b60e7f7d6f |
| SHA512 | f47792e997a7bda55ca07c9c39befabff70476bcffc64429a3ce111f7ce1782bb9ef40fa17884b1a46645c764161d8b87d621b9ce4958dbc5a1771848d092b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 61ca9aa14dc02352847bd573159ceed8 |
| SHA1 | 335e384484cfb3aa32027d0f1cc6d77925add0f2 |
| SHA256 | 637a9086eea694ed561c86820131011df86572cf3646d93aabeaf36006b60efe |
| SHA512 | 0af4f68ae0c595974e8185aa6d4028b396a0f7f493879ca2429ad959b6482242b606da031aa2572b621ea14f6d72b07127209659305b1dd09e48cd36b6e4736a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ab98047585f5bd515547436c2c01332c |
| SHA1 | 840f1a2fddcb2549411b9639512ef59c43ef63d9 |
| SHA256 | 53ae43c407761cbcdd298f8e5500be436b3eea177f02c2c9d57c871aad3d8e02 |
| SHA512 | 48f60b55b59319845d7bf7002fad087b7c56d292ee51f5b47d34b001a53b32d4028cee7d36a58663f81c46adfb0b80128992838a55e40054df35efa55da413ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bde938937f69698399d2abca0313eb6f |
| SHA1 | 15366f05c3943d247b1a2b3290a29a3934656c87 |
| SHA256 | b7c4b3009d2fbef42732d7ab1b38d8f41ba422a33aa6f208183cf94eeb469b2a |
| SHA512 | 4d34c4a4fafed3992e9e456d46cac32c5a01d1fa1ccfcc106b16fd7308ce3084f8f8a9bb4203eadba957a776b18dfbf8474319d6a39bbc6262035ad4a8ef647a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c044ceeac714208238f7cd8ee58efdce |
| SHA1 | a40eb190555d0e7b310328f24722ce5fb78f058a |
| SHA256 | 845b5093dec20918da4cf0b8fcdcefbd6562fc5332d7b3286aa31dfc37837600 |
| SHA512 | 47b0b17dd4bee93d9265265ddb084f61b3e476b6590a167c5b1b53970ffb24b78f50c0275b85536d193a99d6133ed5341fcb5360117d77735c87e9c39ff24dc5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7296705d043c22148ad1ab21c7485254 |
| SHA1 | 03880a251accfc165c9a8989fdfa182a6db6913f |
| SHA256 | d51175881f7b791128b5b9407c4a5086d3cfc0df3667ed3d889581eddbb047b0 |
| SHA512 | ff2e6870d593d650e6c7988d60b5b5a176d3767c6272aa685e8ba2196357ea7f25ed217db106ee0f80839135101cbdcaeb8ffa947bf6336d3ad60466e93b12aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fe417369490f0755cae6806bdda302e4 |
| SHA1 | 3be7c5b82091de20ea9ff1b3dfd9d6164e25bc41 |
| SHA256 | 531ab97332bd0b38cd77dcc4cc4971e32907a4fc56df0e6b77eeae5b71755ce6 |
| SHA512 | 0f0266dacb3366bc788bf19b2f091920793a95f1b97713c99ccfeaca6d1742c97743d464f66b1dcc64d12db7f8b077205e5415c6a39c6769f9e47e21bdaf07a5 |
Analysis: behavioral5
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
android-x64-20240624-en
Max time kernel
1770s
Max time network
1791s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 172.217.16.234:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.213.10:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 142.250.200.34:443 | tcp | |
| GB | 172.217.169.42:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.213.10:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.213.10:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.238:443 | android.apis.google.com | tcp |
| BE | 142.251.173.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| GB | 64.233.167.84:443 | accounts.google.com | tcp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
android-x64-arm64-20240624-en
Max time kernel
1798s
Max time network
1794s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| BE | 74.125.206.84:443 | accounts.google.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.169.78:443 | android.apis.google.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.180.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.3:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.187.228:443 | tcp | |
| GB | 142.250.187.228:443 | tcp | |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.212.227:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| GB | 142.250.200.2:443 | tcp | |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| BE | 142.251.168.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
Files
files/dom-0.html
| MD5 | 0616c2e6c3c01448f23b628a498c33fb |
| SHA1 | 1dc316fb84036b5e43ac1cf940cbe52dc9c294e6 |
| SHA256 | fd246fcd7d0c6636d875231ddfef80cfa4c83797dcdf7302e200780692b286ca |
| SHA512 | 1b485b6a717c9549be5f919923794040df02444d22638e4c5850a3c48e35a07c066c7234e13efe92d714befde7edf8e6abd0f0c53b7f81c1c120e912d56c1cfe |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
win10-20240404-en
Max time kernel
1799s
Max time network
1685s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695607717120414" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff902d99758,0x7ff902d99768,0x7ff902d99778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1772 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2032 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2856 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2864 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3956 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3116 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4248 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4412 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3800 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2416 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4488 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3052 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1368 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3096 --field-trial-handle=1844,i,12288714950058299337,9543441679995759349,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | 84.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 138.91.171.81:80 | tcp | |
| US | 8.8.8.8:53 | 57.234.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
Files
\??\pipe\crashpad_4988_VJXQXYCOSOOBXXFU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | bb8e63a5db54e2929263a880db78aa67 |
| SHA1 | e899854b627e98423e2c3bac560f4fbf039ec922 |
| SHA256 | ae449b2c3cc5b4bcf35a7d51c02f4e6c8db379c38016d576460bdd1ffb010302 |
| SHA512 | 43e110819cad060177a475e072e1b4af6661754f806bd958407e30f165f71ef582baa998b6b3182df1a7641fe695f1b4cc57052fc3f7fa28b4fa235e1e5461ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 64ba5db7b9903b9f0c08262335479a42 |
| SHA1 | 5bf2da52f54e0359e8bb8e8ddb5b04f38d7504e1 |
| SHA256 | 081883b20613b645b8ea2b579eab6291802684bc9dec4d6f8096ea2acc7e2ce5 |
| SHA512 | 3e6be2c57691221c23acef415dd81d69af013d3893b3a6bf0b9d65d86a5e8b5dbfe096835b6a6efe2e8da2c3610ddd3839aa48cf7f35bf83a323a0d7f55eadd1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c19688c56e11ade00758b131d32025c |
| SHA1 | b0adc2ae43bafd90339224359275b469c3d02011 |
| SHA256 | c4fd2061e02ff3097f1284cf65ee7d194f701a2d7e84e3a4336d9674a96f92f0 |
| SHA512 | aeb618a39b0766a598c3daf914a64894f26ffe5e9af59c91975bf1d42722a91ab91bd8811cf42550938201201d1d587a887492826ecfc83a871f1108970c2483 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ff4ba5a6c44e2ecfca3f437c481b8a1f |
| SHA1 | 9fd68dffe4598b9166ee4e0ddc5eb9d68f3895c3 |
| SHA256 | 8e28aa88ded7898a5aa55762eb458a5f273af13b662119d5d998f13e0db5a5ca |
| SHA512 | c09f806320ac272bbee49ef32b48654f667dfc30fd8a2746464e2a141242dfe9327478aba0c8cc2392376b2895b2cfafa0031288e4b30b3ba1ad893eeff222a8 |
Analysis: behavioral4
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
win11-20240802-en
Max time kernel
1799s
Max time network
1685s
Command Line
Signatures
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695607722172670" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff81ca8cc40,0x7ff81ca8cc4c,0x7ff81ca8cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1788,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1784 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2040,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2064 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2136,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2204 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3056,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3096 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3064,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3132 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4076,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4384 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4332,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3404 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4688,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4696 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3676,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4352 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3420,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3356 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4404,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4532 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4316,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4708 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=1412,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2956 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4988,i,3557400033610695222,15368783227515137460,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4984 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
Files
\??\pipe\crashpad_2156_AZQYPHKTCATQFNNZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 9b6eacbf14e3b8407cf58b9c711b57ca |
| SHA1 | 080460462f0376de685e7da61f948f2209e12ba3 |
| SHA256 | 1d4f19637b8392dd328c18c8244d1fd45f4f4f3c548f33db6d3626ac101b8183 |
| SHA512 | c9459de917c6545a1107ea931d32f69b6588070aadfdd247092d643d24b5eab895a1f3f631255ff501ff1f35609838941735aabbfc88199a949fbbb485b244fb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\f4f379d4-a6f7-496f-8ee2-ffca12f8b395.tmp
| MD5 | 8c16208a4168b2e65e4a29d729a31f91 |
| SHA1 | e664807eb364f0f894c47f77c9b0f58f0178667e |
| SHA256 | dd824ad5613a785a8dc8ee049a1f22b314c88c95118813083e6ab32c7b4df23b |
| SHA512 | ec2c20e4863300c5ff0cadf87046ed4a12f9ecf52ecc08447aeb1c1996f7edf1ee906a62d7ac227deb54bb70072fea16de541d8bf6bf151a15412e7f9e08a6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31f4a8e38216adcfd3dd5983a982881e |
| SHA1 | 180a6d30ab2059182abc87f42667a7c7ff74712f |
| SHA256 | 19404f7549fd9832dc8d42521037806116babe7d2737e4c7f2aa8e18bdd16bf2 |
| SHA512 | e20306b894550563909b95635789348c1afea157c21dde63cb7df3fa44c4870bf509d737f37a76a0805a0d3df9894be47c31eccd451dd1c67fa5eeb7dd411828 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f7186ea3e55ec57880381e855cc7799c |
| SHA1 | b2cd2d5977c6eee3d60f9a48f0778c0b2f6a809d |
| SHA256 | 837f51ce49c84b78810afbd0dc342cb0319972919acb9034ca42f31fe7757244 |
| SHA512 | 288ef86163f94f61a4407ea7a2547b9555d4d2a6c42e405a10b02dad954ab02d32f96c8e3d970859cca178406c2c6790fc59d70c1a6b568483ef4aaa42369939 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 56b03a7a790c96d133b76ecd629a308d |
| SHA1 | 831adc73976ddd11f64f1d11aa51e6e6294fa416 |
| SHA256 | 4f5b0f8795f848fde410635273f4ae131ac343a89b490d9dddf5b6ea565944c6 |
| SHA512 | 51f4f5aee9862b5583f1f4aa08f27f769c7edb0aef87a3adfded7e17af04c7afcd3be58c70aafa66d2a65b34d79f629bef3ba7945a8180659c400a7700395bb7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 47bd7d5d61e37eec613b71b69fc49fcd |
| SHA1 | be9f9178c6c201f70b3497aae6576adfa1d1ad87 |
| SHA256 | 552bc1511d262186e911e8d3eddef1dcb071fc19f4ab1b1df9a83768d43a6299 |
| SHA512 | 6de650ad21e22c2d19cb5b6be3ef377a84bbddc2469f8f360aa3153c75fe379c6b5f054af625134cdaa60d157c4d63995770ff67eac05818362dd89d4e89979c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ad3d9afaa4c05f9adf2cd62306ebd2e0 |
| SHA1 | 8817a49f6cd4cc1268c576e783fdcef92ea18433 |
| SHA256 | 9fb297de0935adbe70aa6084a5dec52f03adebbe36ac0c4edecf0c831402b511 |
| SHA512 | f4208f4d8859bf05318d16265e2d437728b441b7ceda6ebe073d1e9cb28c997b13d76831c78bcc24fa08ec3016fbeb575b9818c0c7e25a1b713e6781b1c55e3f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8ec844db1024f3c0722bea6e538e1eeb |
| SHA1 | 48ad496100a15e17b3761bf8af70b9de4ebe2c0b |
| SHA256 | eb82f5128c398897d60e87238e6042b58b85f1b633bdc42810ff99f922011ce3 |
| SHA512 | 3b5fbf6ae8023481a6bb6d769a235033f3165db3e1d1391712ae2da0b5296e3b60d8bedabe16f0819b5cb88be6cd22ac20b35517c96e58f5076e11bab7b234e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 364551c4b3246483b32b7070f452f75a |
| SHA1 | b0a150f5647c8aa06384c1dc29207f574c984032 |
| SHA256 | 54d3e8039031c3687c5256b71a820e05820e2f593134708df4ca39c1c41c73b0 |
| SHA512 | 0ac5ef366cd1a0e71c8ba892ce8a3791ee60becf733ae2e3d3933650439bf724b74a99e307fb8d9da926795127f1acb4a6134b4a55f5867d8cd05497596d00d2 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cd6308a365388a604473740fa2437186 |
| SHA1 | 1c16450c6ddceb0f7326cb281c971ff9b8abb052 |
| SHA256 | 23b727c65bbf3b57dd95a63295ce9c3b5f8f35b83149e5f7ba8b3b552540fa20 |
| SHA512 | bb80577e93d094afc0edf97319a89708aa6617a775fa7df22972f069a968f592cab6413c0c4be7d02b55d48b2625276a4dcfcb26e99a02574d7d576f8131248b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bd968f79eb67122aa6c0a1b2919be07b |
| SHA1 | 447d698cd1082df88b247938328a4b5339a3a7a8 |
| SHA256 | 4f24952d0e1c68812751e47fa5ab4e31adf248da4f1d0ac8a288aa6923b55d8c |
| SHA512 | 1c4dfb67104349b495ab2821820f1a0a7753a87fb7e1481fdc705728b45fbf9fafcb67767b010a00b6f84f735fdb865ceb526b08df4b56f890b2d168a62abf6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8f43e22eed5fbda70fe25b077fbd5869 |
| SHA1 | 86317c038bf4716cfd7b45d23e1507f10b9572b6 |
| SHA256 | 311136de9350073b63923d8f7d7957bb4f41869ac9415d47c2e8dea5bf0f7853 |
| SHA512 | b9736bda43ce08923a64bf801754b9cc6cbe133e89433769c8378e5041066aeeba2fe7985c218a6bb807b2cce28f05a302aafc0f15917d433e93fd44d245f5f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 10a09786e87916c2303f486e8225dc48 |
| SHA1 | 046f73de64e8fb8b373b7155b7370dcdd001e655 |
| SHA256 | 4b7332e86f77812af30b91897f4276c5f35090d11dab13815829b9b873340bce |
| SHA512 | 027202113e597882822dfd393075e411af098d46f7c3e1bcfea62b0ff6bdb2b3846b896483f1aea69bd7b55f9708d94c6cb78763cd025349d1c3da85bd6c7916 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 77d5088ac627ea1c226809ee77c5cd68 |
| SHA1 | e8a09af7f3c29c64f879795963804fa9b5a8912e |
| SHA256 | 048ab4b19754300a0cce9d0abf0874041cbb2573ff8498e3fa740da5ee8cecb0 |
| SHA512 | 4994f9e7eacbab3366e1bc08061df82af9997daa547819642e39050c7de056d173e2076e80254aa6035fe6c51c97fbc0795656ab9689660a7f6d710ea1a7d5e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 98c7b24bc151b16c4bedf61da2d8af8f |
| SHA1 | 29fd7156cc315321d933adf0c4ecf25b62b2e997 |
| SHA256 | 8770f2b3c12982be922a84161966c8c4cda5c9ae9bc190f1cf20151a96536544 |
| SHA512 | 6990d775ffc7665d73b550e6252eabf4cce8c203be741ad95af132078154bcfebc9c854957e8ae7fb96d04a4a9fd8fc7a014b517f3e87153135c2cef6d1681d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3716b39fe31d6a6fca282055cd51215d |
| SHA1 | 8c50f16ff4942fa59c2859cc62c67f4236fc5691 |
| SHA256 | b5772e177cbf974e65c0cfed39e8a86266faa7c154ceb089cae1e780038b6b3a |
| SHA512 | 8d4f3056a4dacde8b554deb2148bf5bd17d0c5e6fa730865e6c1d5810a3ec743be433f8f2decb53697221207b7afe0678b6fb3880e557d23f87f3dbb4ea87656 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d8ff552f6a763fa03a779dd8e83476ab |
| SHA1 | 14b25b9af8ec62f85ac068b4b58a1fe61ddd0ccd |
| SHA256 | 92fa4c90310b6e67f91a2effa4a91440e274f0ad4304e09f6f4bf3e78b93bf63 |
| SHA512 | 9fecf6f427e51a65a39393e065353fd2fe52104d97e64fb99c2d705b1dcc97504d1fc67836d3ab88a91ac47dbe6a6c23b854b23067d6811612e1cd9fef38988a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c35dc1559b41541f84f3f6a6317ac2f1 |
| SHA1 | 57981f252ef0cf57e234cf2bf08eecac77f80553 |
| SHA256 | 1447fcc5d2486b6e77ece2a121401944b977a59b14c0d6a25b26377febd882eb |
| SHA512 | 8b4035d26053d8c313c3c9b78892846d24cd1aac4e8eacff51fcbcf46bbb9f6a9d673c64766def554cdd736ded0386e22b61a969d9b33b7e6e99e2d2ba528540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 72bc07ca47b22c08626355b8deb241b2 |
| SHA1 | 74b9800e72f62926f0240b8530a53a18c973715f |
| SHA256 | 3ed8e5f941989fc0d16b735a33006a325196df926da758e52821cf9756f3b249 |
| SHA512 | 43d9b4664e0b6db3b6956c2f0270bf3d0e31855c663175d7508fa8558ba6142cae98ab2e0cdb8294d8f8f1da08cd121786004aa39fed4cc32467c195d11f9ec8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2b1b88fe24ba9258e66406c53fe23b70 |
| SHA1 | c897ed33d725d434bbebb4d94ed417173874afd6 |
| SHA256 | 416f4111bbcb7ac808e5bc73ef8419b393f7ca57b9b8347caf25d75d31cf8ba7 |
| SHA512 | c269bfb560ba5d6379e66ef4801fc219b4897c9d82d4db996d49b9e6dfff7e72f52b0baa2013562eacf551c552199e0b4a0a064a0a80e6ff403d114d64fe8823 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 006f4323a53b5059fc7864e000b77a94 |
| SHA1 | 5c3d224a08e3adf43b27857ffb3c550c042fbad3 |
| SHA256 | f17809f7e48ca25d4d596033333beee13d6fa0b19e8b7f36172b9ca488e20b0c |
| SHA512 | df2131767db1b0c47176db2d7b794a327c11cbb86886bd265d3742f85a645782b2fcecea4e62518720f7a974aeb80a469df215660f89f1f64e9a179ccca4d4c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2dddfed9bd4ecd8abb4ebfe45a9b6e97 |
| SHA1 | 68c844c1d950e8b2ebae27b5eb9b21ba657d865d |
| SHA256 | b1a475993882a0876faf92f613f289e39d8b3ec02aaeb8c0a691851a809d666b |
| SHA512 | 0cd75e08b8f0fffbff15ae82588cef4abf34ceedf83917d67bd0ec684ba6c9dd1f49bf8035f0a7fd57966abe72c134c48a126f2aed9c2f7c4f6c3cc88660e527 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dc51398d13c82f3834e6f423cc9178d7 |
| SHA1 | 671402658e897db98eafb1c8197c96e3fcb676c8 |
| SHA256 | ba9b1bd1b3ba26709e9a9d1a0ae1cb8d599aeaffae047aa7f96e2123d9d2862b |
| SHA512 | 34538c34ab11d6231a95ae6c0f0295d9a70469bd32e730794ed0b1f53a473a859f275ef7835f86dd2d05a31bfd90fe76e50f9e9dd9b94b25ea286a30f081e421 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8ef3727f7f3583dd64deaa80cfd7fad1 |
| SHA1 | 834b197369e2a3d89f39008cedb877d813d9d1ff |
| SHA256 | 3d58489ef07c0786441c72d8979383313f3f6d02cd3c967d41dd2d4e4f6e3f3f |
| SHA512 | 39038c3e4e5a68394ad9344812adbac14a2acdf3639f9b2b193a67a17669f619c446fd0d759660591051c60d5b936fe729b4d48993398be8b2cd6dfa9f9c1cb5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 657987f8afb14636aabfb475ea98598a |
| SHA1 | 5cd050331d5d8dd3d4920283c9bedd5aaf7a02b6 |
| SHA256 | a7a9b3841da0a4344cc5b424a6051be002e28cf8010ab54f79b9c29640b1352d |
| SHA512 | fcb0d01d28654e58ceb303ebe95bcacb1d05eee1f9bf56d10d0d5b32cafb233e18fa3708f9c2b5d61106ba189258b431efcc82e38a1bcaa11354ed9fbc22081f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 204eebd1eae4ce7bc1f9a10137607ffc |
| SHA1 | cc198f56f9fb2bd46dd1f37583d0b246fb602dc0 |
| SHA256 | 231003b9e399372d5c473d14b4dbc88404631d367411e73f82e61bb403076d34 |
| SHA512 | 065141c1fb7e8b0c963c506dd08b3417cd1cd9005c72deeebf38416c8f0f229945d42019af3495f8e9f79468b791de50048766043f81b7622e3544dd0b7aae8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 07dbf1b2d8837d3404da557555f67630 |
| SHA1 | 7caeb7cc6033090e97a79ae99d3b3faef807f70a |
| SHA256 | 581128f0b2ebc9812df30310495f292584b7cdab856d1e85a6f9e588f6ab92c1 |
| SHA512 | 4bc9067becfcb43ec03ff0b3e5c3c567b93f0c17462a3edf500b06156a820bc52abeebc8b6dc91afad61a93b6bd4171c05a943a0b9eff9f00b203c9a05e2f91a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1a854adfc2153140c3eb0d63490cf108 |
| SHA1 | a91edeeb0bd952b470ea25054efba409115dc2ff |
| SHA256 | f7e9af0b500e41a3bb30ac7847fb321479368ecab097d43dc0168fbcc5b281e9 |
| SHA512 | bb4a0d34aaedf8a74e6497e18bd1782f8700b9d7814d0765406ed048ee4f622d0edf982e9c9adefcc079f581b2a4ef96203229b4a130bcc3af073c4d3615f5d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4a74c46be31395de57152cdcdcd72e19 |
| SHA1 | 9df0e818f73630dfb1baf0c800ec3c51be0a7dd8 |
| SHA256 | 3aba281af4b6ef2b3d20c41adc935d5d0023df0e5b1265323b8f1899445be9d4 |
| SHA512 | d544b45c036e6f09f788f5cb985dacb823c87a85bcf9759e54f3cb332abb7500f33c6c02fa9c0ca786d0440fa54cc3e8c98f4482677d841456d394088b5804e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dcad0ec808a3058b0bc6464e11c46c64 |
| SHA1 | dbf89aadd89c2be9a8dbbf1e1ab4b9d9f2c9e004 |
| SHA256 | bbfaea59052817f1c576d33168be176c35db37d65582371731a6a35eaf230f18 |
| SHA512 | b0f5c966f853bc55cecf343f93c42177234d00b396e2fadc59ce9cd3bf448cdb6c1fd8d893d1f2b7e8a3d081f28da0c4828d33801cf19cafbbbc4b28d83daf17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4166d0bcd3b25459be55f2c9936e0efd |
| SHA1 | 07ea75cbdd36602c2dd97fd09f51fe54e8bdab66 |
| SHA256 | 5ed7656144f7f8320d11c6b64e48c9303df8076b77768af4a6d48974d3342730 |
| SHA512 | 203da12c1addcd9c0ddd68574f93cb5a52ce8d41d609558d17fdfc3bed26d4ff16e55e983cdcb9cc6e31634c65a6e5fd787e32b73e1f3827f60d20148bfce418 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2b2f3067bf87b0b448aac62c1d6bde2 |
| SHA1 | 8d79114fe366b00c3f3f587aa8cb3d565516563a |
| SHA256 | 1b6f752b9b9b639320d8eff7e6ca6ae82373dec13ab477c4eb9b7c16b36116e1 |
| SHA512 | fafbc0cc4dbdf1df3583924f21fabda48f9bc6ea4d01d58ca380c4251b2de302030c89854af0d77645a1fa0827e558108e1dd8bd7c6184dd2b1e53e0510ab94d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1c69894fb624ddaef57f62d3db915735 |
| SHA1 | 4dd999bc0c4b886c1d33192c91419a2c651fc656 |
| SHA256 | 5123045b18093c226adf38feb3adef395cac87db99fead3c12a79db6184c616f |
| SHA512 | 19ebbefa2406307a6499d02309a7800154d17951786bf252d73addbd5a63a98902d8398337cb5844f35560eebb73909c51124e65b556519c1ad5e0519518bd5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 748c2be2d126b0ad1bdb6872104d2d93 |
| SHA1 | 771ed3558e3c38a719a19380f36d4dbbc8f24d0c |
| SHA256 | e07fbb805e65e179c11dcb643cf9d5774293b3b3a2eed2a42ce2d8bccecad2db |
| SHA512 | d036813aee05ee924c96ec2345fe533b4beaac08a3146750ce0f794fa014829f5ac74bca4f30cfbb6d184e1b4f784d1e760d6887f62b3d1b28e7779aa331e6c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e8e36eee47131bd3e0217d58d4339b3e |
| SHA1 | 88249fb573d1b720542f16c0deab3f08199d4fb6 |
| SHA256 | 24a0954b8dd9afd5d330f09fd3bc5ada156f3068e186a902fb6f333556f44e7b |
| SHA512 | 31c8363d586847952e2f9c63c328a94fe72d5f979551b2fbe8f101ca0c87ae2dcbcb7afaf4aa8c85742d87792466d501150c8d6e197f5df00a73a093623d06ae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 15f61e59a9da9e04c65b9b7269325726 |
| SHA1 | 0990ad4cc62e96ba61101dbd12012f3a5da0bda8 |
| SHA256 | 3a238901eac074b65b3d8d3ce3f213bdedf36fa4a8da533e7d096b2aa55996c8 |
| SHA512 | 719e657d1f5532d3d4ef0be54e78536e0004b980978c9b39ace92e8dbc15e596b2d87c6804fec3e52ad576cb2bfac9d0c3e6774bc71ba147cf78631112231971 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 705c3a03beb151d40d699dd8821ff60d |
| SHA1 | 00359eddf4811fde6a55c869f959d27366f0e764 |
| SHA256 | 8b7b8c0694369cbe978fea02865c5ee149295b45853f796170f6d725eedba1a9 |
| SHA512 | 5f70579194374a97e1110576fa70ebea4170f7eedc86dea90844dde5f56fc8c36cad2047c3a588575f5b33d87363653a03f183d41c254cdb30292187f227234b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1f907353de5d450b4686ccb8ac364524 |
| SHA1 | 25c2a7ed08e7eab2e28e15edb24555370bd95ea0 |
| SHA256 | 7bc3c96eb2c89651dc7d6af9ece383db351ec7b5347f768350c720dd8b5668c0 |
| SHA512 | e34a70ea141f9a93dbb088b9c13690d1ce26811c4d2ff3e1b05ee7d79c457e82b53451a22b888386a8298a10d5901a44d887bb92564c985470bf282d5208f050 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 925bc92d6139d4ccf48831a01e44f4d3 |
| SHA1 | 9babd5c7372947da87cde09943434911a9a0ae83 |
| SHA256 | 80a2bdb645b1616670b89a18ef2b36f2c4d0688292346a111f95855ee8ac00d9 |
| SHA512 | 57dc5bdff669a35089799ca262075fc3fd9a619c082507326b0bd4e1cae312cf5e229675de530d62b584376a91d9834d54d4ecdb4becb172f22f693450cc8470 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | acb383007801d09beb35d00f10d98009 |
| SHA1 | e60fc72df278c9d145dd5866bd2edec16dc10e24 |
| SHA256 | c9e45bafe39b0ca7394ab3a9849b626287b6c70a934a80d94d42165f458dbc6c |
| SHA512 | c16d30bf092027d4f13e056017c3d8c01b68ba59d9d9a068474e7d227ef769f8b210fa68cec5d415240f7243b1ff4b57b35758c48ce06d7792be50340abef429 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d821cdb270b5cf37e5259c7625399ef4 |
| SHA1 | 2e0e1c2e3ec00e5a148717d32b443ec3c4a57daf |
| SHA256 | 4b8acbc49f16d89eb15040ad38fe0e9f73b4f6f5766370d76c33f8ad3ec8dab6 |
| SHA512 | 22424805ce371c0b97061c5d74673529e406e08202ba94944ecea0f39e7c8034bb6a87a1bf69ef9e00321d3200eca7be0b1d92e954c5f4959872a07881635579 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eb5fbd54fd8928d5096fb30a3ed27c85 |
| SHA1 | 9919f273d41c75fb3cf6a294110b7a4c073d4be6 |
| SHA256 | 196b6f6511b21e531c2e37bdfa7cb6e5fe9bc7d6dfbe4d0a5ede77954aa32180 |
| SHA512 | c5b8ad53fadf01f8c93d10fc563996b7ae67a8effdc2fc840a8d32ef7dc83c690ae43c40ad6a28f2b6419209c11afab4a5f28654991dcbdaf38bcd56e92d12a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f526160144b3882d797782c5731504d4 |
| SHA1 | 153579c68bf97a2264b56888940c41726acfdcef |
| SHA256 | 22a07ee19667b255ae7d86eaf152726b0ab3336fa02aa75d9b0ca3cd4946cfcc |
| SHA512 | 9077425418e3f77dc63a785b008478ed1822b08f9cd72d748548ff0f036120a5e88f79c698fe6adca3ee74fa3885629175820e72bb3eeed2c96a1578d33a3e2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 456d1412363d23901323b0b88151a53b |
| SHA1 | 025869795b8bd05dddecbf5da95893f148cc3110 |
| SHA256 | 3798558a566f8cf558d8ed6cec26cbf6d9eb0bce18984763fdbf63af9f3edb21 |
| SHA512 | fc43e2ea2be07b166d1f0cab371d7496aa4ef4f34db20cac5a2523422e1df6d2ffbb910d3523604ff0a752bf125e5ae86afb4ca867ac14ba75832a7e1961d2b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 36a7919d63ee14173499effb236b0842 |
| SHA1 | 6e9aa7af80f07d0e0e41d7f941493c45ecb8595b |
| SHA256 | 0e862fcf8b8f94471936cbc01b2c3a3077e08ad52dfe54ba665856c8ca2bf556 |
| SHA512 | 11cb2253dd3e8452a73e1d95d734bb8ba5a23d3dc044354d4b275d36dbde66f7ec1e3a199ad1a70d4aba8f1a301a80e9da6eb39125d741dbd03e112ed40b3740 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b5265ef1791ddf4e4f62c26bd0f690de |
| SHA1 | 3b1167d97d11b448e2d286dbd9d69f99d4203300 |
| SHA256 | 94d5b055fed21af6d5fac2f68e84730826619315ac5bfef8484e6766a58e26a0 |
| SHA512 | 43c28126e11e571ea542167ad2998a0c8c6f5512551f0131b0a6005eaa1ecb287a8d39f87a3ad483754a3c90ab9dc64eb2a1cb3bee7d779d64e5338893f461a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\92126771-e3f6-4543-8f9b-9cea51f4a6ef.tmp
| MD5 | afdf26d230aa5b43cfdcd702c2f9cf25 |
| SHA1 | a86ea40b940498b867a1159623cc6ded7fac178d |
| SHA256 | 0ccdf140fbe5de152d8e330efb95443e09c0432339074355a8a7da06f5d70bbb |
| SHA512 | d310d66f4beb1835c5d87f3ebc5543aa6a2bd833e9edb9dc8cb5160e03f7a36541e3ce59631fd1147f91379a0f57ce248f190bde408f5babae64cbcfb4e739d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 12ae293eb0e06fa1991c8c65435add3b |
| SHA1 | dfe12f58f807188875e307035d530b1e7bf73e21 |
| SHA256 | 7d44e3c4038bbb990b0a169a765c3e55420ed116d8762d359e75e959f586e9ea |
| SHA512 | 3e6280b43f836c1549e4bfeb63245457ac72617a40d100a09b481007391e72f749b1c4eb17188d72bf0ea265e8270b08b4c6aa4fc5070423ede97ff20d92c575 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a04ca87e-5fe5-4725-8419-305e4b155c04.tmp
| MD5 | e201d05e8173a798e794968b0abc6423 |
| SHA1 | 43013e78c6c1c2b439efc4ca3f40bdd7f6895111 |
| SHA256 | 9a19474a33b2d4e3ba2fdcb15ba951806120d4c5af526ea9e944edbfe5a2da3d |
| SHA512 | 5d32f71146d94b8e67dc395ea0a8b88331a512c87eddc7f0d4f63077f6abf8638c1a7c3f316b94c7fcbf4d1802abbfc696fc734f8a69423aac141749be111f24 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1343f0ddfdab900c13a56716ae22f29d |
| SHA1 | d5134758d8effc5215c40651ab12a00ed09494d1 |
| SHA256 | e5cd523c2c6663c4c8929398ed6190bf70e3b35373cb4586a214e8f23529560f |
| SHA512 | bec777ddb54f67581236c2481e8a3d4b824520faba68f04b821e8f4a078a631405521b59f97abcd380edab0cc5a774935309288969526fad4430317af85fcff4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 32aa2c66ef304b01dc57e612775aca14 |
| SHA1 | cbdaae8373f5c9d2ebe9bf2dc6d4e40c86f984dd |
| SHA256 | 9e036e9f7adcb3c8796d76aebbb037622dfdb04ecd62ff79a0492c5f31ca7ae7 |
| SHA512 | b3f12624f7410cc53e0d086e9f97cfbf404dbfbbd41770adda83861e5c318ab469d88e390619e966df7850441bb88c2d3c68692988d26202f56f5bf2e1f040a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 303e2dcee12e549f83d2714adf08b57c |
| SHA1 | 2e23152bc328394af373f707deb2070820e9173f |
| SHA256 | 55f2cc63e9b9078027654e1dedef58818306b96d1aa5e6382328c9e901949229 |
| SHA512 | 993748e0741d4578444716e9aeedba741d869b82b5a2021e61b6931cf72495f67552aec695b1cc75f474d27c96a2305fbf7e8f057821afb61027fd8987b52944 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e1df2eaec16fddf26551d434d275c67a |
| SHA1 | 19930c7621c6902d6a3a6127fe1fd15323e1a4a0 |
| SHA256 | 4a82830457bc36f049ffa63f4d324ff87739fdf2bc052dae8187e5f37c3e5b6b |
| SHA512 | ae6afa09e3fe55fd1d840d8d028cd3c52e7bddcdce43e04e9b43454d20e9f193e7095a5f903e59ce851a3b93cfbd479062d444bba919b597039b58081b0bea95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\81ef860d-bb64-4d24-ab23-9555c0e2a971.tmp
| MD5 | 5d899c71ed414af78c9b349487a9291d |
| SHA1 | eeea37af617b038704a96a4979787d5b0ffce018 |
| SHA256 | a9324906b4013155729ce9cbf29327ec3dae2c22ccfcfd7ecdbbe019e25344e9 |
| SHA512 | 4b35fdb391b35698b4caa9a026f939081b8ed93e8f4b643dd80fe5fbd0870bc228108ef443fa60191bf4bb1af484bd0a5d6f898100a56a139c12e8fd1ce4c1cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f8f1597873769e9625e8aa55989db434 |
| SHA1 | 3148baa6809e95b81499803b86ce55b581012daf |
| SHA256 | bbc21271f9dd02109722026c2bb07468245f62015a515d19f8ef27648a04daeb |
| SHA512 | 4566c3bf8750bc5a1337b813dac4f1a01ae893b02836957bc8268219ab6c59a1282afc36446dd9984fa68394695837b208188658052e390aaa7525bb7e824bd9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 797430240fccc14e49543c81dd0fa9b4 |
| SHA1 | ac9f87b48503e3d553306669f44dae53b25f19de |
| SHA256 | dddb76687642f01f8ea39aac9e80798c872af2510f1dfe6c631e046db8ff1eb5 |
| SHA512 | c7d142238f7054c644bfb61fdff921367d8ed992c6c1f76c663eeca34dd8dab25218f88bbeee33920ec1185b979c20547bcf7ef2428a63d79184ae30b31c56f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6207fd28c314a4e42b73f0d66d73e620 |
| SHA1 | f95907e99f522f05afdfac0525e90bfb529ea20c |
| SHA256 | 70a5bf17d3615e0b4ee2dccdba51d59946d2e3b3aeef349a399109c275df2333 |
| SHA512 | facb78b7421d6199e932c89f454789d21dfe93c83165e59a5f634734566c0327f9a551661cb6270eed893555e6490eed153bd6bfc77c85ad19bbbbbcf385c4b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2055322c4e15d79a140fdc6ee94508cd |
| SHA1 | f86ef93a08e56bef499b51ee1f14e34519cd8383 |
| SHA256 | 33d529823a22d1241ff4bb9d9592e163545bbbe2794d0b932a262e706eaaba93 |
| SHA512 | d9a02e20d62a8ad657951a0ed8bd4727f86397c644f98d69f4533ff4f85909630109186b80264ed632eb6c93da8d2e6589bbf9ae359c919b364628331d748c70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6fd540db9b278b28200b16d0f764e815 |
| SHA1 | df4ccc2e7883bf695e8b643ee4195f5b6842dcb9 |
| SHA256 | 596c53575d06bd4b21e46e659b266f2dec1837779e760a336e536e1dd16050cc |
| SHA512 | 1e4b11926bc9bd4ab53606b0672101ba926c3cb690680c01e2a2be99c1146be2a7fc77a5c6cd1164ea867a19c0da12a4bd6d28c00c1cbd02bb8da472ece55ee9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d3aff27a6ac6928ff13097989f2120a0 |
| SHA1 | ca8db28462e3971a2b293e65f56518ce8f75fab9 |
| SHA256 | d6e4eec13b35c7c97aa61c913c68ba1b0c9cf54db86a9db6f006f58dfe3ff822 |
| SHA512 | 5fdbfc3bbfba5e5b9f7b18e8f769f1688853bcf9923d6aba19482f0f25d65ee5cb1d2c6dac6ab13a37c0a104f8f3bf3241d04ff14ae7934983e5948cfc122681 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aa037d33a9f21af31e3cc95a30bfbb8e |
| SHA1 | c8213b9477160896ceb9bee985329ed46f291e08 |
| SHA256 | 2522bcf5dd578420cb40cc8606e56d9845f6df895968b87aaddf2057e8e4be8c |
| SHA512 | d68168b8f3a2cc4bc7c51677e76abe24c6382df10a9e7272640aa6643673ae01dc28aee6253ee3c778e4ea2ea54a6a5224d7df9912520fee3af5bc74fb294ed0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c52f49b910b25624419ef8411f1fa16b |
| SHA1 | 6e8cf6638a6e35843452cde054e4e8debf7e71e5 |
| SHA256 | 3c4e4d6f0ec7e82a50fa9335f8a796efc205c19c9de0daac811819131f546731 |
| SHA512 | a57b90dc98cc4f662ad1fb6aafa0a867e03ba4182690c97b7610e64afe759c9121fa8e18c3d4a0d08df8b521097ad64adceb6b8a185a86fdc400d2fb8183fd9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4d1675751750008ebec27112d91b23b3 |
| SHA1 | 87b64c2346035e247c47a7fa536a3aa67bf2deda |
| SHA256 | 05b85288b031b225bd6e6188545110d03ec37a1f1629ab393414ba344a9d84ab |
| SHA512 | 457a24b2d8802535fe13083ed5db543d751669083a419727214e578f7de3b0e25e55fedc87d08557cf590aae543c3a39da6714f3182ad6112b4c5540dc66af38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fcbed4d38b1561c4458d03e877ad0983 |
| SHA1 | 1e32b04e37b94a71405a2f4185265e02c6284382 |
| SHA256 | eaa63ec96dcd94a44d3605abc72aed57ff176c92480d9bcf2c644f2ff20ad429 |
| SHA512 | fde9d7e34ed0ac0c4fc4f528be0363c0095da16c6fd2ad8638532a8ed9fba2a1ef753a6eb17254bdf91f498c435774ef29fa64d1b3b8f4f17fa67f97716d667b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0d150a34788dec8a853f8fea925f9cc |
| SHA1 | 30240e5dfb3c948a6ebc31c9dc09891c002344ab |
| SHA256 | b3d62686a128462be22455d19eb89431acb6a45de75f6db4057f887140f42f0c |
| SHA512 | 5afdde6b7480c4888237209133d3797d8947acc22d7e382f98ea51f6d95fc1a2e43571454172815ca187ea36e9d6f8e9f3f5c7b1aa1781decffc96f8d14e65e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1b8eef3c1b926b5a1034be496819680d |
| SHA1 | 3c884dd06345b70ad8b19a3c5b8996bcd6338dee |
| SHA256 | 867822f43198ebce6ebfb99cfea5fd56dbc1027d8d3cc1c8ac0bef0954f9b469 |
| SHA512 | 6faf965a4de5308e91bb1b687083e7bf68e7455283ade33884cbad9fb2ba34bf130c8f7804e296b6360e369f9548bed59d5d6452baaff1734139590ad309ac37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bfebda8fe8da2d908cfa194898492ef4 |
| SHA1 | 7110eadedd2596d6c9c2cdfc1750759f29e7b957 |
| SHA256 | a20a9229df2722816a7445dcb340194249d38d0a9bed4ee98436b33d6bfae3ac |
| SHA512 | f02fb1e934693e1c8cfdbcd3ecf188b7ec68aa81623cb6a82c58835266cc03eae75c4a8858e2954fb5b456a0d97713ce6b7806ffed742d3067c186e1dab5985c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\37fe3ea2-cb76-4092-b31d-3fd68a75058a.tmp
| MD5 | 7c9801d0858c9bfda4ac84e50857f597 |
| SHA1 | b10691838a80b75f48f5f937c36b48f4cb3df853 |
| SHA256 | 92b052ca4d66ad285d45214baba5046187aaadcdc889d3814f370858563d0031 |
| SHA512 | 74d075688308a46b28c5879acb90419e112a93b0296152979997de8b859d87b20bcc24e398f84ab72388f36f2f82800a2bec303303c22c3557c844fe877ef52b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9e3a98997c008f21c8b7568ba8dabb17 |
| SHA1 | 627c378ca0f4ce3003089a6eba1427d06d133a3a |
| SHA256 | 11d9937abd2c67bfda98e327f1b08a8665b94c7ba9b912359a22cfcd69eee09b |
| SHA512 | 2d02f4cb6fab9bc04ddaee9f0e4801c5cb829a9770665c15996e225c38902b565bf3f2e4d4eead18b39f313e6738400747f034b6e5da140df3334d973277da51 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 86c4c02ef24221f2e1a43e0a6d2e168b |
| SHA1 | 3ca62cd9cc978d995d80b8d64b99c390f24a7c8e |
| SHA256 | 488d9c0b447b875e5b9af9037945e4d6395ec3f7668eb86efa8f45f62a33c0f5 |
| SHA512 | e59639d67dbf33ba99e579ef008ff8ab05141e80bc83cc37dcfc9e9c0e176094d307f9b2ee6843dbee7abb820296e6df40d0fa29cc214d0a8d2f48a80a1920d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eb300d95be537b2e75e961f0f2935ac0 |
| SHA1 | 1d30ae0937dc097ed7cd2cb0313aaebbd171ca70 |
| SHA256 | 73a577031fe82abb1940f06896d3f14a7115d6d786bab49c64122b8ad1c3721d |
| SHA512 | e57ab610021d76827b4c8d00d30e01e6255ce01acd7bc2f46c9d288a930545cb923e108c5fc072ac5a32ed39d84ed209bcb31a150fc41a35d35693fce8c8f33e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 80f92d954bdb3df5a2ad74bf67917286 |
| SHA1 | c2a8ef176d2b19486390598b864e0206fd6dd60f |
| SHA256 | cf5116ac026a20cee998d81197def15026247e0f8446cf83688189c940d4d12d |
| SHA512 | 5bf252b6faab548c839cae04e6e175099b3ba58411441da22c0eb197b66bd465370a8fc654c97ffd269b3de773ab253ce8492e0dc63be8b10a3987166a05b924 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ac2c143ac5104fb2e396234809cb5437 |
| SHA1 | eb83753b452b31bbd403f72d63f261f4ce390680 |
| SHA256 | a734f02767e80bad7f6fefcfe86cec629b06cc32cc515913b94b795e8fcbebb8 |
| SHA512 | 136f51adadf3d077865bc1b1ad5cdc9c33834e4644d3952f69f42232c1aab1552e7f780374d2d888e0b7d50349165b71ea6a48246d8c7893617513f121a4f50d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9247625161be243b20a87dd4998df85d |
| SHA1 | 97b3cb35fc01520c6cdb7c5ba4dc270279a55f35 |
| SHA256 | 36002976630a4c4145c9227428db7c6127996710ed24b7da7c21c663353ff9dd |
| SHA512 | 80f28c291f41ee04858bb9db95d37b5ed8f3dde871f5b492adebf1fa38d9f6a368a1b4be2c8ef34a9fad640e5e31c01ee133bcb915e106792278b0d2126dbe0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cd727d38b01a83064a3d3d1b5aab5523 |
| SHA1 | c7d7f1d2581c96276ab63723f146bf4b819ec31b |
| SHA256 | e118d5121c6b174879083b5680fea71d1db85c4ac45842b631fecde08e09dfdf |
| SHA512 | fdce05971383d30e938dd5f29993b5a317652cb1d3d710ef152829c15f1e6aa4b105fc619a81b8564f59cc56e079abc89681ff9756291dbea95423706127d113 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f050283d46f9f502814ac4fa10431ef1 |
| SHA1 | 428fec68bb1df8146cff6c10db76f97d291fc664 |
| SHA256 | e10c36c0be5c6b94c03fbfa95e29b11470f7e14d7853f15a6d7de79d30a00ba7 |
| SHA512 | 124eef0957f489f78d50200cee0757e181ee8817f234f46dfc51a6423940c3150c78e2c525c412e4dcd6d57af57a7ead403d70469f177e248973a5a6a08836c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9d4bfda7f177d7f8f667bac073a06d35 |
| SHA1 | eed569786cebe74e06200be41b7cc5fe5f1e6b31 |
| SHA256 | 6e04aa5177528ecf8cf0999e00c7d2e5b54b8f7527ea62557792df05e3e01547 |
| SHA512 | 766a86ae59c16a56e1945819f28133f95c577d97444334ef2becca7d7f1ed8754b904a0f11633c29f87d760038c8d318df56feef5971aeecbf7f1c54998bcfb5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e219a0af39abf5e4a33bd15ac3e42723 |
| SHA1 | 57019b85f4a31c85d7794b095f01e7cfb0c847d0 |
| SHA256 | e7b26aa6f0ad7d5378f9217297271f1573a8e428236364c2d1928f5e2eeb337a |
| SHA512 | 295ebb5f04bd76a08fcff988f5ed0f8eeaa31d7adf2391d89319cadb43c603af243c6cbc30857f3be67dcfeefa3f9468a35164dc60e3ea89f8e24d81b4419d42 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1b141763d6bf78f35a41c4a6f522a385 |
| SHA1 | 9304287159065f72292ffb6df63e736fd5d44245 |
| SHA256 | c79c2dc1d4a21ee5eb0685f7b0c6b209dd640140a86a982c5663a146979460c7 |
| SHA512 | 61a21ab6eb48a3af4cc285be9e2126a8986b3f09b88034d22024cff85af39204531599852d71727c81e26ab3ce306c1008a66dddfb1f7679bd86441f344cd4ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9e5f0452f0b9c42ebc2b9d686aa38632 |
| SHA1 | 3bde656925afde44ca370338666e71e6c7004c36 |
| SHA256 | 44a92f5b680310b7d7177ab0e6fb6cda8472b3d7a726a418cbfe3bcda3b88893 |
| SHA512 | 55be6eac00189f6b3b3308d0b1db4a621e58cb26acb1ee2d5e1a611041e50fe7fd6da4dc1e53e7a6c3170c1c4ba031ebabfafa6029a24c3a2f96468a6d4ac1d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d241479f06c444a85e6bfecc8071ee54 |
| SHA1 | 59d64d41903ec0dbe98bd38b270cacfe8630c75a |
| SHA256 | aed281ba5a756a550e667bb338773735778dadc4cefa2930062bbb0cd6ec56c6 |
| SHA512 | ea0fad717aa51917da83bf27356c3deeb27a5562b62020afb288f4e0fdfc2d970e1aa75e74a5790890c1963e4b1c4c25af7acf4f647eedb976838a5786ec44cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 74c070bc672ccef7a521952e5bdf5177 |
| SHA1 | 05e05e069fafdb9af63ff4855171a7de982229f6 |
| SHA256 | f13e982b215a6589c2881c67edc0aa35471d68169df4a171bac35a40802fdfac |
| SHA512 | 0c077d7eb40472b5752cab7c85495fea580b98369fb3c5e8ad9576df0fd91faeac14578d04c487560a201642dbc9ecd9db85e5c25dc7a88ce56a1cd6360e9cf9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1ad6b9355462abb04903d79ba3b6309f |
| SHA1 | eaca4c4ca3df423d22e2f3dd00a957615bd633e5 |
| SHA256 | 82f86ba00276bc189bfad75728e6417a9e5c8890d98407428e22738ba4924ec1 |
| SHA512 | 1ece982139c9483c952461be4f5f785987f4b70d1a513e288c00c7d760718d8f30010764ed25edba68103625bf006bceab77ec17643c102593fe46b00cc41615 |
Analysis: behavioral9
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
macos-20240711.1-en
Max time kernel
1125s
Max time network
1692s
Command Line
Signatures
Resource Forking
| Description | Indicator | Process | Target |
| N/A | /usr/bin/tar -Oxjf "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" GoogleSoftwareUpdate.bundle/Contents/Info.plist | N/A | N/A |
| N/A | /System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer | N/A | N/A |
| N/A | "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater" -bgcheck | N/A | N/A |
| N/A | "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall" "--install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" | N/A | N/A |
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl"]
/usr/bin/sudo
[sudo /bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/System/Library/CoreServices/Applications/Feedback Assistant.app/Contents/Library/LaunchServices/seedusaged
[/System/Library/CoreServices/Applications/Feedback Assistant.app/Contents/Library/LaunchServices/seedusaged]
/usr/libexec/pkreporter
[/usr/libexec/pkreporter]
/System/Library/PrivateFrameworks/SpeechObjects.framework/Versions/A/SpeechDataInstallerd.app/Contents/MacOS/SpeechDataInstallerd
[/System/Library/PrivateFrameworks/SpeechObjects.framework/Versions/A/SpeechDataInstallerd.app/Contents/MacOS/SpeechDataInstallerd]
/System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer
[/System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer]
/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater
[/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck]
/bin/zsh
[/bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/Applications/Google Chrome.app/Contents/MacOS/Google Chrome
[/Applications/Google Chrome.app/Contents/MacOS/Google Chrome --simulate-outdated-no-au=Tue, 31 Dec 2099 --new-window https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/libexec/xpcproxy
[xpcproxy com.apple.GameController.gamecontrollerd]
/usr/libexec/gamecontrollerd
[/usr/libexec/gamecontrollerd]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler --monitor-self-annotation=ptype=crashpad-handler --database=/var/root/Library/Application Support/Google/Chrome/Crashpad --metrics-dir=/var/root/Library/Application Support/Google/Chrome --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=OS X --annotation=prod=Chrome_Mac --annotation=ver=101.0.4951.54 --handshake-fd=5]
/usr/bin/profiles
[/usr/bin/profiles status -type enrollment]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall --install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize com.google.Chrome]
/usr/bin/tar
[/usr/bin/tar -Oxjf /Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz GoogleSoftwareUpdate.bundle/Contents/Info.plist]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU) --type=gpu-process --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --gpu-preferences=UAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgEAAAAAAAAmAQAAAAAAACIAQAAMAAAAIABAAAAAAAAiAEAAAAAAACQAQAAAAAAAJgBAAAAAAAAoAEAAAAAAACoAQAAAAAAALABAAAAAAAAuAEAAAAAAADAAQAAAAAAAMgBAAAAAAAA0AEAAAAAAADYAQAAAAAAAOABAAAAAAAA6AEAAAAAAADwAQAAAAAAAPgBAAAAAAAAAAIAAAAAAAAIAgAAAAAAABACAAAAAAAAGAIAAAAAAAAgAgAAAAAAACgCAAAAAAAAMAIAAAAAAAA4AgAAAAAAAEACAAAAAAAASAIAAAAAAABQAgAAAAAAAFgCAAAAAAAAYAIAAAAAAABoAgAAAAAAAHACAAAAAAAAeAIAAAAAAACAAgAAAAAAAIgCAAAAAAAAkAIAAAAAAACYAgAAAAAAAKACAAAAAAAAqAIAAAAAAACwAgAAAAAAALgCAAAAAAAAwAIAAAAAAADIAgAAAAAAANACAAAAAAAA2AIAAAAAAADgAgAAAAAAAOgCAAAAAAAA8AIAAAAAAAD4AgAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAHAAAAEAAAAAAAAAAAAAAACAAAABAAAAAAAAAAAAAAAAkAAAAQAAAAAAAAAAAAAAALAAAAEAAAAAAAAAAAAAAADAAAABAAAAAAAAAAAAAAAA4AAAAQAAAAAAAAAAAAAAAPAAAAEAAAAAAAAAABAAAAAAAAABAAAAAAAAAAAQAAAAcAAAAQAAAAAAAAAAEAAAAIAAAAEAAAAAAAAAABAAAACQAAABAAAAAAAAAAAQAAAAsAAAAQAAAAAAAAAAEAAAAMAAAAEAAAAAAAAAABAAAADgAAABAAAAAAAAAAAQAAAA8AAAAQAAAAAAAAAAQAAAAAAAAAEAAAAAAAAAAEAAAABwAAABAAAAAAAAAABAAAAAgAAAAQAAAAAAAAAAQAAAAJAAAAEAAAAAAAAAAEAAAACwAAABAAAAAAAAAABAAAAAwAAAAQAAAAAAAAAAQAAAAOAAAAEAAAAAAAAAAEAAAADwAAABAAAAAAAAAABwAAAAAAAAAQAAAAAAAAAAcAAAAHAAAAEAAAAAAAAAAHAAAACAAAABAAAAAAAAAABwAAAAkAAAAQAAAAAAAAAAcAAAALAAAAEAAAAAAAAAAHAAAADAAAABAAAAAAAAAABwAAAA4AAAAQAAAAAAAAAAcAAAAPAAAAEAAAAAAAAAAIAAAAAAAAABAAAAAAAAAACAAAAAcAAAAQAAAAAAAAAAgAAAAIAAAAEAAAAAAAAAAIAAAACQAAABAAAAAAAAAACAAAAAsAAAAQAAAAAAAAAAgAAAAMAAAAEAAAAAAAAAAIAAAADgAAABAAAAAAAAAACAAAAA8AAAAQAAAAAAAAAAoAAAAAAAAAEAAAAAAAAAAKAAAABwAAABAAAAAAAAAACgAAAAgAAAAQAAAAAAAAAAoAAAAJAAAAEAAAAAAAAAAKAAAACwAAABAAAAAAAAAACgAAAAwAAAAQAAAAAAAAAAoAAAAOAAAAEAAAAAAAAAAKAAAADwAAAAgAAAAAAAAACAAAAAAAAAA= --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=28]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=network --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=21]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=21]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts) --type=utility --utility-sub-type=mac_notifications.mojom.MacNotificationProvider --lang=en-GB --service-sandbox-type=none --message-loop-type-ui --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=7 --launch-time-ticks=277130026 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=57]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=6 --launch-time-ticks=277181392 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=57]
/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin
[/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin --productid com.google.Chrome --print-tickets --store /Library/Google/GoogleSoftwareUpdate/TicketStore/Keystone.ticketstore]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SafariLaunchAgent]
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=8 --launch-time-ticks=279905604 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=73]
/Library/Application Support/Google/GoogleUpdater/Current/GoogleUpdater.app/Contents/Helpers/launcher
[/Library/Application Support/Google/GoogleUpdater/Current/GoogleUpdater.app/Contents/Helpers/launcher]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=12 --launch-time-ticks=280281021 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=76]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=10 --launch-time-ticks=280340833 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=77]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=11 --launch-time-ticks=280664740 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=77]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=82]
/usr/sbin/system_profiler
[/usr/sbin/system_profiler SPConfigurationProfileDataType -detailLevel mini -timeout 15 -xml]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=19]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=104]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=110]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=109]
/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater
[GoogleUpdater --server --service=update --system]
/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater
[/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater --crash-handler --system --database=/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/Crashpad --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=128.0.6537.0 --handshake-fd=5]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=19 --launch-time-ticks=290213338 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=111]
/usr/bin/profiles
[/usr/bin/profiles status -type enrollment]
/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin
[/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin -P com.google.Chrome --delete --user-store]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.AudioComponentRegistrar]
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=20 --launch-time-ticks=301961691 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=73]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=67]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=22 --launch-time-ticks=303157140 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=67]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=23 --launch-time-ticks=308354174 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=113]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=24 --launch-time-ticks=338501202 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=113]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=114]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=114]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=120]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=120]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=121]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=120]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=120]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=120]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=121]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=121]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=45 --launch-time-ticks=398683800 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=120]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump]
/usr/sbin/spindump
[/usr/sbin/spindump]
/usr/libexec/xpcproxy
[xpcproxy com.apple.diagnosticd]
/usr/libexec/diagnosticd
[/usr/libexec/diagnosticd]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=46 --launch-time-ticks=699073160 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=93]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=47 --launch-time-ticks=1299371573 --shared-files --field-trial-handle=1718379636,r,16715042096773958834,3824943316675852473,131072 --seatbelt-client=120]
Network
| Country | Destination | Domain | Proto |
| GB | 184.85.51.234:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 13-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.200.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 172.217.16.234:443 | optimizationguide-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| GB | 2.18.109.84:443 | tcp | |
| GB | 172.217.16.234:443 | optimizationguide-pa.googleapis.com | tcp |
| NL | 108.177.127.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 142.250.179.234:443 | safebrowsing.googleapis.com | tcp |
| US | 8.8.8.8:53 | lb._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
Files
/tmp/com.google.Keystone/.keystone_system_install_lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | ef83c45709c3525408911400fe361047 |
| SHA1 | abdc04e7670f1eb53beb19d45076b5f7efc86cbd |
| SHA256 | 12cc5752d0fca44262b5d4b11b4af72cad0fe7f9c4322813d806f77f9777989b |
| SHA512 | 7a607ef66351d34dc9c1ad06f57dc0a73ddb383ba182e4ad516da7a0ec8b6df9460e15652925f2898aaa5d138448a56ccb1a13de8673a69052d744382becd54c |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | ff6528cd31b295ef9d8c26bcc8790c03 |
| SHA1 | 0d418d5dd4c8d22f454b431cbe70bec8491b18d9 |
| SHA256 | 9f1c29542aaa8637389c3a568f4e1bb17926413f626b07cb458b85d5d58b311e |
| SHA512 | 48bd3af15ca2a077a815969593aeb8ce4b82c5c88e90d9f1bf45be4ee93108d5ca4794e36c8719ab37bb5d5fcadcedca6fd1da038f7d16ced68112f89ebe19ec |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | 198838a7a41cdc27a21bc97b5b01d994 |
| SHA1 | 7bad40a573aa667048ebde2ecb581e30cd80e75f |
| SHA256 | 52bb48b75d30f0a29691cfcdddf809e7f132c5522b04ae9a67a577a43301f53d |
| SHA512 | a7ed0964e48fa8f114ee4336878de37548b9f53748bf4ed8f5e78f86bc0de52232ebac48b26fc1d3dcc7913ffe97491269b4a03a9b5aae0edbae26a734eb25e4 |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | 4aec1f8ce5543aaeeb923ee26ed59aa3 |
| SHA1 | 09eaa5d80adc8dcd63dd1594a44fb0fbdc507791 |
| SHA256 | af49949d11cdf5b5a1124d344a90bd64932f395adf5699c1a269b0b3bcacd030 |
| SHA512 | 2f2643c5c01e43465e2a873f506ec955dd926c7609a5d73d018ed065b99856441a33c280444a78fc7a4eedffad0476691da297dde842014942e7216084d0a585 |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | 70f6969e5ecf359037a5447dd5e9b5b5 |
| SHA1 | 7f090bec3f06220bcdb42fcee3482f6968a3dc72 |
| SHA256 | 2e55c3a026ada5b66aec90a238122122983360303feaf5fa04890a65096a441c |
| SHA512 | 1d77a26b38840f5002fd998b9bb1e6c357a34e14b52fc5080aa4b79f8a6445b6cd49fdd642127a41811f91f824fced4d47b69f7016376bb0aa620228d66934bb |
/var/root/Library/Application Support/Google/Chrome/Crashpad/settings.dat
| MD5 | c6db1caaee0095f017c09113d53ed054 |
| SHA1 | cc37e2b3948325a0eeb51080f45b17ebf52a7035 |
| SHA256 | ca3252b297284a87de2ee1688585f7c37d26b98c05d7ed04bd7d6df10c0d1476 |
| SHA512 | 3013340ee4157dfef7dcacd690b840f12b876e8241d4e8bc419016d5336810ab77023cdbbeaa896544e4c29f386d21296649542ef2b0fc6b58c49e2ad0337d85 |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | 037e1ca011b828bba1889f97a7980a79 |
| SHA1 | 6e072d0efbb2bd71d8a7750f7ce7d132ed9774b2 |
| SHA256 | d4d726a99121844bdc2836186d1188da711c5964ad6a627eef68ed84f4de60c4 |
| SHA512 | 99435bd9a9726f18fcce94493dfec1f4cfa0bb67662ee0ea851c95ca47151f8b31a08b89c8241f01deb86354701e1048873f9faf54bfce5fc2e0603a2c49ab73 |
/var/root/Library/Application Support/Google/Chrome/Default/Sync Data/LevelDB/000003.ldb
| MD5 | fe382e791274914bee5950777e4f1fd3 |
| SHA1 | 53b523b5fc87e66f2520a0b5f9ea080072668f4d |
| SHA256 | 935d36c021d0e08a5648c622f3f6fde376e3310013680ae598c0e22dc943d132 |
| SHA512 | a5f608fb4f0a1dbc4c5d1b739b1a5b6f50cac1d6a61312b19abf9f601882a291d73524ac55bbe183e4e64db8dcc203d4bf3cedc734fd04bd448cb825d98d1e67 |
/var/root/Library/Application Support/Google/Chrome/Default/Site Characteristics Database/000003.ldb
| MD5 | 5c4e7ade5753ab7de2c42c04111fa42e |
| SHA1 | fb577b8c07d9617f507a3f2950df0a6dcfebe4e2 |
| SHA256 | d3979fd2d9ecfdb05498d79d1f24998c38cfd107e321f6810d8b7f9f12affd82 |
| SHA512 | 7a7452bcd22e66190e36ff0036f21d854fa57bdcbaebf637aa3a6d932a385a7c90525ede0c124853c218445d583c0edcf45d12159ca452732f31d16c3901929b |
/var/root/Library/Application Support/Google/Chrome/Default/Extension Scripts/CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
/var/root/Library/Application Support/Google/Chrome/Default/Extension Scripts/MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
/var/root/Library/Application Support/Google/Chrome/Default/Session Storage/000003.ldb
| MD5 | 38fc535a8f11d7e955ef58cc63158eff |
| SHA1 | c45ad3ee106dbfb65dce7c09b53140f34454cd0e |
| SHA256 | 085c44dfa11e65ac3548c4d0fe1ae641570f90c7caaa2881c3990efcf555e6a8 |
| SHA512 | 26e70000f77c1b6388dd470f9d7ec6bedc4fc3c43e48efcc853812eb076108bcdd9f50f7a89265e431d33df96e71755ca242dfd0aac16a51d99dea50a5a1e505 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.naX6WE
| MD5 | 541f52e24fe1ef9f8e12377a6ccae0c0 |
| SHA1 | 189898bb2dcae7d5a6057bc2d98b8b450afaebb6 |
| SHA256 | 81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82 |
| SHA512 | d779d78a15c5efca51ebd6b96a7ccb6d718741bdf7d9a37f53b2eb4b98aa1a78bc4cfa57d6e763aab97276c8f9088940ac0476690d4d46023ff4bf52f3326c88 |
/var/root/Library/Application Support/Google/Chrome/Default/shared_proto_db/metadata/000003.ldb
| MD5 | 17a2dc5826aeb539547f00f52eccccd5 |
| SHA1 | fd36ad6db84312792cffac0267f6329b21727d66 |
| SHA256 | 746da9cf33c3e4d29907dfdf1065f06ae16dcb5c2e9a34cfb5dd0dae9130f151 |
| SHA512 | 6bca3e308d0446211570021c1f1dc6d8e9704a2a68a90c5c8daf26b20cb2702bccfae8ddfeb6f16c8bfea83e1b648810054a25a7967bb9539feb241f2950ea73 |
/var/root/Library/Application Support/Google/Chrome/Default/shared_proto_db/000003.ldb
| MD5 | ea517aa120c972c602673d331dfa35bc |
| SHA1 | 7ff539eec544cf306b80137bc182fb544e58aad5 |
| SHA256 | 0c53b2ef8ec9bd6c3b81955b45cd9fc69705e7b435ad747b50c150c7e341f8da |
| SHA512 | e2bc6f26b0db61af3b7f1648e890be2b748aa886ff3ab51e207a915432c6d9a426b188fe9c979b443e8fe8aad248442b20b2e6cd38f494264cb7cdbcaa88eecd |
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/scoped_diraBXB76/CRX_INSTALL/images/icon_128.png
| MD5 | 30899b6c4e4a757b8ec6dd2208acdfb4 |
| SHA1 | f2c5880a724c6d75cce1b5191e0d82c3bc7de768 |
| SHA256 | 4f17efbd974a41d88cb36567aab6bf4586579e78780f00b1826676819e14bff4 |
| SHA512 | 58539e3f0ad7fef30792efcdbbd955599e11e4261c9946e7c3dff6267e01747354ea3b901c46fc8329f81c68afbeb2d05fe3fcb266bc5948de8befa5b8d040ee |
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/scoped_diraBXB76/CRX_INSTALL/images/icon_16.png
| MD5 | 344554d96e418120bd80ef5de5194697 |
| SHA1 | 23e141c3a6ce368acc1c299f062ab85914bcb17e |
| SHA256 | 0a4bd08db6422f8e7a8a218ef39c1b99a5a675f12697f26be88f9afc2e1f9378 |
| SHA512 | 7ae38853e5acca479d7fd81d48bb88c671cf4dce63342209bcff045ac581a04b7b0ed48f6c58253db950935c0522caaa4fbc6cf5a25151a8960ba56fc804569e |
/private/var/root/Library/Application Support/Google/Chrome/Default/Extensions/nmmhkkegccagdldgiimedpiccmgmieda/1.0.0.6_1/craw_background.js
| MD5 | 6eebed29e6a6301e92a9b8b347807f5f |
| SHA1 | 65dfb69b650560551110b33dcba50b25e5b876de |
| SHA256 | 04cd9494b0ed83924dad12202630b20d053d9e2819c8e826a386c814cc0a1697 |
| SHA512 | fede6db31f2ad242e7bc7b52a8859ba7f466a0b920a8dadcb32dcfb5b2a2742e98b767ff22e0c5bc5c11fec021240aa9e458486c9039eb4ebe5cf6af7be97bf2 |
/var/root/Library/Application Support/Google/Chrome/Default/Download Service/Files/d89e6fa5-bc3b-43d1-93b4-f649f15bae2d
| MD5 | 5adf364735dcbe6bf26ebe3f705c9dbc |
| SHA1 | a891521fea2f61a2fd16ea9f0a3fc3c2c5fb3a46 |
| SHA256 | 8d21fe1bd251856bfaeaedd6a72ab78f153a047b6042e0fc614f57a32b56d340 |
| SHA512 | 5f77f8923ab3800ab754f4c60095077b529c5f5f230c6a0b6803dc28597f42ed682921267ed344e190d0f08e0a23eceace7bccbc9d22432029a3e6f4838420e0 |
/var/root/Library/Application Support/Google/Chrome/OptimizationGuidePredictionModels/cb722c14-9bf4-47fd-80fc-0f4e4765da55/model.tflite
| MD5 | 6d7c2f9e94664539dec99b3233301b01 |
| SHA1 | 85812b004742cc1c211c92911131ce270f8ba769 |
| SHA256 | a0956386dc64fd9f4883c8741f950cd60a56859616b159c9e4251c9eb0ac5534 |
| SHA512 | 4d06917f30651c3bf13c509aae79793b3f1ec93de12179464b18fd9fd16c7bf466884b1c70e425d7e937adde341cf24bd08f19a132bbb9683e804f29b4ed0c33 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.xbWyR5/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.49.1_all_ixzyrcu7pvmgu5pjv6enfqq6wa.crx3
| MD5 | 2db7e78c310ca8e73c069a604eac4d99 |
| SHA1 | a6d1e03514f8eba03ab81f1380fc54aaded823b6 |
| SHA256 | cd1978742a4afdbaaa15bf712d5c90bef4144caa99024df98f6a9ad58043ae85 |
| SHA512 | 681eaddbf304f4513b008b98493272b44815460568876b93528851ff7806775de38e6ec588fe27a2cf3dc804415e83a420e45d754b25ad4bdf68ef2c78403aa3 |
/var/root/Library/Application Support/Google/Chrome/Subresource Filter/Unindexed Rules/9.49.1/Filtering Rules
| MD5 | 6274a7426421914c19502cbe0fe28ca0 |
| SHA1 | e4d1c702ca1b5497a3abcdd9495a5d0758f19ffc |
| SHA256 | ae2fd01d2908591e0f39343a5b4a78baa8e7d6cac9d78ba79c502fe0a15ce3ee |
| SHA512 | bf1287f502013308cdd906f6e42998c422ef1e272b348e66122dc4a4e471d01333b418f48d1bb2198c72845bdc950612597e179e612aaa1ba6cf8d48fb8f0cf5 |
/var/root/Library/Application Support/Google/Chrome/Subresource Filter/Indexed Rules/35/9.49.1/Ruleset Data
| MD5 | c5e30274fe7b93847f6d7c02410d1209 |
| SHA1 | 488a49f38459f29e110c706c51b61ca1ae3b0e26 |
| SHA256 | e634e3cfdd0d27d0be1f5f9a19748d19d564928765db343503f42a6e1f5dd4ea |
| SHA512 | bc235bb3af269e9a828e6788dbae2b42cabc879b858102f4cc76c0fa02af0e296d20ffc8f134c0a3f9b408643e4810e8c46afeb0c285b892908b06ea1aa1b811 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.irddJG/khaoiebndkojlmppeemjhbpbandiljpe_66_mac_adbxmk3cir53o3v2f66pezkgcbjq.crx3
| MD5 | ba0c44cdcbb9f1a8b1b2cbed95346caa |
| SHA1 | c9a5e9df64b46db7bf44b091da1c5553137bff55 |
| SHA256 | 3658efbb825c2826d2c66de6fdfbdaaffdd1d053105eb7d547e34d3271a59948 |
| SHA512 | 61d9521200a86b583bff7ceafea793513ba34a5ae43309edabd9b19a52277752adcad1f0ddf5e33986511e75a2c9df0b13b9b520fed1d1ef8590644bd4483616 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.u8VYOX/hfnkpimlhhgieaddgfemjhofmfblmnib_9074_all_adjvqfek4twko2vgen2zmbplujca.crx3
| MD5 | ceb8dd68b274b6a1d766b6861e5d65cf |
| SHA1 | 9cc3ee94ebf6c007fe4fc2dcd48da53a5834fc8d |
| SHA256 | d2305812fd78ee9258889dd44054c1a3e3a68c94de56d072d28f112c6cad127b |
| SHA512 | a22d0b6bc0b7fddd3c8e5e48ea697aecb9fbce83f8eecf999b2f6f3de1c9f6693d6ba9b26b8904c2796926468c72d50dc8905a18ff46e7cdf036b4b0ac78db36 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.UYv0fN/1.0.0.17_llkgjffcdpffmhiakmfcdcblohccpfmo.crx
| MD5 | 72326a22c279498851ae0331f64c001d |
| SHA1 | ed2e9811491e6dcb047cdc5ff8c20f75091c1f99 |
| SHA256 | 2638e3c2d1fa1d417bfdc31dd21bc938f106d3b436a6488b41b014ca9e2b7541 |
| SHA512 | c5aa42964046f225db517a0d90ea73fb5503aa090ce54911df4519938d44cec0fe9ae55d0fb71d50124e11c77e212a7a766889ad775305beb6f8701663f4bcf8 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.NRnyaJ/7_all_sslErrorAssistant.crx3
| MD5 | 636c653ec2c30bb767533901a18669b2 |
| SHA1 | 4b5a01cfea4c5deb62f3aafa01ef24265613b844 |
| SHA256 | 3eb16d6c28b502ac4cfee8f4a148df05f4d93229fa36a71db8b08d06329ff18a |
| SHA512 | a4128fb20a5df9e573e92b45f5bc18dcdf4be6e7e39172d08847882f17361320141e89b35deef337e40c365d6f1ccdd1b991eb4593d805dfa2e39a5257c335ee |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.0Y2BoE/lmelglejhemejginpboagddgdfbepgmp_463_all_ZZ_j2yapcm2iwsjsw3vspibzp4cee.crx3
| MD5 | b2dafe25aea793b54de2becceb187c6d |
| SHA1 | c161e609d50f79ac43b26bc3ac501c06ee1f98b7 |
| SHA256 | e063c32d4a54071d6da859af231054da97b092113b2ba9fa61ef88bc5714c71a |
| SHA512 | 9e0f302be1762e886cc3891933276269905dd539b706bfc4a77bf97251409d3c1496495936531ad6c37f4309fa5f7e68c93fe973ad5fa8b82a3b60eac7f88305 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.lWd0Fv/efniojlnjndmcbiieegkicadnoecjjef_1058_all_hfpz5ydmlixvd7lke5wsryorhe.crx3
| MD5 | 6c23ff3c973337497f52d22da3a62309 |
| SHA1 | 234aee2926b7e27346da417269302061913af1cd |
| SHA256 | 4fa412c4286fa619d2b6acd056f082342865270fbddf5d2b9b035b971345ab92 |
| SHA512 | 73296fde8d93fde98df68c217ea51cf77e86a681dd28fb51e4dfc044ad7d7a1eead492c69282a3cbbf92c319e6648582d963950cd370953e868b744bf2ff87e2 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.LSFT9L/ggkkehgbnfjpeggfpleeakpidbkibbmn_2022.10.19.1145_all_ac7cecrzrmfngskhgmtk6zmhfjoa.crx3
| MD5 | cb79d407a4d6d8526b42060b9210b5c2 |
| SHA1 | 331e3d66e82e130042897faf86dcbd05d7b227f1 |
| SHA256 | e3a7322843834a5270a01c56533a34a24b1a253e3bda6f14046e10d818446165 |
| SHA512 | 0ea283f2077ff874e1f2518565497864b11fd8a65f03d65e2b2996048bdba19849fcab81d9a8220cd51d4a09741b9cf222b1393f6ea4fde6db76dfe0590efdf9 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.kPRx2g/jflookgnkcckhobaglndicnbbgbonegd_3040_all_j6kvwuv5hzxeixor5sxkklnez4.crx3
| MD5 | 74380408f0ea043c6c7b97ac9317a0a7 |
| SHA1 | f54af3671a592aa5948039563e358474e50886b4 |
| SHA256 | 2615170554f3293586bc51fabc3cbf3d6058b396f1bb0252eb4bf9c25e6481c0 |
| SHA512 | 7510500d90fc86956cfbcb1f5f207dd3ededf80ee04c2ab2f09838967d73872c51879b60edc35c7ecc8a53d49cf564e9c2fd51b263f04f846d149f3db941962c |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.XEW2Os/ojhpjlocmbogdgmfpkhlaaeamibhnphh_3_all_gplutbkdljxxbjolk3siq7kive.crx3
| MD5 | a40c655b337e082c76b6ab04042b7ae0 |
| SHA1 | 3cc2a2b7178a29fd2d246cbc532684d6ae45bea8 |
| SHA256 | 545666a4efd056351597bb386aea1368105ededc976ed5650d8682daab9f37ff |
| SHA512 | fb4d54b573eb2275d8a3580fff138ecd7bded27ec58086b909b12c03c8005e35105c354a4a1ff76ada608ee8bbabeaafe208bb9e557661bb74e4ca39ee5eee56 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.XEW2Os/ojhpjlocmbogdgmfpkhlaaeamibhnphh_3_all_gplutbkdljxxbjolk3siq7kive.crx3
| MD5 | 781f768f51dc1652f00d91306e25c1ec |
| SHA1 | 44dddd6ef7f8b2e62c7ec171fb94cf4806f19bed |
| SHA256 | 03e1246fc81af3ac91d6f75eea8815791e7c890d246c9185e87453c232ed08fb |
| SHA512 | ef66666e56782a2f486561d84fdcd4e58d221d2d2a5c0e039cfe97df31a12a08567c593e41777d7be9639b2f761ed0229a4cb9cc0e007a1c00e111ec6f436178 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.XEW2Os/ojhpjlocmbogdgmfpkhlaaeamibhnphh_3_all_gplutbkdljxxbjolk3siq7kive.crx3
| MD5 | b26f392ae0597f7e3a4d376f3405c6e5 |
| SHA1 | 83d9d208f8827cf8f258c1ca0899470e9c7e5bd7 |
| SHA256 | 940b25fdaa0e49313ae830139de42116db4e181338fa7770821f137f34ac19ca |
| SHA512 | 1e370d3b2abed9436f921c40e57f574a811d7017aecb0653e6ff345e1cb7677506400f3d043898943680962deff67dfd3982c23280c529685c71953557a2144d |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.mIICHO/obedbbhbpmojnkanicioggnmelmoomoc_20240820.666556390.14_all_ENGB500000_acda7d5uotvi57fa5lmqjnearu6q.crx3
| MD5 | 912bc60bd1a80b8242fbf6028173ad40 |
| SHA1 | 582e974160ec6297f716b4a05053b66d4b85da8e |
| SHA256 | e41124ae03f2d8481a13d01727ebfa3ecedf73ab2d825154fcaea11ca8f70709 |
| SHA512 | 75574aa3b01a498c1379922d8a141771f0b31481ebdbc3e5a0581ae466317a4250aa398158fb858def615fb22f98984185771510843c737bbfa7b7b8a33719a2 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.yxTsUA/imefjhfbkmcmebodilednhmaccmincoa_29.0_mac_bfqwqczv2chgncq7qnwqjby3my.crx3
| MD5 | 61e033f811f891a1b22ef73b73fed6e4 |
| SHA1 | 4c1d14e749141ac3aa9693162cd2d36547578628 |
| SHA256 | 09910025d2259eb7f63b70756c4e54819982085322b603ca6dae28ada0becaeb |
| SHA512 | c559b49e8122688ec3317c8ae5371afc9bf9bc2f19c3d3ba06d8bd637f85b8cee70e1aac95e29ce6cab96f03ece6e7314816a18731a437979964c852f1435d7d |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.yxTsUA/imefjhfbkmcmebodilednhmaccmincoa_29.0_mac_bfqwqczv2chgncq7qnwqjby3my.crx3
| MD5 | 139f57a5b90e72938b7b27a22dada03c |
| SHA1 | 9be5f522af63f54415313dd4b0895a9e7c3cf345 |
| SHA256 | 85243d8cb8b22817c4bcbd3cb8b260545f66c85e17207874112f779908017ada |
| SHA512 | aedc98f18f8598a17e8aad85c6d3bd59c8dfe212eb33127cf010581a5d8d356c407bb294dc2d0db6840edaaf22466b59ba57a1fa567231729dfd2dc8409a7625 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.yxTsUA/imefjhfbkmcmebodilednhmaccmincoa_29.0_mac_bfqwqczv2chgncq7qnwqjby3my.crx3
| MD5 | 97b331d819e8c51b2c4c1b4b8e450b19 |
| SHA1 | d16f4906afab3fa0c1c5d667bd945f6454d4426f |
| SHA256 | 5acd29b00cd4d49c34534c3d000045fc61e870edbbe360678fc62235b77de99e |
| SHA512 | 83fd21e3dcfe986b636b981dc3a74698239881c27982f824ce299b545d4502537f69899b464c08a2c8cd908978f461f0b532d120357be62f9ce7213a3b4c167a |
/var/root/Library/Application Support/Google/Chrome/ClientSidePhishing/29.0/visual_model.tflite
| MD5 | a9803d560544e4d1fe551b2c113c5370 |
| SHA1 | a998fdb1e80dbca61267db112812a7ee34b82dce |
| SHA256 | d38a4cda8912f9598b8701dac7d5ee90eff324ed1fb9d277b9784fe45a4e6c72 |
| SHA512 | 65b8b6ecfea2aeae95a39581c39476a54721e07ee7c296650ccddea29a09b29a11cab15fdc89f97295bd61423dc13a66666faca371200bcb459dc1f25b6c89fd |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.uEuoby/dhlpobdgcjafebgbbhjdnapejmpkgiie_20220505_all_adfdqqtvlhuhhtrt6irlkpynghca.crx3
| MD5 | 667e9eec04509aa9e2b318f580addd8c |
| SHA1 | 346267ecad10c54de52a3aeb766ea72449500326 |
| SHA256 | 0c24e9bd976adffa987e08fc54dc0950c84cf18f9cdb4c5caabc6acf24887c4f |
| SHA512 | a9d22d49290c164abf36dd7e887063ccdd2bf508eb2d16bbac6de749e5152805ecb38ca39352706150de29a76839fa6a56c084ea4f2757b61887b3a7912be917 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.nBTWd5/eeigpngbgcognadeebkilcpcaedhellh_2024.07.12.235938_all_a6r64uyugl6fjh3lupjqo6w7ai.crx3
| MD5 | 5e35055aa7583eb7c42b10833763abab |
| SHA1 | a8285a121e4cceb3cfb6b53827bd1cd3682af862 |
| SHA256 | 8814cb6cab024b119ab991ad7acd74f4df7bc68bbf86c0903c8be9852a5baa55 |
| SHA512 | 79006925696ac264d2801fd41fe632e5c2c9261a285d4e7a4368782f682cfadc6cac2b83835904a28c4734544b2b4230d720f81b7a2ee4c4782562a53858d952 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.68Dqwc/pdafiollngonhoadbmdoemagnfpdphbe_2021.08.17.1300_all_acatmzocbizfck6xlj6bync6egba.crx3
| MD5 | 49ead9b7d2b2ec477daba795de846db0 |
| SHA1 | 95c030a130b9171e8ba4dd35ba3ee93ea5fb2ddc |
| SHA256 | 54b93e249d02a0f9061e8f70866d4668a0260db9ae43483810ab78f97f3eaa2a |
| SHA512 | 661000c35e25564c6d76219a5fd327edff7287a29dae54b677a7399eb136d0c93f099eb00ea9d0b3c965d068ea505335bcd580931662aeea2c796588ba8ce049 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.eTWo6P/laoigpblnllgcgjnjnllmfolckpjlhki_1.0.7.1652906823_all_jtggsagwbg7dhs53nvq4e53lva.crx3
| MD5 | 91e1255f92fc76b16509bbd174a992b5 |
| SHA1 | 44cbc6b7b60470149850d375f2e2ae95cf1c012b |
| SHA256 | 29661be65c8fb50d3d4df2fe040a1cc6dd525f50a95850aae6a191301c3de744 |
| SHA512 | ac1588c003c345aaf9a7c4b5f2d338fdaba041dacd65db567ff8cc588b47e372863e44a4a87f611c1530fb42fdb1388814d3caccf8bb3498c7efe78fc321d9cf |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.GSCFu8/npdjjkjlcidkjlamlmmdelcjbcpdjocm_1.3.19.240_mac_adygwryqqyfdwvvjh32xxi6rilea.crx3
| MD5 | 91a8d56c19e60520cf00b78a506b87f0 |
| SHA1 | a794be44a680983ac0f87b1faedf064a65016623 |
| SHA256 | b158d145928f6c80d855f1fcc5b6813e73b7e14327d65fa9abb26c438e56bf29 |
| SHA512 | efe8b3be1ff7c30596230e091a5109b1328b3f603a4f3cad134ad99cf648b8b3a0dbdd79413f854a53dae4e1316862c6b6798660dd9f37283a97115905c65d06 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.1iwWJV/gonpemdgkjcecdgbnaabipppbmgfggbe_2024.08.10.00_all_ngbcdbf23y5deox6qfrqcyni5e.crx3
| MD5 | b22ee22c7bdc09a81df6804e2843ca2d |
| SHA1 | e8b4df8defd371e9af3e053681c7c54cabd29544 |
| SHA256 | dbf288588465463a914bdfc5e86d465fb3592b2f1261dc0e40fcc5c1adc8e7e4 |
| SHA512 | cfd33ea1156241d56157d5381c48be65e80290ac5bcb541c0aae0ebb3e8010bd6eba8f74c77a37a17acf9b5a1c2c0090b61b146385689344c34de4ff7c0c704f |
Analysis: behavioral18
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
ubuntu2404-amd64-20240523-en
Max time kernel
0s
Max time network
1510s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | pool-spawner | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | dconf worker | N/A | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/namespaces | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/ptrace | /snap/bin/firefox | N/A |
| File opened for reading | /sys/module/apparmor/parameters/enabled | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/io_uring | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/ipc | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/policy | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/query | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/signal | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/network_v8 | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/rlimit | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /usr/lib/snapd/snap-seccomp | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/domain | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/caps | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/file | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/mount | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/network | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/cgroups | /snap/bin/firefox | N/A |
| File opened for reading | /proc/2551/cgroup | /snap/bin/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/gsettings | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/gsettings | N/A |
| File opened for reading | /proc/sys/kernel/seccomp/actions_avail | /snap/bin/firefox | N/A |
| File opened for reading | /proc/2479/status | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/mountinfo | /snap/bin/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-launch | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/2495/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/sys/kernel/random/uuid | /snap/bin/firefox | N/A |
| File opened for reading | /proc/2479/attr/apparmor/current | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/gsettings | N/A |
| File opened for reading | /proc/self/mounts | /snap/bin/firefox | N/A |
| File opened for reading | /proc/cmdline | /snap/bin/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/2563/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/2473/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/2553/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
Processes
/usr/bin/xdg-open
[xdg-open https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/grep
[grep -q ^file://]
/usr/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/https]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep -l x-scheme-handler/https; /.local/share/applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/https; /usr/local/share//applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/https; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]
/usr/bin/grep
[grep -q %s]
/usr/bin/x-www-browser
[x-www-browser https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/bin/xdg-settings
[xdg-settings get default-web-browser]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/http]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep -l x-scheme-handler/http; /.local/share/applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/http; /usr/local/share//applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/http; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]
/usr/bin/gsettings
[gsettings get org.gnome.shell favorite-apps]
/usr/bin/grep
[grep -q 'firefox.desktop']
/usr/bin/gsettings
[gsettings get com.canonical.Unity.Launcher favorites]
/usr/bin/grep
[grep -q 'application://firefox.desktop']
/usr/bin/gsettings
[gsettings get org.mate.panel object-id-list]
/usr/bin/which
[which qdbus]
/snap/bin/firefox
[/snap/bin/firefox https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/lib/snapd/snap-seccomp
[/usr/lib/snapd/snap-seccomp version-info]
/usr/lib/snapd/snap-confine
[/usr/lib/snapd/snap-confine --base core22 snap.firefox.firefox /usr/lib/snapd/snap-exec firefox https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| GB | 96.17.179.201:80 | r10.o.lencr.org | tcp |
| GB | 96.17.179.201:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | steamcomnumnlty.ru | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozorg.moz.works | udp |
| GB | 143.204.72.186:443 | www.mozilla.org | tcp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| GB | 142.250.178.3:80 | o.pki.goog | tcp |
| GB | 142.250.178.3:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | normandy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | normandy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | normandy-cdn.services.mozilla.com | udp |
| US | 35.201.103.21:443 | normandy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 35.201.103.21:443 | normandy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| GB | 96.17.179.193:80 | r11.o.lencr.org | tcp |
| US | 8.8.8.8:53 | classify-client.services.mozilla.com | udp |
| US | 8.8.8.8:53 | classify-client.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod-classifyclient.normandy.prod.cloudops.mozgcp.net | udp |
| US | 34.98.75.36:443 | classify-client.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | www.wikipedia.org | udp |
| US | 1.1.1.1:53 | www.reddit.com | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | www.wikipedia.org | udp |
| US | 1.1.1.1:53 | www.reddit.com | udp |
| US | 1.1.1.1:53 | www.amazon.com | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | twitter.com | udp |
| US | 1.1.1.1:53 | twitter.com | udp |
| US | 1.1.1.1:53 | reddit.map.fastly.net | udp |
| US | 1.1.1.1:53 | www-amazon-com.customer.fastly.net | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | r10.o.lencr.org | udp |
| US | 1.1.1.1:53 | r10.o.lencr.org | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 34.36.165.17:443 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | tcp |
| US | 34.36.165.17:443 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | tcp |
| US | 1.1.1.1:53 | r11.o.lencr.org | udp |
| US | 1.1.1.1:53 | r11.o.lencr.org | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| GB | 104.86.110.200:80 | r11.o.lencr.org | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | www.steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | www.steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | shavar.prod.mozaws.net | udp |
| US | 1.1.1.1:53 | www.amazon.co.uk | udp |
| US | 1.1.1.1:53 | www.amazon.co.uk | udp |
| US | 1.1.1.1:53 | uk.hotels.com | udp |
| US | 1.1.1.1:53 | uk.hotels.com | udp |
| GB | 104.86.110.232:80 | r11.o.lencr.org | tcp |
| US | 1.1.1.1:53 | support.mozilla.org | udp |
| US | 1.1.1.1:53 | support.mozilla.org | udp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| GB | 18.245.162.100:443 | services.addons.mozilla.org | tcp |
| US | 1.1.1.1:53 | versioncheck-bg.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | versioncheck-bg.addons.mozilla.org | udp |
| US | 34.160.90.233:443 | versioncheck-bg.addons.mozilla.org | tcp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | r10.o.lencr.org | udp |
| US | 1.1.1.1:53 | a1887.dscq.akamai.net | udp |
| US | 34.160.90.233:443 | versioncheck-bg.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | addons.mozilla.org | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | addons.mozilla.org | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| GB | 13.224.132.29:443 | addons.mozilla.org | tcp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | r11.o.lencr.org | udp |
| US | 1.1.1.1:53 | r11.o.lencr.org | udp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| GB | 142.250.179.234:443 | safebrowsing.googleapis.com | tcp |
| US | 1.1.1.1:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | o.pki.goog | udp |
| US | 1.1.1.1:53 | o.pki.goog | udp |
| GB | 142.250.200.35:80 | o.pki.goog | tcp |
| GB | 88.221.135.98:80 | r11.o.lencr.org | tcp |
| GB | 88.221.135.98:80 | r11.o.lencr.org | tcp |
| GB | 142.250.179.234:443 | safebrowsing.googleapis.com | udp |
| US | 1.1.1.1:53 | getpocket.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | getpocket.com | udp |
| US | 1.1.1.1:53 | www.bbc.co.uk | udp |
| US | 1.1.1.1:53 | reddit.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.bbc.co.uk | udp |
| US | 1.1.1.1:53 | www.ebay.co.uk | udp |
| US | 1.1.1.1:53 | www.ebay.co.uk | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.bbc.com | udp |
| US | 1.1.1.1:53 | english.elpais.com | udp |
| US | 1.1.1.1:53 | gtm-live.pri.bbc.co.uk | udp |
| US | 1.1.1.1:53 | e11847.a.akamaiedge.net | udp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
| US | 1.1.1.1:53 | a459.dscr.akamai.net | udp |
| US | 1.1.1.1:53 | www.teenvogue.com | udp |
| US | 1.1.1.1:53 | www.teenvogue.com | udp |
| US | 1.1.1.1:53 | www.nationalgeographic.com | udp |
| US | 1.1.1.1:53 | www.nationalgeographic.com | udp |
| US | 1.1.1.1:53 | www-cdn.natgeofe.com | udp |
| US | 1.1.1.1:53 | www.thecut.com | udp |
| US | 1.1.1.1:53 | www.thecut.com | udp |
| US | 1.1.1.1:53 | greatergood.berkeley.edu | udp |
| US | 1.1.1.1:53 | greatergood.berkeley.edu | udp |
| US | 1.1.1.1:53 | vmtls-np.map.fastly.net | udp |
| US | 1.1.1.1:53 | mashable.com | udp |
| US | 1.1.1.1:53 | mashable.com | udp |
| US | 1.1.1.1:53 | theconversation.com | udp |
| US | 1.1.1.1:53 | theconversation.com | udp |
| US | 1.1.1.1:53 | thereader.mitpress.mit.edu | udp |
| US | 1.1.1.1:53 | www.vox.com | udp |
| US | 1.1.1.1:53 | www.vox.com | udp |
| US | 1.1.1.1:53 | n.sni.global.fastly.net | udp |
| US | 1.1.1.1:53 | www.smithsonianmag.com | udp |
| US | 1.1.1.1:53 | www.popsci.com | udp |
| US | 1.1.1.1:53 | www.popsci.com | udp |
| US | 1.1.1.1:53 | www.smithsonianmag.com.cdn.cloudflare.net | udp |
| US | 1.1.1.1:53 | www.theringer.com | udp |
| US | 1.1.1.1:53 | www.theringer.com | udp |
| US | 1.1.1.1:53 | vox-chorus.map.fastly.net | udp |
| US | 1.1.1.1:53 | metro.co.uk | udp |
| US | 1.1.1.1:53 | metro.co.uk | udp |
| US | 1.1.1.1:53 | www.realsimple.com | udp |
| US | 1.1.1.1:53 | www.realsimple.com | udp |
| US | 1.1.1.1:53 | k.sni.global.fastly.net | udp |
| US | 1.1.1.1:53 | faroutmagazine.co.uk | udp |
| US | 1.1.1.1:53 | faroutmagazine.co.uk | udp |
| US | 1.1.1.1:53 | www.fastcompany.com | udp |
| US | 1.1.1.1:53 | mansueto.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.esquire.com | udp |
| US | 1.1.1.1:53 | www.esquire.com | udp |
| US | 1.1.1.1:53 | inews.co.uk | udp |
| US | 1.1.1.1:53 | inews.co.uk | udp |
| US | 1.1.1.1:53 | hearst-hdm.map.fastly.net | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.59:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | _http._tcp.security.ubuntu.com | udp |
| US | 1.1.1.1:53 | _http._tcp.se.archive.ubuntu.com | udp |
| US | 1.1.1.1:53 | se.archive.ubuntu.com | udp |
| US | 1.1.1.1:53 | se.archive.ubuntu.com | udp |
| US | 1.1.1.1:53 | security.ubuntu.com | udp |
| US | 1.1.1.1:53 | security.ubuntu.com | udp |
| US | 91.189.91.82:80 | security.ubuntu.com | tcp |
| SE | 194.71.11.163:80 | se.archive.ubuntu.com | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | canonical-bos01.cdn.snapcraftcontent.com | udp |
| US | 1.1.1.1:53 | canonical-bos01.cdn.snapcraftcontent.com | udp |
| US | 91.189.91.43:443 | canonical-bos01.cdn.snapcraftcontent.com | tcp |
| US | 1.1.1.1:53 | canonical-lgw01.cdn.snapcraftcontent.com | udp |
| US | 1.1.1.1:53 | canonical-lgw01.cdn.snapcraftcontent.com | udp |
| GB | 185.125.190.28:443 | canonical-lgw01.cdn.snapcraftcontent.com | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.54:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.54:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | canonical-bos01.cdn.snapcraftcontent.com | udp |
| US | 91.189.91.43:443 | canonical-bos01.cdn.snapcraftcontent.com | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.59:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | canonical-lgw01.cdn.snapcraftcontent.com | udp |
| GB | 185.125.190.27:443 | canonical-lgw01.cdn.snapcraftcontent.com | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.54:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
android-x86-arm-20240624-en
Max time kernel
1783s
Max time network
1802s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 216.58.201.99:80 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 172.217.169.34:443 | tcp | |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
| GB | 172.217.169.14:443 | tcp | |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
| GB | 172.217.169.14:443 | tcp | |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.187.227:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| BE | 142.251.173.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
Files
files/dom-0.html
| MD5 | 7b5fb7114b3a4921c611d1a4863ff004 |
| SHA1 | 06597d2fa67c095ecbfcb83cdedd019066f4c240 |
| SHA256 | 7d93beae50419a20518e3d429d18950c4d1b00da0102b55820f033a4bbc45e3a |
| SHA512 | 79fb0fe28aa55bc22b20e29fc51f16160e77f9974fdaefa8c8b581464d88a98dd0f518a29684d9c51e28b787fdbdf9d3a101afb4d9bda4c324b16ff69915452f |
Analysis: behavioral10
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 06:52
Platform
debian12-armhf-20240221-en
Max time network
4s
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral11
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 06:52
Platform
debian12-mipsel-20240221-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral12
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 06:53
Platform
debian9-armhf-20240611-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral15
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
ubuntu1804-amd64-20240611-en
Max time kernel
1s
Max time network
1680s
Command Line
Signatures
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | /usr/lib/firefox/firefox | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1628/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1602/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1615/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/xdg-open
[xdg-open https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/bin/grep
[grep -q ^Enlightenment]
/bin/uname
[uname]
/bin/grep
[grep -q ^file://]
/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/https]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/bin/grep
[grep -q ^Enlightenment]
/bin/uname
[uname]
/bin/sed
[sed s/:/ /g]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/bin/sed
[sed s/:/ /g]
/bin/sed
[sed -e s|-|/|]
/bin/sed
[sed -e s|-|/|]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/which
[which firefox]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/firefox
[/usr/bin/firefox https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/bin/grep
[grep -q %s]
/usr/bin/x-www-browser
[x-www-browser https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/bin/which
[which /usr/bin/x-www-browser]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/bin/grep
[grep -q %s]
/usr/bin/firefox
[firefox https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 185.125.188.62:443 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| US | 151.101.129.91:443 | tcp | |
| US | 151.101.129.91:443 | tcp | |
| GB | 89.187.167.3:443 | tcp | |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.98:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.96:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 91.189.91.96:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.48:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.17:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 91.189.91.96:80 | connectivity-check.ubuntu.com | tcp |
Files
Analysis: behavioral17
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
ubuntu2204-amd64-20240611-en
Max time kernel
0s
Max time network
896s
Command Line
Signatures
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/module/apparmor/parameters/enabled | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1573/attr/apparmor/current | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/1589/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/1568/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1573/status | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
Processes
/usr/bin/xdg-open
[xdg-open https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/grep
[grep -q ^file://]
/usr/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/https]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/sed
[sed -e s|-|/|]
/usr/bin/sed
[sed -e s|-|/|]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/which
[which firefox]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/firefox
[/usr/bin/firefox https://steamcomnumnlty.ru/app/1643320/STALKER_1_Heart_of_Chornobyl]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
/root/.dbus/session-bus/f2de92a803c744e586bd87567a26b68a-0
| MD5 | 83f07e5be31bf27ec762d31152db8d82 |
| SHA1 | be330c434ad1b3a205021662a2e58ddd0fbc4b43 |
| SHA256 | 87532aaf00f80057449450949bfb38719c01bc366ef0151d0606620b61bd4fda |
| SHA512 | 5d19b7d53ad65d0ac72a1d2cf9fa814f52e5044368c682f4dd712b92733cb3aff8dcc4cc0a077e4b549330be44d314548196c759bc9d73c23544ddfadef21711 |
Analysis: behavioral7
Detonation Overview
Submitted
2024-08-31 06:52
Reported
2024-08-31 07:22
Platform
android-33-x64-arm64-20240624-en
Max time kernel
1796s
Max time network
1803s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.36:443 | udp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.36:443 | udp | |
| GB | 142.250.200.36:443 | udp | |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.36:443 | tcp | |
| GB | 216.58.213.10:443 | tcp | |
| US | 172.64.41.3:443 | tcp | |
| US | 162.159.61.3:443 | tcp | |
| US | 162.159.61.3:443 | tcp | |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | remoteprovisioning.googleapis.com | udp |
| GB | 216.58.212.234:443 | remoteprovisioning.googleapis.com | tcp |
| US | 1.1.1.1:53 | gmscompliance-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.213.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | rcs-acs-tmo-us.jibe.google.com | udp |
| US | 216.239.36.155:443 | rcs-acs-tmo-us.jibe.google.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.187.227:443 | update.googleapis.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| GB | 142.250.200.36:443 | tcp | |
| GB | 216.58.204.68:443 | tcp | |
| GB | 216.58.204.68:443 | tcp | |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| GB | 216.58.212.227:443 | update.googleapis.com | tcp |
| GB | 216.58.212.227:443 | udp | |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 1.1.1.1:53 | gmscompliance-pa.googleapis.com | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| GB | 172.217.169.4:443 | udp | |
| GB | 142.250.180.2:443 | tcp | |
| GB | 216.58.204.78:443 | google.com | tcp |
| GB | 142.250.180.2:443 | tcp | |
| GB | 142.250.180.2:443 | tcp | |
| US | 216.239.32.36:443 | tcp | |
| GB | 216.58.213.6:443 | tcp | |
| GB | 172.217.16.226:443 | tcp | |
| GB | 142.250.179.225:443 | tcp | |
| GB | 142.250.179.225:443 | tcp | |
| GB | 142.250.179.225:443 | tcp | |
| GB | 142.250.179.225:443 | tcp | |
| GB | 142.250.179.225:443 | tcp | |
| GB | 142.250.179.225:443 | tcp | |
| GB | 216.58.201.106:443 | gmscompliance-pa.googleapis.com | tcp |
| GB | 172.217.169.4:443 | udp | |
| GB | 172.217.169.4:443 | udp | |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| GB | 172.217.169.4:443 | udp | |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| GB | 142.250.187.196:443 | udp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.169.4:443 | www.google.com | tcp |
| GB | 172.217.169.4:443 | www.google.com | tcp |
| GB | 172.217.169.4:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | udp | |
| GB | 142.250.187.196:443 | udp | |
| GB | 142.250.187.196:443 | udp | |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| GB | 142.250.178.4:443 | udp | |
| GB | 142.250.178.4:443 | udp | |
| GB | 142.250.178.4:443 | udp | |
| GB | 142.250.178.4:443 | udp | |
| GB | 142.250.178.4:443 | udp | |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | steamcomnumnlty.ru | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.212.228:443 | www.google.com | tcp |
| GB | 216.58.212.228:443 | www.google.com | tcp |
| GB | 216.58.212.228:443 | www.google.com | tcp |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | udp | |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| GB | 216.58.212.228:443 | www.google.com | udp |
| GB | 216.58.212.228:443 | www.google.com | udp |
| GB | 216.58.212.228:443 | www.google.com | udp |
| GB | 216.58.212.228:443 | www.google.com | udp |
| GB | 216.58.212.228:443 | www.google.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | udp | |
| BE | 74.125.133.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.169.68:443 | www.google.com | tcp |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | udp |
Files
files/dom-0.html
| MD5 | bc7f919a5e6f242f5b9c16befb1f7dbd |
| SHA1 | 7156ace20d77fbc10fc5614d585a2f373deecd68 |
| SHA256 | 1ec896d62f34c4d01150d31d1f11c2d37b07d3855c032ebb3d199ef5e0785a56 |
| SHA512 | 1fc18733f49d7efe01b70e8947eb86290235e08e17368304461a49d24ac90ad4e31b4bfb9f2e717d2fd046c6d9a7fbe8e1590f7eb24bf7ec22c880f3aec0c331 |