Malware Analysis Report

2025-01-23 15:01

Sample ID 240831-reeh8sxdrb
Target https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5
Tags
antivm discovery
score
5/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
5/10

Threat Level: Likely benign

The file https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5 was found to be: Likely benign.

Malicious Activity Summary

antivm discovery

Drops file in System32 directory

Drops file in Windows directory

Changes its process name

Checks CPU configuration

Reads CPU attributes

Browser Information Discovery

Writes file to tmp directory

Reads runtime system information

Enumerates kernel/hardware configuration

Suspicious use of WriteProcessMemory

Checks memory information

Checks CPU information

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-31 14:06

Signatures

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:21

Platform

macos-20240711.1-en

Max time kernel

1602s

Max time network

1800s

Command Line

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5"]

Signatures

N/A

Processes

/bin/sh

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5"]

/bin/bash

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5"]

/usr/bin/sudo

[sudo /bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/zsh

[/bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump]

/usr/sbin/spindump

[/usr/sbin/spindump]

/usr/libexec/xpcproxy

[xpcproxy com.apple.diagnosticd]

/usr/libexec/diagnosticd

[/usr/libexec/diagnosticd]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 46.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 lb._dns-sd._udp.0.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 41-courier.push.apple.com udp
US 8.8.8.8:53 7.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 6.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 10.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 23.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 34-courier.push.apple.com udp
US 8.8.8.8:53 11.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 29-courier.push.apple.com udp
US 8.8.8.8:53 40-courier.push.apple.com udp
US 8.8.8.8:53 45.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 38-courier.push.apple.com udp
US 8.8.8.8:53 23.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 31.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 46-courier.push.apple.com udp
US 8.8.8.8:53 36.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 43.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 50-courier.push.apple.com udp
US 8.8.8.8:53 22-courier.push.apple.com udp
US 8.8.8.8:53 29.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 7.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 15.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 6.courier-push-apple.com.akadns.net udp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:24

Platform

ubuntu2204-amd64-20240611-en

Max time kernel

0s

Max time network

970s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/module/apparmor/parameters/enabled /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/1594/attr/apparmor/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/1589/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/1594/status /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/1610/cmdline /usr/bin/dbus-daemon N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 _http._tcp.security.ubuntu.com udp
US 8.8.8.8:53 _http._tcp.se.archive.ubuntu.com udp
US 1.1.1.1:53 _http._tcp.security.ubuntu.com udp
US 1.1.1.1:53 _http._tcp.se.archive.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 se.archive.ubuntu.com udp
US 1.1.1.1:53 se.archive.ubuntu.com udp
US 91.189.91.81:80 security.ubuntu.com tcp
SE 194.71.11.163:80 se.archive.ubuntu.com tcp
US 1.1.1.1:53 _http._tcp.chuangtzu.ftp.acc.umu.se udp
US 1.1.1.1:53 chuangtzu.ftp.acc.umu.se udp
US 1.1.1.1:53 chuangtzu.ftp.acc.umu.se udp
SE 194.71.11.167:80 chuangtzu.ftp.acc.umu.se tcp
US 1.1.1.1:53 _http._tcp.gemmei.ftp.acc.umu.se udp
US 1.1.1.1:53 gemmei.ftp.acc.umu.se udp
US 1.1.1.1:53 gemmei.ftp.acc.umu.se udp
SE 194.71.11.137:80 gemmei.ftp.acc.umu.se tcp
US 1.1.1.1:53 _http._tcp.saimei.ftp.acc.umu.se udp
US 8.8.8.8:53 _http._tcp.saimei.ftp.acc.umu.se udp
US 8.8.8.8:53 saimei.ftp.acc.umu.se udp
US 8.8.8.8:53 saimei.ftp.acc.umu.se udp
SE 194.71.11.138:80 saimei.ftp.acc.umu.se tcp
US 1.1.1.1:53 _http._tcp.saimei.ftp.acc.umu.se udp
US 8.8.8.8:53 _http._tcp.saimei.ftp.acc.umu.se udp
US 1.1.1.1:53 _http._tcp.saimei.ftp.acc.umu.se udp
US 8.8.8.8:53 _http._tcp.saimei.ftp.acc.umu.se udp
SE 194.71.11.137:80 gemmei.ftp.acc.umu.se tcp

Files

/root/.dbus/session-bus/f2de92a803c744e586bd87567a26b68a-0

MD5 d2f4ea9813ee96b244f4940b49f55d1d
SHA1 aa18da76a2cb7e197ab250b5d90801847546e646
SHA256 ecfa7770fa5a080d3643862dd527ab3f181966a6a69ca93ce505698a82ffaaed
SHA512 93203a5b8507868964dfe3418bf58ab303591cb3374c9a680b7de7b9fc2a0bc832ac7bb780954ffce962ed21dca1f18cf0cd985858b562a8a94366392cacf173

Analysis: behavioral13

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:25

Platform

ubuntu2404-amd64-20240523-en

Max time kernel

0s

Max time network

1795s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself pool-spawner N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself dconf worker N/A N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/network_v8 /snap/bin/firefox N/A
File opened for reading /sys/module/apparmor/parameters/enabled /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/caps /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/domain /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/mount /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/namespaces /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/query /snap/bin/firefox N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/file /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/io_uring /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/network /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/policy /snap/bin/firefox N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /usr/lib/snapd/snap-seccomp N/A
File opened for reading /sys/kernel/security/apparmor/features /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/ipc /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/ptrace /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/rlimit /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/signal /snap/bin/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/mounts /snap/bin/firefox N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/2525/attr/apparmor/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/2541/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-launch N/A
File opened for reading /proc/2520/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/2594/cgroup /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/cmdline /snap/bin/firefox N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/sys/kernel/seccomp/actions_avail /snap/bin/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/cgroups /snap/bin/firefox N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/2525/status /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2596/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/sys/kernel/random/uuid /snap/bin/firefox N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2606/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/mountinfo /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/https; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/xdg-settings

[xdg-settings get default-web-browser]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/http; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/gsettings

[gsettings get org.gnome.shell favorite-apps]

/usr/bin/grep

[grep -q 'firefox.desktop']

/usr/bin/gsettings

[gsettings get com.canonical.Unity.Launcher favorites]

/usr/bin/grep

[grep -q 'application://firefox.desktop']

/usr/bin/gsettings

[gsettings get org.mate.panel object-id-list]

/usr/bin/which

[which qdbus]

/snap/bin/firefox

[/snap/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/lib/snapd/snap-seccomp

[/usr/lib/snapd/snap-seccomp version-info]

/usr/lib/snapd/snap-confine

[/usr/lib/snapd/snap-confine --base core22 snap.firefox.firefox /usr/lib/snapd/snap-exec firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 webminer.pages.dev udp
US 8.8.8.8:53 webminer.pages.dev udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozilla.org udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 r10.o.lencr.org udp
US 8.8.8.8:53 r10.o.lencr.org udp
GB 88.221.134.137:80 r10.o.lencr.org tcp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 172.66.44.158:443 webminer.pages.dev udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 8.8.8.8:53 r11.o.lencr.org udp
US 8.8.8.8:53 r11.o.lencr.org udp
GB 88.221.135.115:80 r11.o.lencr.org tcp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 uk.hotels.com udp
US 1.1.1.1:53 uk.hotels.com udp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.amazon.co.uk udp
US 1.1.1.1:53 www.amazon.co.uk udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.reddit.com udp
US 1.1.1.1:53 www.reddit.com udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 www.ebay.co.uk udp
US 1.1.1.1:53 www.ebay.co.uk udp
US 1.1.1.1:53 gtm-live.pri.bbc.co.uk udp
US 1.1.1.1:53 reddit.map.fastly.net udp
US 1.1.1.1:53 e11847.a.akamaiedge.net udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozorg.moz.works udp
GB 143.204.72.186:443 www.mozilla.org tcp
GB 143.204.72.186:443 www.mozilla.org tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 o.pki.goog udp
US 1.1.1.1:53 o.pki.goog udp
GB 142.250.187.227:80 o.pki.goog tcp
GB 142.250.187.227:80 o.pki.goog tcp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app udp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app tcp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app udp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 r11.o.lencr.org udp
US 1.1.1.1:53 r11.o.lencr.org udp
US 1.1.1.1:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.smithsonianmag.com udp
US 1.1.1.1:53 www.smithsonianmag.com udp
US 1.1.1.1:53 www.fastcompany.com udp
US 1.1.1.1:53 www.fastcompany.com udp
US 1.1.1.1:53 www.mozorg.moz.works udp
US 1.1.1.1:53 mansueto.map.fastly.net udp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 r10.o.lencr.org udp
US 8.8.8.8:53 r10.o.lencr.org udp
GB 88.221.135.98:80 r10.o.lencr.org tcp
GB 88.221.135.98:80 r10.o.lencr.org tcp
GB 88.221.135.98:80 r10.o.lencr.org tcp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 normandy-cdn.services.mozilla.com udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 35.201.103.21:443 normandy.cdn.mozilla.net tcp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 8.8.8.8:53 classify-client.services.mozilla.com udp
US 8.8.8.8:53 r11.o.lencr.org udp
US 8.8.8.8:53 r11.o.lencr.org udp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 theconversation.com udp
US 8.8.8.8:53 theconversation.com udp
US 8.8.8.8:53 www.popsci.com udp
US 8.8.8.8:53 www.popsci.com udp
GB 88.221.135.115:80 r10.o.lencr.org tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 www.wired.com udp
US 8.8.8.8:53 greatergood.berkeley.edu udp
US 8.8.8.8:53 greatergood.berkeley.edu udp
US 8.8.8.8:53 www.wired.com udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 prod-classifyclient.normandy.prod.cloudops.mozgcp.net udp
US 34.98.75.36:443 classify-client.services.mozilla.com tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 www.esquire.com udp
US 1.1.1.1:53 www.esquire.com udp
US 1.1.1.1:53 www.nationalgeographic.com udp
US 1.1.1.1:53 www.nationalgeographic.com udp
US 1.1.1.1:53 hearst-hdm.map.fastly.net udp
US 1.1.1.1:53 www-cdn.natgeofe.com udp
US 1.1.1.1:53 r11.o.lencr.org udp
GB 104.86.110.232:80 r11.o.lencr.org tcp
GB 104.86.110.232:80 r11.o.lencr.org tcp
GB 104.86.110.232:80 r11.o.lencr.org tcp
US 1.1.1.1:53 a1887.dscq.akamai.net udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 www.realsimple.com udp
US 1.1.1.1:53 www.parents.com udp
US 1.1.1.1:53 www.parents.com udp
US 1.1.1.1:53 k.sni.global.fastly.net udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 metro.co.uk udp
US 1.1.1.1:53 metro.co.uk udp
US 1.1.1.1:53 faroutmagazine.co.uk udp
US 1.1.1.1:53 faroutmagazine.co.uk udp
US 8.8.8.8:53 www-cdn.natgeofe.com udp
US 8.8.8.8:53 hearst-hdm.map.fastly.net udp
US 8.8.8.8:53 r11.o.lencr.org udp
US 8.8.8.8:53 news.sky.com udp
US 8.8.8.8:53 news.sky.com udp
US 8.8.8.8:53 www.bbc.com udp
US 8.8.8.8:53 www.bbc.com udp
US 8.8.8.8:53 e10653.e12.akamaiedge.net udp
US 8.8.8.8:53 bbc.map.fastly.net udp
US 8.8.8.8:53 inews.co.uk udp
US 8.8.8.8:53 inews.co.uk udp
US 8.8.8.8:53 www.thecut.com udp
US 8.8.8.8:53 www.thecut.com udp
US 8.8.8.8:53 vmtls-np.map.fastly.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 www.vox.com udp
US 8.8.8.8:53 mashable.com udp
US 8.8.8.8:53 n.sni.global.fastly.net udp
US 8.8.8.8:53 mashable.com udp
US 8.8.8.8:53 services.addons.mozilla.org udp
US 8.8.8.8:53 services.addons.mozilla.org udp
DE 52.222.236.23:443 services.addons.mozilla.org tcp
US 8.8.8.8:53 versioncheck-bg.addons.mozilla.org udp
US 8.8.8.8:53 versioncheck-bg.addons.mozilla.org udp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org tcp
US 8.8.8.8:53 thereader.mitpress.mit.edu udp
US 8.8.8.8:53 www.theringer.com udp
US 8.8.8.8:53 vox-chorus.map.fastly.net udp
US 8.8.8.8:53 e9566.dscb.akamaiedge.net udp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org udp
US 8.8.8.8:53 addons.mozilla.org udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 addons.mozilla.org udp
DE 18.173.205.55:443 addons.mozilla.org tcp
US 8.8.8.8:53 safebrowsing.googleapis.com udp
US 8.8.8.8:53 safebrowsing.googleapis.com udp
GB 142.250.179.234:443 safebrowsing.googleapis.com tcp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
GB 142.250.178.3:80 o.pki.goog tcp
GB 142.250.179.234:443 safebrowsing.googleapis.com udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.58:443 api.snapcraft.io tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
GB 185.125.190.26:443 canonical-lgw01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 91.189.91.42:443 canonical-bos01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp
US 8.8.8.8:53 _http._tcp.se.archive.ubuntu.com udp
US 8.8.8.8:53 _http._tcp.security.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
US 91.189.91.81:80 security.ubuntu.com tcp
SE 194.71.11.163:80 se.archive.ubuntu.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.58:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 91.189.91.43:443 canonical-bos01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
GB 185.125.190.28:443 canonical-lgw01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:21

Platform

android-x64-20240624-en

Max time kernel

1656s

Max time network

1789s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 accounts.google.com udp
BE 108.177.15.84:443 accounts.google.com tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.201.99:443 update.googleapis.com tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp
GB 216.58.201.106:443 tcp
GB 216.58.204.67:443 tcp
GB 216.58.204.66:443 tcp
GB 216.58.204.67:443 tcp
GB 216.58.204.67:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.200.35:443 update.googleapis.com tcp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
BE 74.125.71.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp

Files

files/dom-0.html

MD5 820548ac31fabba84f9e196945305158
SHA1 77c12f08a98d2e21816c529e1bb598b7f4fdbdc9
SHA256 54bb63bba08f821f37e86cc133a496eaf6e3d2152de3a1f26cdcc21c3098cf9f
SHA512 ff9ab8f7da0ed08c1557526788592346da289b087d5bbb599fb28f568aa681715e79853c7d8f8dc5e0a5b70f2a30ab355d52dbac1f2597ccc55603bcb989ed74

Analysis: behavioral8

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:21

Platform

android-x86-arm-20240624-en

Max time kernel

1788s

Max time network

1801s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.200.3:443 update.googleapis.com tcp
GB 216.58.201.110:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
GB 142.250.178.10:443 tcp
GB 216.58.201.99:80 tcp
GB 142.250.179.228:443 tcp
GB 142.250.200.34:443 tcp
GB 216.58.201.99:443 tcp
GB 142.250.187.206:443 tcp
GB 216.58.201.99:443 tcp
GB 142.250.187.206:443 tcp
GB 216.58.201.99:443 tcp
GB 216.58.201.99:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.201.99:443 update.googleapis.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
BE 142.251.168.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 216.58.212.206:443 tcp

Files

files/dom-0.html

MD5 820548ac31fabba84f9e196945305158
SHA1 77c12f08a98d2e21816c529e1bb598b7f4fdbdc9
SHA256 54bb63bba08f821f37e86cc133a496eaf6e3d2152de3a1f26cdcc21c3098cf9f
SHA512 ff9ab8f7da0ed08c1557526788592346da289b087d5bbb599fb28f568aa681715e79853c7d8f8dc5e0a5b70f2a30ab355d52dbac1f2597ccc55603bcb989ed74

Analysis: behavioral10

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:22

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

1s

Max time network

1682s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1594/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/task/1581/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/task/1607/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/grep

[grep -q ^file://]

/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/bin/sed

[sed s/:/ /g]

/bin/sed

[sed -e s|-|/|]

/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/x-www-browser]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/usr/bin/firefox

[firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.193.91:443 tcp
US 151.101.193.91:443 tcp
GB 195.181.164.14:443 tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.18:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.48:80 connectivity-check.ubuntu.com tcp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:22

Platform

ubuntu2004-amd64-20240508-en

Max time kernel

1799s

Max time network

1793s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself glxtest:disk$0 N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-/usr/libex N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo /usr/lib/firefox/firefox N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/online /usr/bin/nautilus N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/class /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/class /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/glxtest N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/fd/106 /usr/lib/firefox/firefox N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/gnome-keyring-daemon N/A
File opened for reading /proc/1796/cgroup /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/self/fd/109 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1492/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1824/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/1625/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd /usr/libexec/gvfsd N/A
File opened for reading /proc/1427/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/libexec/goa-identity-service N/A
File opened for reading /proc/1593/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1574/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/90 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1490/root /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1786/status /usr/bin/gnome-keyring-daemon N/A
File opened for reading /proc/1411/attr/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/mounts /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-afc-volume-monitor N/A
File opened for reading /proc/self/fd /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/103 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/113 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfsd-trash N/A
File opened for reading /proc/self/fd/55 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1741/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1831/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1628/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-permission-store N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd-trash N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/114 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/glxtest N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/1820/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/108 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/dconf-service N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/77 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/56 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/32 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/112 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1796/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/84 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/111 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1813/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1490/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/task/1742/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1/cgroup /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd-fuse N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A
File opened for modification /tmp/tmpaddon /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/lib/firefox/glxtest

[/usr/lib/firefox/glxtest -f 13]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 21691 -prefMapSize 235269 -appDir /usr/lib/firefox/browser {9260269b-a161-43e0-9a2c-5bc98783b612} 1490 true socket]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/libexec/gvfsd

[/usr/libexec/gvfsd]

/usr/libexec/gvfsd-fuse

[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]

/usr/libexec/dconf-service

[/usr/libexec/dconf-service]

/usr/bin/nautilus

[/usr/bin/nautilus --gapplication-service]

/usr/libexec/gvfsd-trash

[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 20430 -prefMapSize 235269 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {82c1e484-ece1-423b-acdd-042e8d1a6edf} 1490 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 26506 -prefMapSize 235269 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {29974acd-1417-4b13-9167-5d40b60c74f1} 1490 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -sandboxingKind 0 -prefsLen 27302 -prefMapSize 235269 -appDir /usr/lib/firefox/browser {1fa2f2f5-f232-4aab-8fb4-f8c4526a40a4} 1490 true utility]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 25395 -prefMapSize 235269 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {485d9f15-1e11-48d6-beab-f87c02868b02} 1490 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 25395 -prefMapSize 235269 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {661485e1-6617-4924-86da-f2b07ae8043e} 1490 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 25395 -prefMapSize 235269 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {fe6b6938-35be-4796-9672-d81dafa3fc8c} 1490 true tab]

/usr/bin/gnome-keyring-daemon

[/usr/bin/gnome-keyring-daemon --start --foreground --components=secrets]

/usr/libexec/gvfs-udisks2-volume-monitor

[/usr/libexec/gvfs-udisks2-volume-monitor]

/usr/libexec/gvfs-afc-volume-monitor

[/usr/libexec/gvfs-afc-volume-monitor]

/usr/libexec/gvfs-mtp-volume-monitor

[/usr/libexec/gvfs-mtp-volume-monitor]

/usr/libexec/gvfs-gphoto2-volume-monitor

[/usr/libexec/gvfs-gphoto2-volume-monitor]

/usr/libexec/gvfs-goa-volume-monitor

[/usr/libexec/gvfs-goa-volume-monitor]

/usr/libexec/goa-daemon

[/usr/libexec/goa-daemon]

/usr/libexec/goa-identity-service

[/usr/libexec/goa-identity-service]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 172.66.44.158:443 webminer.pages.dev udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.17:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.18:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.97:80 connectivity-check.ubuntu.com tcp

Files

/tmp/tmpaddon

MD5 30082ae40dc48af6343db2fd22cfc645
SHA1 3eb577555ee638e8beb01173e8f29e172747a728
SHA256 85d4b95f9b2075daee9b0e64bce8d9d7343d0dda10e6072d7f9485a68472ee76
SHA512 53a58bfb4c8124ad4f7655b99bfdea290033a085e0796b19245b33b91c0948fdac9f0c3e817130b352493a65d9a7a0fc8a7c1eedc618cdaa2b4580734a11cd9c

Analysis: behavioral7

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:22

Platform

android-33-x64-arm64-20240624-en

Max time kernel

1797s

Max time network

1805s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

com.android.chrome

Network

Country Destination Domain Proto
GB 142.250.200.36:443 udp
GB 142.250.200.36:443 udp
GB 142.250.200.36:443 udp
GB 142.250.200.36:443 tcp
N/A 224.0.0.251:5353 udp
GB 216.58.213.10:443 tcp
US 172.64.41.3:443 tcp
US 162.159.61.3:443 tcp
US 162.159.61.3:443 tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
US 1.1.1.1:53 gmscompliance-pa.googleapis.com udp
GB 216.58.201.106:443 gmscompliance-pa.googleapis.com tcp
US 172.66.44.158:443 webminer.pages.dev udp
US 1.1.1.1:53 accounts.google.com udp
GB 173.194.76.84:443 accounts.google.com tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
GB 142.250.200.4:443 www.google.com tcp
US 1.1.1.1:53 rcs-acs-tmo-us.jibe.google.com udp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
US 172.64.41.3:443 chrome.cloudflare-dns.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
GB 142.250.200.36:443 tcp
GB 216.58.204.68:443 tcp
GB 216.58.204.68:443 tcp
US 1.1.1.1:53 gmscompliance-pa.googleapis.com udp
GB 142.250.180.2:443 tcp
GB 216.58.204.78:443 tcp
GB 142.250.180.2:443 tcp
GB 142.250.180.2:443 tcp
US 216.239.32.36:443 tcp
GB 216.58.213.6:443 tcp
GB 172.217.16.226:443 tcp
GB 142.250.178.10:443 gmscompliance-pa.googleapis.com tcp
GB 142.250.179.225:443 tcp
GB 142.250.179.225:443 tcp
GB 142.250.179.225:443 tcp
GB 142.250.179.225:443 tcp
GB 142.250.179.225:443 tcp
GB 142.250.179.225:443 tcp
GB 216.58.201.99:443 tcp
GB 216.58.201.99:443 tcp
GB 216.58.201.106:443 gmscompliance-pa.googleapis.com tcp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.4:443 www.google.com tcp
GB 142.250.178.10:443 gmscompliance-pa.googleapis.com tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.204.68:443 www.google.com tcp
GB 216.58.204.68:443 www.google.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com udp
US 162.159.61.3:443 chrome.cloudflare-dns.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
GB 142.250.187.195:443 update.googleapis.com udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:21

Platform

win10-20240404-en

Max time kernel

1799s

Max time network

1801s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695895075728660" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4180 wrote to memory of 2796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 3036 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 3036 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4180 wrote to memory of 4276 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff935d89758,0x7ff935d89768,0x7ff935d89778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1532 --field-trial-handle=1876,i,4298569301735556141,12755542350553359388,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1860 --field-trial-handle=1876,i,4298569301735556141,12755542350553359388,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2104 --field-trial-handle=1876,i,4298569301735556141,12755542350553359388,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2856 --field-trial-handle=1876,i,4298569301735556141,12755542350553359388,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2864 --field-trial-handle=1876,i,4298569301735556141,12755542350553359388,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 --field-trial-handle=1876,i,4298569301735556141,12755542350553359388,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4508 --field-trial-handle=1876,i,4298569301735556141,12755542350553359388,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1876,i,4298569301735556141,12755542350553359388,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 98.47.66.172.in-addr.arpa udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 88.221.134.137:80 apps.identrust.com tcp
US 8.8.8.8:53 190.79.22.104.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 137.134.221.88.in-addr.arpa udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
N/A 224.0.0.251:5353 udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 104.246.116.51.in-addr.arpa udp
NL 52.142.223.178:80 tcp
US 8.8.8.8:53 57.110.18.2.in-addr.arpa udp

Files

\??\pipe\crashpad_4180_HOENMIMFOHITEYKZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b1493ae9e5812fe159cf4adf402605cd
SHA1 4e462b2fb0fd5be56ef3c0563c1b144e33119e31
SHA256 e7ffd56e8443ce5949dcc3512143bb395e010246950ac86921797df31e58cbe6
SHA512 c95428b3dd80694c9b6ac8d7f257d778ef2a757cb2d60036b1fd74cbef2328c6285ce2c2c803c2f211bc1ba30f7399efcecc1f884259a71dd5d8886d11b6fe5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 77a8921e26360a37e948a553864da02c
SHA1 99ce20a041e36f0a7480eae3fbdbe9fe1044a750
SHA256 59c04c02aa4a8e09ce0b74936324b91012093a459a84b3d027ca76b6ba167062
SHA512 e4bf189f1b69fcfe0bf40343fb24a640ce5de7bc8329ba3ed7acbf385bf55d90124d588b2d9a91b80b087870e4906bbc2239c6b4cfe24a8a71d3e8d91589ae3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fe4d67422242601f297b0323792f0a3d
SHA1 4a393c68676cd9d1fc864693d75956d08bc119b2
SHA256 65febd3472976f27af5296de56fa9747be8b0af9129e793ba557e1a02fdd20fe
SHA512 da73994ece3a06367d1d8e3c169a3e656702556b2dca339d6fff0cc21a8dab6a80ba18819900aac6a59a78a5d77f3c9203e9e783eeb7aa9353c8751b41b11069

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a8a1c59295f1fd25e9bef442f98d1762
SHA1 0243745a4d49a98b8047b398fa2e57233d3d495a
SHA256 ed5bd015bd15af47e2173f136abcf8196b0ada25c8374c23beb0538f84b48aa6
SHA512 499ea31dea88b9552d66715b1d5e19928ba2b54fe328ea95543797108ce7950526bf4a2e513d1350d8c9c365dc130e70cc03ff1c18b6eddd90a37bb23c1dd3ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1ae904882bd765759fab15ca6bfe187
SHA1 b28120a93a0da53d827c2c458b863faf874fd904
SHA256 9d28e9c12b7f30af951fc6ea51b8632edfd8f7a48ed23272e3b8bb6e5fddac1f
SHA512 2a3440be73c307b05c13ce38950dcf799d5fc0efe2c0079ffeb974c481755d02a121ca3f412cf82a82f015c54bb1828cf098e6d1a9a2b07c258851937dc1b703

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d3fce683742682300ba368137cac3171
SHA1 c274b6aff1d8bfd7895bd1a436202910e4b1b2f4
SHA256 e09e97eb2a3a6e6ab2931fabcec571c9f9f4b2ddcc56970a3e8196e5bc0da466
SHA512 72f336e4180b20190cac116cae937f87ed6fe9104cf746f845464dbc4e7ae5c789ffb0c2dbd59db5391a7512275a5d3d6e12d36bd10cf17be1f18cce7f6230fb

Analysis: behavioral4

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:21

Platform

win11-20240802-en

Max time kernel

1800s

Max time network

1800s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695895201611257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1940 wrote to memory of 4792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 4792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 4484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 4484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1940 wrote to memory of 2192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe3997cc40,0x7ffe3997cc4c,0x7ffe3997cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1820,i,9562962026660170978,12649129439174301634,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1816 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2088,i,9562962026660170978,12649129439174301634,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2104 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2144,i,9562962026660170978,12649129439174301634,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2320 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3048,i,9562962026660170978,12649129439174301634,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3088 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3076,i,9562962026660170978,12649129439174301634,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3240 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4720,i,9562962026660170978,12649129439174301634,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4736 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4756,i,9562962026660170978,12649129439174301634,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=952 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
GB 216.58.212.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
N/A 224.0.0.251:5353 udp
US 52.111.229.19:443 tcp

Files

\??\pipe\crashpad_1940_FBRRFSSGFSYJXILP

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 92914ceeb2a699bf13a7ae379efc816c
SHA1 155992fe42cd02eaf2e82982f96dc48bf373372e
SHA256 106f302f6ba68cef06c21f2ab52085165bdc031c85bf097cced7d3e678d3d7e0
SHA512 0b2ed511b8cc56d737b356d6ab10b5d2aff80fa9ce99fd1ac68e0eae7520ac8788451dff7a312bac648fe34a3f22b0c8ed216163ef53213f5e6b3b1762f0bd58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16ebab35386f8c5698d520f6b0e792e3
SHA1 b5411b75545cf7a46117ac8d09760a9ed5b15c2c
SHA256 85f8efc1778326bc115e3fdd3a72bed7d2a0eec2dd669e6af3973b2ea0116f96
SHA512 4be496aad65c2dca2686969e9fad9019e1e9ba6221bdd170862a538451614de33611f73f042c216ac0ae8d15229465cfce1696e96e4c982fcc4d56a0f965b3b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 78e36facc6d10752a5a3eebac1350deb
SHA1 dbb504e84d815920d3cf1eeafb2c7d3839c0d4c8
SHA256 00dbb6ce6e7099fe7079f457636dc67af780184d67f5ea4663024a92fab591f6
SHA512 4f8babda688081bb2b9ba6f2cc2285dd0df4462c1221caaf63c679b3587f094f45903f77d2ae8122b1e2593198167924304be3df05ea6496f765c927981d9bc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b0245c867e2ced4cbeba7791d9dade74
SHA1 88b1f2d644e409d9ec65a8b4f82020afe2b49d78
SHA256 0b8aa828c6f689d40e3a3ef7e10849f41f010a814e255f746cb84b187e8fd4a5
SHA512 71eedab7cd7fed18fc229f19cf01cb88d31afbbeb75a9cebc190f983a631a3fc0776ceb6ba8ecdf2239489ba511e06d1eca169c42fedbf5992515af18c83adb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 75421c4eb1f072a9efdb89ee5be36002
SHA1 8c0ca55234d491fb905c553ad77956a359391d68
SHA256 af94b0354bd5d3c8aeed9906cf03b4408e25fb92596eb405f2e078db9cc2a235
SHA512 97065fa5c89b461e54e862cd6cf339e8c398d9d592b24ec839dc67c65d22a75b010481426af2c245caf7ef33955db9e6245df55c3f3ba9f4970a0b2d81c24a1c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 45a2299922c92bdc1b3d1e19a079665f
SHA1 4eaf332859e6d95cb2e830031b9b45f00ceb8d6f
SHA256 ff46ccb816f8878d399ea30593e4283fabe9decae85962a79658d863862b1c4f
SHA512 683cea649b3e3b755540522a3f5870a3ecddf7655de8b87225abe793ca4f906d032263c2a5c8ada0a82abf335cd4c39d12d14bd563df2d8199710d04e53b46da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 93df8948c91eabc2f86f97094ffddeda
SHA1 2992c7146c36d005541310f382d2ba39d19345e9
SHA256 5c9db17f7e922ba749d6e34b461a81704a7f828665a692b986f27a0255928744
SHA512 678d39194f3cd5af45c9fea211156d68ef812ff36bb3f1d86e2d8190007e6f0c3b6ba9efa2fcf51e23fa999ec77e31029edd6c8a2e677371fd5573044c76844c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed84c9a5e58e0fb79b647347821f2e6b
SHA1 474371d86e2233d2f030f2be49f3f7bf785a3a8d
SHA256 008f641ec20f74e041ebaf00214f8ded750964c0d55c5eed06086a585b38a7b8
SHA512 390c0eaf65e62b56618d6d22ff24bc7076add36c14d0bb17e1778e6bb9185c4443dcc2979ad14c2b6af1c245c3e68522ad79e3986a565e71c6ee9e714b35d3e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f3e348acdc32eab8c4e751d3b8f95cc2
SHA1 a223756bfe6644dd3d027cb660703f4adedccd60
SHA256 fd99590617b5cd4291335ba4ed25ccfa3497c38e882dbc99201739c9ad27296b
SHA512 94fd4dacf9d0b4909930143abe6f0f9178ae390fd746ec0a6687225f6272f7482e3ddd7dbca52c3b37e8c15235fbd03c2fe0919f445e11024fa1350d8fdd59d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8fc8246cb8a16a356a6073fefeacef74
SHA1 2730895be80254f6958e2e91bdc0b278f8e93c88
SHA256 2bfcf67bb150438982f6d13b41c1da804230788965b8c0a58f16dc47dfbb8eeb
SHA512 23dd4e0035e0b554af25128833c2e142113439ea5dc7cf6b212baa80afc06a49691157bf2b8866cebb3fa7342c7cb8b0234f610d4d08d2ebf5e82629314ac075

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e91f26f52f61d50b519163fc225a8d0c
SHA1 0a8691e0da055f896e4077252a88820a749b2f84
SHA256 d7cd5c49b4d2db571057a4aa004c9352c7c32ddfd978f813e48cc4de43c2e3b8
SHA512 b415e2b7c9d407e0a948da8de9f45dd7fd25ce2d631d0ef35e0388804189e5b260049df31a1d7ef7b9e230f1a09f9f9c4c75ea12b9eee8e0281a1aa051e03a91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a7d689b4e17a603693a770c7e54eb85
SHA1 ace40ddcca3caa01eea37557bf7190a93e1085c8
SHA256 13aaf0f7400cb92fedaad623b186bfa48975c151a70ea891914caf06df6c8bfc
SHA512 41af6c8bcc2fb650ee5ca477aaa09770c255241191da5c0567f2c364978aa525fb35d2439b0c8445d61bc2cd102b3b51021b1346e28bb6d3e1a0f99534baa3b8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be34bf6c5c298ba200d14f23ed3c3b7b
SHA1 19b69de444fe3caaac25d8f893b8399754f5cea8
SHA256 55c4ce7eaee37e513fa1474ab31d0adce95ebf436a75aa9ca24adff1a0e20d3a
SHA512 388c7f54749e85751bc8478b3c2867c7ff17370a2560eb52fd42a7ddb2fc2c116ecc591f50c9789f04c7ab3aefde92e11cada6068c935969a575b86253b58447

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c8e97476bb2af3829baec1bf6fd24417
SHA1 852878ce7585e988d051b434831ad6924ebb1642
SHA256 2a2a5a887160692e47c56cdbf72a9a2418e205290d31a776a9565e20dc3eb0c5
SHA512 0815569012581d8a2aecca275f5ad23753f5725a349191546f30eff2a17632b2c678d68827b25279eb9ae219e26b703c3d72900559f94213cbb41b1f5e6ff0bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1877411e5c9bfa71e65c4f0749e02e23
SHA1 f7d801265558b19c1ec6bfdcbb7e9ac47f17d0cb
SHA256 c2db99bdd0caa476c4fa49ca5726f74bf453df9ffb759c55261ed03af463a566
SHA512 6808697a347cca2391a42b7be6ac27453d7b713576fed51eacaff019819a3dc60270fa249eac70ba6ddcfe09a9aa5669326bb6cebf641790e83f9b7bf2540dac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 022bda157ea3eb99cac689c388a30454
SHA1 015f8aebd6333e7718e75230e559652de9fcb56d
SHA256 99e02332e27686822a37f9b00bfb5cbe02e1dc0e919099bbc4ca4bf575b95f28
SHA512 a0fb05d41c908ef2467cd9b921df6d7373f1c6c8ef9d9617d1d7c21b7e34fb3ed188ca55c711d114ea2d37d8baed9d481c1d63e6b00c62371c4b32c0eb5ad6b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 915b577da27f45a66534c925a7806dcb
SHA1 1f75938a205f3f23b6a2b5d89f0074ec11e5b357
SHA256 5baaa92c3ab13b81567dbb26161079f1d72e442817bb129be620370e29c741d9
SHA512 6ef7b7865010b7948ee147d5eec51854ffc9377f63820351f2571815f6e174a0e9fe2c2315d8a6706f441eb1891a1b7b40ab35b5d7a42a3f036b1c587cf8f747

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ba123e0889585aab8745710d06b415e5
SHA1 9b2d04de258e43863e802657db899c873a09a884
SHA256 07412c5ddc7f2f4e138970db403418ef6ff16820e8784f14ebb1e72f415c093f
SHA512 9084463296c2fe06a5c252564333b2fa25b9e32b4fcbf245a06c843ae3d9be59a273208937af3b202e88618701dc1adb4ff9cfcd4677d62186489e888def0093

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a07009f2f9791c58f31c4d8ecc7fea9
SHA1 a9a1b41447aa9c6dab8b4e0d6da39721e8900316
SHA256 6f488af1fcdac4699a7d7ee16d03ac5c2e995a0a0e8a113d8f7b822393e0d44c
SHA512 99dcd8fa7c531db8c39a8d5d7da3df51dafc8713c1933b48557be1cc9568d0e0b06d6fb38fa5f8130df12aaa5b7cd950d339bda7252d4160deded8029f66f701

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 03f39d4d6a0c07c12916d1121397ddc3
SHA1 426d27786b920d1be14df7f9168b42425ee85a99
SHA256 0ad7d0ba264ebba6181b7d5207bae4031d9198abfa639267b6e60bbe0534fe85
SHA512 14e3e76299ea8ac342961e90632621942fc97e6d4288a10e902a4c6cb7c905e5eede90e82c903886f9ddb1cd27cde2e1053147f30fad8bbd041562d962a21181

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ec60e08c6c2dfc9eab01eb8230ed662c
SHA1 4ad8f7ccee222139f9d04bfa8b4d18b553e6bd0b
SHA256 9f778785d2d4b045c7e75d99beacdc342c902f26ab29bc6a039ccee7acd0be95
SHA512 1a881d02e7fb49d92743658143af499f57737f2befefd4216b16813baec7f2537ba22a69df9a057475d98053431ea58caa94776ebe928a4409823270a7e95e4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 61d8166bdf916d8ad3cfec88035bfa38
SHA1 5a7f91eb274725ea9294cafa9583ac07ba640dce
SHA256 63f2d5bd814a1281fbc169d046edd86b8f2f0f80e6f8a5d083312d96af11be40
SHA512 802bbd1a8e869bd4c6eabcd1a735f1d1db48c7590b82c659bacfc4a99e7bddb084934a3a3d9a7c7821ab5853bd07331177578fedb5c145030d476d2963cbe76a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c09fa335e4d77c21a7598c7ed1636f16
SHA1 384837164905e1d3bdce0f8190b9b3401956f651
SHA256 d3355d5ddb5cc6516b4eddae3cdd96e642d4a606f94119a67d1de89c31939b62
SHA512 7b7e7d810b9c391d51f5fd38790ce5d868d2cfce570380c38dc0ccafb94def93a506ffc5be23044d4537e0a4801f253cbf59a25b5bcca89f91d6ef3afe7cf7ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 260b07c47388e63ae92dd64f4a3e8070
SHA1 66610c814f9babcf437163c34fcc116a76016754
SHA256 a772fc15966afd7e0a3c99117d97fb28c552f5c246b2e71aa07c6ad544340e02
SHA512 d91d0e994f90fce263300f9afeeccdc095cc1520f5ee3fb67518d47eaf026e6077f8b558dc5df6b8c3e6624aeed825f0ee0fe3c6fe844aa4742aa17d414fb89d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f68ea49613fc11818e5089b36e756c44
SHA1 a93af5658004bd5393169b76fe57ed7fc3bfcae6
SHA256 60ed90277ed7b809a1328607ec1042dc4787bf17c8e40d17ca7e4fb2dbd7da9e
SHA512 07acfd2d64ce1e379fcf6e04b7f10f5002eb980503fe9d29a4ffa86cb80192c2ce45fba8e5ed6aa5532f21ad980990452b076b6a2885ddb077c8e86e77f8935e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4c8a57c04d2b06b579102dc8fc7a9103
SHA1 1e87a9ed510dd16201d1d23978bce8008cb6b2b4
SHA256 94afe211c88d41d2339cd9c48d9e097cf9e01f85ba68f3029f6b5c709dcc0d29
SHA512 9058081470f30bbb28dcc2a16e0c06048872f41ff56748a06fe5e519e40e3946a7ab2955a3919bd0d49e71ba0ea141f65cc7321878f22702e3c4ab38a1855a2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6d7b570939f63682597849a8a3a796ca
SHA1 93aee765a45e441b49bd137e2976085a6de9163a
SHA256 d16089f064d09294316babd136014dcc43418e4cb5044eaadd887651a6a891f9
SHA512 68cf3110459f08d53fd62580a6e80dfd4703bc3a8c34652e44f579455f586b423b0c5934a0046901e0e1709e3cf08254a51d4d89ff17c084f365c1a0d55fdfd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 62a848945ba974334cc3f4d29f120ae8
SHA1 f48ea53e24a6f351879c8f2c9d04a3af3c711c08
SHA256 f444fd77f132b5a0242040dfbf4c73549f390b715e99f3f7d363db34cd643691
SHA512 324c9908e2141db4ef6fbe2f53f0f585f34416945583f427a9473eb523608f7094c49749a08da92dd4c141b61000f381434214fb97ff7d9ded7a49019e068a7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab2ca4f9c15e3a5c80e6a1f8fadddd2e
SHA1 a3a493bc19bb8557716a8de845839c0b98e767a0
SHA256 d14ef909812d430236c55903c7f426dbe8c691a9c0bcf3cb288db9531b4d390b
SHA512 54a0fb67a8b606903df547837a255432227b34c72496cdc5281fa184e57eae7eab597a1017267910783e6795078a2eb9730339d6702f215a8028f396837c05f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 62570d2d6b1c56a7480037d8f3ce61c5
SHA1 6081cc0156535d7dc1091a4fa0e0d490ddcd6162
SHA256 605823c457a56da900bc99e5cb6f3fc5e2e143e6c9983063a35ea44013366fd0
SHA512 0d6804f871e126584888228fbbbdb459d12514290e6f90077e936c8751e49c1e119ae0370fe578c04c659fcf09e0b05450cd1f3cea544f3f750de80e9de60a84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8ebd70b6cb5689446021dc5fbe155e13
SHA1 b6e57b317038d61cda2b4bca3f18f291c1cfd8c3
SHA256 392d488283b175d5a5d8c84255f029e64c0317022d97a69781e28f79f4c924de
SHA512 459b60e3f3e599a6298e4066d173988e417725c8915d6d552ca59d95a810c3f7a805f0b66f550ec8ad285bea2ce2591eed20d15340d76562d79e32dd4f70aefc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e171b9b42a20032e572820dd4b006ac6
SHA1 e0d80aba0bdb31c262e38c2d84921faef10d11a4
SHA256 58e37841ab938dc44aff487ea3bf24f55bcdaedf888621115f7149c3a1804c18
SHA512 1e1d4888f9acde7ad63e9b05a872f48d9cfec38eea95a69a6684eec2840d400b2e25a52da433c9149b5b2879bcfaba62a0bb11ef6e2b53111e40c95451629b53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c95ac4874a7c688f94744f16c41dd785
SHA1 cf683af8fc7cc0237513b44e38537e66ba2728da
SHA256 1bce43b3616871277953a101fb62f97eef2dd3f7ffe0aadf68da9448f82efe28
SHA512 f3a17ca356abb12f60b4adc26af91e52b1b87a369cbf95fcebb552d1671c5ffe0bf1d3a732b34edc6e84f0fb4eab3ab8915af438d609147681714ec441b7ab4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ff37f6633b12594181f0e130bde3a98
SHA1 8dd5b15d9eed3e58a8900f201036158203ef974c
SHA256 93761949acf53a59799aa607bef2bf14618eec2cab3f062d90749fb70323b56c
SHA512 32df883e11afe4d6ec6e5b7854afae118b5ed01c5b0084e5ce338eb84df9ef1cee9c0085cf2c295253ab60b350bc6e31da2bd57a41ec9f111218ad2b0f6357eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 26f343a47a8720d836558fbdf0070210
SHA1 b83b01e8981cbbef8cd73cd62ef8abae5285b929
SHA256 6e525bb612fc9237a9e2eabd2a7816d74944908abfe54d9c7fde4322061cb80d
SHA512 e3adeeedbf32a6226139c0975c5e6b1f5de463406eeafddf0d6fb000d931ecf9848d4fb4dbf68ff2ed85cac3fa0cfe4d2ba464e710d2bfe2cd94a84ce880ea21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 529c4c5f54acebe099021f3758c3976c
SHA1 5947bf9b92ffae21b95f6c5d1c5578da243b6791
SHA256 c1889d59ffc74b344e194b029716c2f270d285304581aaf0e9be3c820b53b5f3
SHA512 322ca46b049658313cb3cab7f87be19c402ad636200fda781c423bc727e41c6777bcf3b739453151992960379893fda94b5899ff13bddb5217979a9ae0dc43c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c95decf608c903cb8399b9cdfb62c551
SHA1 27ff1c81e3a8c0b637e0d8cdafac88124adc1b6c
SHA256 7f704e396579efc0afa0b500a85a55217fe9258ea5a2264784ef6b7614da7c7a
SHA512 937f362ed238d0e3fef04d35130159a9f6230adea89a1901ca08250c781ae4d121496d746a820c5fe26cc9f7cca471e1ae2bd5efd10e34d37d6eca0c09509628

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5dcc5ae6834170dec8027bc11bcae6b0
SHA1 648b7b9298eaa4261a2d0b292852a517ae9d2747
SHA256 3feb57f37d7e958c795f5183f9f043629ff9e0f90d50f4616193cbab14921059
SHA512 da74a15756fa32c18041a21690f17ad040c4d327bc8fdec7f5ff20075390e387171aa602ccba9c32d46c2e0e9c7457f494626422f6689236dbb4631518ef3fb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 131b51ee7c3bdec01530f59cac914e8f
SHA1 580651bec784815359ed9586a0e96d1ec6396f6c
SHA256 c5904bc548a8651e36cb8583fe3a71c3e7b2bc6b1f725ae33700e9c889ad2293
SHA512 087020e47c10a14ee853341ed2198449a2348577031890127004c0ad46548be9860393d45f85f7c863827217d8eadd8da8829f62635655a972a7418b6284bf51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 23d14cb055b774b269746faeedce5420
SHA1 a5d12157fb472e6268c5741d5744fecf4e57978e
SHA256 72de59e744a6883f497c0557525c67fd92d950e6033a2a1ba076b4d5d7deab55
SHA512 da9a1460b2f3847cea2d4cb65eb194ba57fe8d6be0048525d95d0c6b728b6f56d7cb5fa350b1bd3d26302750ca8185d1432bb4459b44e747a32d16fb5b621b9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e032c00e447eca67791e38e5b577309a
SHA1 5fc585d00e3de5d4988ec88abcf4adde2f2b5c3f
SHA256 a198fc8e1d65271cbb4eecedebbfd47ebd138cef45cd3105e8dfdeb1ea3b60e9
SHA512 cd4c80f1be3156e6458725f28c9041e05107e955f3d29778d925c704bb5a3c1e60e52bafd5a72dde7832eaa3481303ea15781cfab69e512694ff4be0d372a1a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f0f52b680cd66289ad985b625fdd9083
SHA1 1a4d153a998c9f417d98435696613c98faf635cb
SHA256 e9efb78b6f5edc6724fe385d7dac78b597f6f06c4e9eb65294b2b0f95d100453
SHA512 a0762d4353eadf1cbb00f9e3077ca3db726cf0da51bb490221df6dba44a0ee4fae5577799a530363435d3560f8faad96b079fc1a4f1028a8b441814d33c9a846

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dbfe9eba88da7478034136ca9ba0110c
SHA1 4ab21fc97e0cce0b34fecbd4f9ea791c7db4bac2
SHA256 0c269aac29a5e91d6964a69a235ad2c36c2c18d93162af3395376052670ff3fe
SHA512 57996dc31d1276879eb036342e32b87d9bb8145d4eea53f8833d946b049d3eb56bf75314eb7126c846ce204ad81731bfdcac2d0f145742bc680c621ac1cf2cc7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 222965a2277b8f9493a6d3a89af7bd94
SHA1 f76f7f4f014701178bb160085518250a3a862008
SHA256 f8cdc3d8ccb8c76ae0331e604e54db1e2d156ed76203ea37069210d54cbb8712
SHA512 9317504719de957c598bffff3b1250bc2130eea47d5a09d24c9e0a3b305bc0b3ef68b61797c0fd75fb1b9574d29e6a31db429a48d61612aee7a8c74bedf475f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c4d6487b97fb9471c34a58bb491d901a
SHA1 4425d31dba05ed2c5f33a6c79127ed5a1a73c45d
SHA256 dd8a94eb10a8d8641d850fd6a5a9ec96818e918afe2ac52909456d38792c5853
SHA512 a763cd74842036991b8b2b3a6ab62345dec2d93d4cad2ee6f34f3a7b8e342b71bacd23b64d80ef0740f78309025fe5b415adcc1cb34377cfef724274fd54c30c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 448baaaa788273850f0a9e7f0fbbab9c
SHA1 5d6bafd0f0a9dad1ddfc9469c9eb41548d870b06
SHA256 0f62af898ffcb776428b70e618756664f8be02cb8464c08b4048cdbb5edf85de
SHA512 e9665b4080f176626cb1643b25a61a67faaf975798c63439200a18f44a1ce1249ada7694ce54a3ff9409e991bea341be3d26cb10e57def97ba0ced2441eedf6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1538325879acf9fc1f752d5bfb9a8c8a
SHA1 01724f1d5c41947c267cda354d92b066e73bd356
SHA256 684caead8d6a302ff53fe2947c65b71459b9547eed1703f093d4b2b34adbbcdd
SHA512 4fff9d9684022c2a1148f0e87a72d82a720e795754fef805c85fac21f3c419812a66d3cae67f42bca768660025db0fed210b679e5d96c1224bcb311594a28963

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f6f3f1e668a620dc05ce2d88cc3a9102
SHA1 67c9fe63d1173b7e6ebf59967ace0f7e96b474b7
SHA256 98d92b8d7fb909ddaf8c643eddc2fed55a09d94612194e33ffa813500366f07a
SHA512 58e057f7e4986a1237df4331e1ba364089d5fc313c840a3a8ff8f98e478cc15e6f80af31e54c6aceece99f948da5a223ecb73c954c0fb5ccab0df1983f57b04b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f0c4680c722deb379fd8bb19fc478499
SHA1 cdaaad74adece86b45454b3be133133f692eed14
SHA256 c4390fc73d2652762349d7f19046fd1e4ec5e5c8e493a62f58232233b25fb1e2
SHA512 aec84e1c5d7f776ade978853c1a1afe467e13f9fbdcdbba39c66d36214b8e956fdf63d793ccebb40af87720d53879668ddec56571216046d88010ce21aac9b57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 743bc894945c30d6d64827e2d40d94d4
SHA1 a1743ef6c8700afa2809c552d097e55f093e9f05
SHA256 70818847e9473e1491eb3781fb3cbf5670e214172f6afae4e82577c9fd67be06
SHA512 55d7d57616f89a7d118fa35cc398533669cdc7ab3daf1450bac5ce6fe2f24dbf3f9fee72f2bb4c0e451213b6a579f0231daf78456d2511a0bb9a07ae638380cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 900c0d0b70bf35b7fb2f2ba91097ee20
SHA1 75db21e3df3e5f33ac8d4512eb67635477bdc919
SHA256 419cb82d6803b67429371e07ffb944c3f3faad5dcc5d25e5a0165cc4b253978b
SHA512 d4f9ded084fffb3b3010b1b55328312240c5d58f1334ebec4ee2bbcbf5029b117644ff7865b7a23bae61ba74da790d53a6848b6f3313cb4a5960e4e843344fed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 02e087df47a3d1ead869a3fcbf6698a8
SHA1 e9f82c82256f0d652b68b78f5eee3dfd2e2389e0
SHA256 e0e47e1210870489599d62e765927a043e7712a689d360292903f2ae90c2fad0
SHA512 61b7c294c533148df2094edfe103a8d67ee6adabc22a3bc1caec4872646f6cd8ac25138b78c4f905992e0d8ba13f6050f539c1f9b3f616a8b50c90657a92ce7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2933504aebce3d272c4e2af7ef20acb2
SHA1 d2caab302793ab2cb890f59025a1db12da32cb64
SHA256 bc92f0766ef38cea5c88e01a00aff5acc9eb756f7f92190f3560412b2e600ccb
SHA512 b8b7b847f04882a5ed24b968f46b6d11eadba8eb9bac353ce7502dc692229274ecbce61bf1b1a7103e0fee3a38ad4e165f0192dde740642b8e9c8f5eb2b9e1db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c45a58de40d609cb181225bba57528b4
SHA1 0e1cc8ef76fe306e4954e896c467e72644f22836
SHA256 98dc580c17c043cfecfe579a0c73dcad34cc2273ac94b566867a79a879e19ebb
SHA512 ee9c0f9ee05dc4361a43606b5d9c4f6c8634cf155a92bad44fb7f99da5f7d13342bb829cde35881956d54f142858fe897d658fa88e8dff25ce6b822751ea8023

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 070139eb7d9966055ff25fc07409677c
SHA1 92a4b2b9b5836154c30bdea983c38ed33356a7ab
SHA256 4cab94b5a2a0054ea800a58800b2ba3fe4e706c22252583bd5513179d462951c
SHA512 831883b72f30630df268798decbca3b0a1685ff5103a39018346817c2133d5f2b5c521d20c83263f8ae4f6fefd0a10acbee4125919c4c01bf3b52a0562692630

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d5f8d03c8e4ad64d117dc2576d86bd92
SHA1 ccf7993f4f80fd0e7655c4b8a98d773ba16ab534
SHA256 d48871befad06bb319d19b215f7d2171197965e382d7cfb410cbff6acdcc16f5
SHA512 890f92517e973f6bb198398dd9668a55d411d193b966372c602d7d6785c5703da9db5b734d97cb5221b2244aa4f602512a744ccefebcdb5da9ee6406eda48c30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 489d3153a6f183155d49455668292c1f
SHA1 47cde781c8826d1264e37134dd78bab5cad1687c
SHA256 d3a39448dc8c2edd254d1c61c1758804945a2708ad149d3e94d2dda0a522eaa6
SHA512 1e4d02d04abaa2b2101c2a8b40daa7ff2e863c354f98f231bc577f0a7a2b9050f7f1ad10aeeafc5266e39748584a11de4ad680e7779f1f468e805a83f70ad692

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 06f48fb338fa6140a8fc2f942b6d88b7
SHA1 666818d40cd09acae4e019c984b95cbcdb01ac54
SHA256 a23ddabeaee8f929a3991a8b19fc4c93cdd5242b7586fcde4dc78b8fc0ac0a82
SHA512 787dbb5a0d76644336c8b62d4a3217431eb41c0de8bc7e4ea4fc68b48db6a378fa2d98cd7ca1328ec8637b767ff8e4610848e49d2e57814e904d293433d5ff78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0263c1e9e387e2f9fd59e9e67ef48305
SHA1 c072695322be73ae0ecda8085a6fc0678a97ff3c
SHA256 af40992be4aca5923e4c0f14164010203c24b5450364e765989bbfa71c87ed1c
SHA512 1e8c2e53245c97d5cee1faf4b8d6cfacc87e701613f5f9768371e315b0812f47961ec712ca3f08596d3df4ebadef23551cf808233c8e6bed87c9bd36fdf247bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7370fbdc706b4024072ff1ffb3df1e88
SHA1 0e7f85cf659044c15fc8ebfb21e7897b0f5f8819
SHA256 210c04e7f048d891d7457863039d559c290d792bd63164fc6b7a81094bc6dac5
SHA512 0708a2b9a9b8462f0f982df93002c6aeba6ce08234d809b932d8e6c1e6e122c4f618a39d27e8d9da903e536b44d4fe5a511873688065df5e8242eaa1e52258f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dc074dc65dd75fa937c1dcbac0b94a39
SHA1 56db0739b57181a0b00612a26f952f7eeb600f53
SHA256 8eaade4d96715329d531b6d40240615a06115f0a2aed7313ab34413e650613ee
SHA512 99005bd5c7f82b0f0f831fecff54336eafebea403d4e54be61fab6ec4b2bd45eb9e75ab39871d32319f39c3e804ba50ed03164e3414f0695368a12b0e5ad0fff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d2e86ce15d4c5035fafb82f2754e2374
SHA1 758fb7c99d3e2396a1ee93c314dcbe336532697b
SHA256 94fbe272adbf7279f4a75345f9eeeb139bc3a63776c898087e03fb2afda866e3
SHA512 e0924f39dc2926a3a0fb71010a165b4771b1e2e0b90be4d3b3a6fc3ecd0984caf9c088cb330347e52f8faca0e6a2783b15017098ca025901ddf7db781ce321b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9d94e663aeacb8bc8cfef865b52eaff7
SHA1 da87423e613e094650b9e32aca2905160ca9c655
SHA256 f320fdf7ff3e588b4e66ca059dc776a974d3cdd5900d20c41f1c019c17f973bc
SHA512 89ac956538ce8a65fed92ebecd63694ba0beab080849e0f303db9d42d036a33b6d5fe765a3c3e44fd2b7990933296a6375ae705c5ef6f1b9c5ee882739974a24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3588d091dd18f2fb5f1f1f045fcbfc12
SHA1 b8d5b48345410b3fd86680dd598a3d0ea00078d2
SHA256 b293b1b5cfd30c02dfa8ca33dee1fefcec2c187f3b54c2c5c5341b4ca9f7e45b
SHA512 21ac10f1abf065f2c15812acbf0b80df75ac41b0cec3a96c3b8de4cc3a7aefe1ddc3dca48f304400d72daaa14c6e3c62cb05f1b394234ee6f865fd8c008b5e31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 51c39a2d60d735010e51459e9025b762
SHA1 c423b58a97adca5a0881e80a6bf7ab599eddf449
SHA256 1eae50c69a2524f8fbb9a2657a20909c139f800c72dd2cf8493351d78f821526
SHA512 032a8fa0575244beaf97e5719c2d4930b336c2a6180b645242e9c766ef48b5006a2ff2af38dd651afd91d2b8283b5736482c76f7a3b5f72d76de6128375da743

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 43963e55d194444032962e793f4fd911
SHA1 ed2a5ffec276a7abee1d55b38df4b132234ed588
SHA256 7cd1d3d60ccb22c5b4adf4d92b754c3f9482e9c4ea48e3f6cb67588ab3fc1fbb
SHA512 439f32931577f27116aaed002251db172968e767679c9d8707f3a9ecd4e1349312f413bd54e796b4e61e6f036b19f0f068d2ef339819015ce6df1c5def062d9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 17da03c8eb2ef522aacc5421b972709f
SHA1 7503fd62c549b3f7aaf2d8f02fddd8614833fa8b
SHA256 4e910826a65ed430abec64cab247402d1e6e6f133b057d38294f65c9941374f5
SHA512 63a11394b7fd8467a4e096d3331e0ea822c96670638eb27388f7b1b881fba9783979716c50ec5e5fcdd11d02d2f051bcc4dd9eb39f3726b78e127bf91fa8a23f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 31f9877ae562b9b77c249562c085ec16
SHA1 4dd1473704e6b8003f585d7738f45d6e2b6601d2
SHA256 276b04d926a0f8c987e341f46897d78f05bd9131bee4cf98280d93ef0d43212b
SHA512 f8c6d8a669876231fa1f3b21c8796d4e0daa519cd39356f10f243cc6642fb65c57e041bccc72d290648390f63a3497fa3588cb1c5af6b2102ce658b70f1f0d1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c567fe5fb16d3bf3535cca3c2d0e3fb
SHA1 b4661e4d33186b39f341b6530fea18b2bc49c803
SHA256 395d110f930486f77757514c2be5c0c8022511abc180c93147c495e2c904e6dd
SHA512 359354d31461e79e4dc4f7a4209546c94a25abc4489d3457491d75b5c7b49d9a08f58e77804e1218b8e4067fee177d215df043ddee8f74cb3ab0b938a29e9a12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf0474e4fb274435a3699b67d822b3e3
SHA1 61f9410f32497bc28e56f88c4e29e742c295dbf2
SHA256 5b4037c04c296446dbf8794a246e1f927c11f96b4b1570b8a0151baa81aa8aeb
SHA512 cc5d95f18d8bb6803e18c7fe8746a90abd1a883967a3e0094c3e76e8a135e9c4025106c1c4009105d9d368a2bfa93ccb4abebe8f4c1cca7848392284f8e2c267

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aaa28878188e161da5d7ddb656143286
SHA1 4b54ef4ff765b46f54eafad9686f77babb5ca44c
SHA256 74f26deb291c7767e22f5272a886c67d8c1287c90671dc3336610c739d43281b
SHA512 817fc939c6f3f43528b89492706a4a7cbdaca3b83e7fa160e1992683dd7f2c7d068abadc6160c155a539ab2a2b5b8a4414ab6e851f01432962dbecd34dc3df47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6488bf3da5e3e42608b1feecabcef532
SHA1 30d0925a257cdeeea0f9f2b8f55b727268bc477f
SHA256 b6e3ed74cca41da0817cef67247a6928490abe221c232d46c87b53a957798c5a
SHA512 4148c73f21e685877f4e7233001fdfe7c3eb52a78fe7ba36ebaabc328d6f0456251dc2fe427a2bebc774bdc498d748a5eb52b489e36c00f89511b61a2186c59d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6df18afcb1aa34acd08624e429031ffb
SHA1 e36ed5a83f361d41bc4aa0034efe48e6d6718555
SHA256 2a846d518b75c7cfb4023c3f3cb7097bc11e7058e643b2d041fad2ffbfec53c9
SHA512 39e52b443eb1c2b6b763adf7f0a0cdb06265452d23521066944379961c981007742621fd53644126de09a2811f6723ec21950a7636c8b24eb475267afc323755

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dc312cb76b94dd85516e21908fc2f57e
SHA1 2b41e818ccc874db5cedf0c62679d477425bbcfd
SHA256 5f180fe285d1e47b01858868535874b438b2f39b99737adc2fb5b32bab5bd619
SHA512 9ac06b65bc37e69a63dd38ab8671521f89a7be808c843a73309ab39e6346588160d17a7944d124394b4d0cec732c6f45d30a01c8269a06b181cd1277cb638a88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c4a1fb03a13e88173e02080eb291dc9
SHA1 46fab96863d404b92829e606e66ed6528547fa91
SHA256 eadc29bf278da865ecc8d4437fa78bc81ab4cdf5de6153b968919e35db79b093
SHA512 eb3c23d6d01ca9a943e410eef1570aeb81a4f33f6c1d1560f1c31630897ee31b7adf0961af6fc68610a5b493e3863c5fcf021d57c368b1c5739652ea7af32eae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0807ad7943c1cc3a27d85b7f763bd292
SHA1 ee966349b4ee20cc12983a0e1c8c2dc49fc17664
SHA256 9e33e6508769a051f9990bc7ed89503fe0eb05aff3d0cb426adad215f3997214
SHA512 38b92db63b4445b63ad46aa9a33b1fbaad1af96b59afba5810adc011dea5b3114a6fa7e9d237c5467ec16ff6437b3d360b31f810fac0258aa1120d04e2e18b28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6806f4b3712ea7801f3c700f4e52b33
SHA1 e5ac50efd79860195fe914f9391b1d41977e30cc
SHA256 3f0b8add1538f50590d6eb8469136d4746571e7099a0bf4a7908a32aaf68996f
SHA512 9865051a3fe7722fa6fb983fd618c6ac3f75e26173558cda8ec82e07fd18d2c5b267afb07a82c92bccec778fc3db159a7fb82a6f7f2cca7f219d4adf84c3a522

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 921c9cb8a41a3fbfddde651a79af49f4
SHA1 787ad449afe100d1753529af28d9791667c62a65
SHA256 d3427e8db8ae5d345d042a0c6f77b6375837592bbfa1ad751e04632f4c67e86a
SHA512 e94f785876f557099fbf20d8f42d0093a4aa2f1ca1de502eef6fe8283b8457d874e44aeef2c09ef9b4fe54cc510ed1da0c3173f061c815a199d85602de1dfe01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7f897bdefa813cc84ea0ed3fd69500ac
SHA1 c5ff3dec483c29b1def889a9c0d7e05196df5fda
SHA256 7561e5f442e2eca0aa93a8756ec01cba863e6bac867a2316266acda65ecb4028
SHA512 2d07ed466cdef1c8f8d5584443f10a17b4059e848f2765138ef70ebe1942eb82f39726948a0102d07da42cb3f79f5b742025f4fd50aef90387d23d7ef7513f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e4f19a5282de20bc74aafdda3876eda
SHA1 57fa25860861ceaa94204d2623da4f1b9e08ef9d
SHA256 fdd7afd27196181cc2048490ad657ad5a36a17d5d17be908ce22517f38eb9ea5
SHA512 c6124e242983c7283ab358e5e6f54b041427d28cd80ee4196a5715bf8f64409455a48e4ac323c4208e3a97761512936c2297b08400dd992e0f86b5b64f8cc55d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d9fd0ebebc3102b86895d8565e0155cc
SHA1 ff54004655649d6dfd4563cc2422660138b473fb
SHA256 2d17076711d42f737c46803266a927fdbc84c5c5e7ca18a2b94fc48c601e893d
SHA512 f40b5f11b023a0604f8b91f5dad433bbd40337b4e08b1a6285385797594cc5b9753b8c6512533b09e862a894eb284aa5a3506fda2ccb1f608bdfb869e24faba2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5fd313c267eca4eed564515567975960
SHA1 acb1622f55a9fab8aedc32db72b171e97043bd47
SHA256 3c6124c04cda174060aecbd3587fdb5cce7cc7f3b486610c6f7601cd3cafaa9c
SHA512 58898e63a3689c47028cd1f96912d3810b85d90e2d54718630f6cba7c37d627d4faf8b0a3566c3b229929f4e6f4f6c390f6cfe7399c6a4b3ab03d53dfd05d612

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ac9f3e0ca05a3eaa1c859d404208f94
SHA1 2e8adb959741ef5255cc8ca402813dc13762e1ad
SHA256 6edfb43bf1dea67ad98c4c0b87a66b3971131bafcc17aa2802f6d18dc172f52d
SHA512 c2604f0e7edf691208700a70769ff3e4db88f4f72f40540c6d6419b59c33bd0c21438b51e945fea6bb717e4059c3ea34a27e2f5a3232142757ccd1b60d674bdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 de31e1e5451f659451cd60949db5c383
SHA1 d79ca28390a7de1434eb1857b0e428b763192393
SHA256 d2e7c76dbe8d99942a9b0641a246f3df8e9ba27091e90ffb8c8769d66cab052c
SHA512 ac8064efa3d9d463e7fe8fcb41aac066ad2b42aff33497034e9c558c04daff0397017f45934bc785081c850da565349dde79946a28ebd229d853c868626170b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d970642554c8e7181a0f6011b004ebfc
SHA1 6fd1affb348e4960edb02815bc1419c6b39d980a
SHA256 bf90d573c0faf09b91b924b44d8461e3e5a4e7c936690cb5c9d99458e99f9306
SHA512 7ef5221ba810d651f5a02b8c39d49e4f2c5bd74d4c59312f587225cbdcd274cc9eea4a6b3d46ec23b7c0c8059a08f017b9464ad7b524f9f410c1dd711c6bc583

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bda130000551394aa1f5c7607193410a
SHA1 29c9ad2579abd53881d96ef1c06315795a6dbbd1
SHA256 5f8dfbd82bdf2fdc9080e1d26f72495d628c3c41f5b2b61bcfcd6d818a0b0898
SHA512 33f26ada935b9e9c6d275c8b5f579e21920985898c1f33a76b23432c317bf9c71614a2104306d169399bd5ed2761f4751855f2ef8f9144621460587ae3409b10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8382448ff4c45c18956f40d048ac28e3
SHA1 3d5d6fa2945f0edda115581f5f24ff8815bc954d
SHA256 729295cd4e904f99b80ded7bd5fb2f4b5e5711e8576a218eca6880221cfd075c
SHA512 36a6d7a4fddb3434fac0037a5bda8800531ff32acfac0acf8f59f813faa2c06e094c667944f5e0da5bfeec2115ca28d8f320aa9b38be1730f54cd0f2d65b7ea0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 63e7cbe820762b3c80c11eb68810d178
SHA1 b2b14c583e2f80718a54093f575387fade1dd34a
SHA256 c69dc26d2355db61f161f776ba1e72d5244d0a0291fcebcace38fad0b063e6ec
SHA512 a98ed05756c44544c0a0a7ab227e059c5c73f87f1c1dcbfb91c8c243b22c9a2104af1ed134aecc568cad856f545ee9230124fc277bb48e850d7fbd2a2200c2d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3ea7b55600b7a63838cb83c81f26460
SHA1 93cb5109bdb4e6dc4605a06a05f4d017bffa3e53
SHA256 e3f47f89c61d011a9e224782af2de7aa9c1d288ba95900b555f5c3efb1ba49ed
SHA512 a2109753e3210355cebff0fa4f4469f1af43ee6746e228bb1f2bdc5be3f6caeb48ae245d47b396b35d150c4ae4d333c26d469b51bd7b2ede4f6e5ffc5ad8cc8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c9f5a0722988b0e0c9fcfeb2aa571571
SHA1 4cbaf5e2bef0e454f273cf6cc88da458ab51e4f1
SHA256 711b558288eaee3c6945cdb5a6c50c5d1e68fbe86d5c6efb07fe429a5ce85d6f
SHA512 d3f42261d7adcfaf716cbd6534e1a5bbc2b472cad8a116740061e2e049f42db2b22029d31418be0c6a76888b9803f5a30fc2d2c96017cb5097d85825f5a507f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f82194096340f61165706e1bf0612716
SHA1 8fe637e2314c1f86c1cf2bd65540c66b203c5ac6
SHA256 20273c2c4361f207b0c11b767e6cd2215e400659dbeb37b43ec94e81f0a89821
SHA512 7d975f90105a14c7e1fae2dbf2c3498737a900ce296c20296817419a4614b15f104cf3320f1eece534bbfff939b453ed7a3f8432789b8f3c66b1cd90a9e7c2dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c5fc9d84064cfd9b5f0ff2cbcb8c6f7
SHA1 761b17511cda915f81717b989691a415d447646b
SHA256 f47543670976e59b3fa9f0c62c0660003baee63941a79b9ad4b2add63572e82c
SHA512 670e3b77cade4bbdf68bfe86c7f3fb44ff2d306b1535aa51180a13a34b643a72d6a36362d2dc1b2ade5823d20d88b6a4519c9050ab33c455e259dffdc3b8c47e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2cb914ce12e2b94276b2438ac42f1fec
SHA1 9e6b4c9c4bf9e569ca2b610442daa98ebd74df26
SHA256 31ee2b4296f1c28beb00a2d881f9b81087536e098f5973a4c20f0875324875fc
SHA512 ed3817980fcec347a324053d9e27cd7c4d4c28d67b9442c4a7cec4aee5f63342d0f19a1b55476db55aa17109edff33cc267d5cd9aa1b579d77bb063cf7a87c05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e9eb688051c8b876d9b4cfee87821ae5
SHA1 a712b0d48253511636c63d69021aeed2c7f6e87b
SHA256 06a12f78e8d6da29e90acb45a9235d3af822c97428116a885e41c0aa2374f2b7
SHA512 30b0ce0074b34c7cf6a79eec19f302188994a4b7bc8a9c7094dbec23f17b51b415dc473808dfee0507c467c1f8db12dde296beed80ebe6829444b1b5226961cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 30f0e836a0e43ba9fd2a279555981040
SHA1 34ab4084817001149fab40856fa3ae70ea9aa4bf
SHA256 d888ace4a26cc888e02a8d199684003c7d4514cce0e836d2ebb170fe322b9874
SHA512 aeac63cd7df5e9e5f4fe274e819a03e8ae8ba7b2667c57658f510576c3931f7b2b1711e4c4ba7397cd83033bfe08725554c82f02ae5a8779446a8ed2aeb0da7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16832f3bb91a5e6237c700536d93d2fa
SHA1 23629f419ce7039490228a3b79e7f5b0453bbe19
SHA256 fab183f4f55a02c761de8d9b8130be79e1ba3c32a01c465763c820c67fbe6d5e
SHA512 5cad324d489f734059b9a77100cb157a3dacc62964b5c5ca6d8985d3305ec6952f46d8bde70296448154f578ed6332c9071c4c9d6497f4fb4291c3513f9d88f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b2f056ef6053c31ab6f642d4b380784d
SHA1 08e6dba8aaf8ea7690d6dc1cffcd6c35325a1b50
SHA256 813c8bebd43d4f05f42b19445c92b45959b22b0366b6871d06cd5ca24791db1d
SHA512 82a344e6613d8c9079d4377f7479a2a478080b0e09def195129ebf5df01658a055f615c738c3f1e16441871942785a3b9a19339c14237959210b58d7c330fe76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0047b65b5bff285d50609f937933d9d4
SHA1 d5317584a40eceb1316ec80c129a5c47603f8716
SHA256 3e41293a23fd4209b85c103856cae5d1e0ee1bd725c89b5a270b360da0e40a98
SHA512 85a39d176ac3d4607348e2513a7ad8e68ec1639e28f423514806b7d625df49d0d4ca0209059ad749794d0ac3500f5f12e3a12b1ebe8c0746b537a7ca1fd65be2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3baca8659c73b29028cfce58b8fb855b
SHA1 ee75cb0f444861b3f998c961256a476007d29145
SHA256 149b469f9e9aeb3fbfe2a3cbfa127a6b4814a1bf08ee904b648627bc63d6ff67
SHA512 dc0622bacb7181af073c49b8fe6e26dad44cbef45bc5f7c65eb950a99ccc44f825b34da1c92e7db5148ad97012e3b9b5c4286a2b2094daa6517f5fee0f1b9dd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f3b64376b4a6d276f582c77eaf058bc8
SHA1 8b7e853d46825b290e7f12b438fc3840a3c67b6b
SHA256 09aafbe8328cd2a741ef021aedc45da0ce207d87993eb79737eb08d33dd709b0
SHA512 64a25dbdf39b7170f04e5f56b8f07661f4ba858520dd976ae3bfe94f66a7d06dc620c6b77fa933ded12e74ec7f2d08ee5197c704f07f7333d7baf0d1a2594ab3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc8c17da91742b572078ae851bcd91e5
SHA1 414c3d4e1204fbf8a85e681feb5df2481ec837af
SHA256 3334ebd4c13919f344f0009b2688c31a85ab497a66ea0778db8e53450bfabfc0
SHA512 e0b6bbb388c78b668cfa8a5572f09f921ca696b8e04f043d139305f16c278232121ccc2d9c46bbf48bda872fdc8a39c25785c16ef1bb5957f55d8d1727c478a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49b45bd330047900fb2a964dbb208293
SHA1 cbf1ba08c43ea9c1b417dcb780ac336f821f66ac
SHA256 7e2f019c42aaedcf0f400d96ef888ccdbc40fe56c86c377e1144b44b8d59d491
SHA512 1c6b588eb7d88fef44b43071d2e7da8b4ac5bc819605af0d96cd67fd6b1cca726a4754f454128788412fff4373af7bb49291d0788f7286f0f5b1d0bbe257333c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 25f3ae41be08dd50004bb9d5071665f9
SHA1 fe6565e916409b34920af0f9a9a540e6e1f30868
SHA256 6bba5e4cbddf7e05f52148d949f44e8b488613a335312c3458073604899733ef
SHA512 37a3a9166375c86642a22fb3e4699c18a59a0e55a455c871270f7c0a5b7551e316d2d73a3e04da48833fdc088fa5ac0a6f57e658ab5bfebce646a649fac31a6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8e871d42e85cfa8d720310850f82665
SHA1 ac4277b2f7dde09294b7562d8f742cf4b4ba016e
SHA256 45e0b1107c6ef4beaded18b20df0cf26ded9b59aab92b97501b03737c366d1d6
SHA512 9e54920f2d0fb1fe86e634eb8943b557556ad050a9dbadca9cd89269c3d6a13256fc46c67c26e09430b26f5b2e53fa427fc7081221c8bddd9a57494cc03326fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b138885255a96760bbf87bec26e964d
SHA1 086889e00579b47039fcde95023fb35e7a735276
SHA256 3445e20efeb02d1001e1567c2deef54f4f4666819cef366d5b38977f049820ba
SHA512 c946c6e8efca6f8be8e8472fe6536a2cf7086e7ec23e5e173c5c8586ccbe727c0e3e53d5916107259f95e042436035a16e7137f7361142e70b13041fa06d450e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7642b2c3dbc85ef246e226704d98ef27
SHA1 1da3738a422b1d52ce55f4c03155815ab9900b02
SHA256 556261fc99f9735beb48cfd0f5da29c8a97b1707208f987f2eb29c3a857c77a7
SHA512 b97782ec090054c5023837d8ce8be0210b303c9b747d7da6d62dabf72b50bba6a5ea7d669e71106830d259440b1759db8e38ce01f34745857af12eeb28fe7eb8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 17ece48333a09db3139142a8e009fc26
SHA1 2e1cd07aa22b4be47d59a8da3c6e198a6bfa6ade
SHA256 85f54f9e6da5128ea287f31eea8abf2e1416077b579bee78fd942fc835050651
SHA512 8ff388089950c016804eb4b2d92a7c2cc31d41d29495c0fc6aa8d54fd819115f3b393ee6d1f418489f5e9b55b8993ad57ab6bbb2571b988f0231e80c9de86a9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c56d57673bae9f9d867ec5894e168cc4
SHA1 a891267c389620d2ea27a334090612c87f85b082
SHA256 0662bb514d2086b22ddca7366ae61db88856f3ffcb2534c3bb5a31b2b6bd2614
SHA512 4ffb7920a2f720485f90c688df8aff719b4ea50f9eddae911bc243220db34652cb561a553825488ad8a86093a70707312c277e2ea910be8e46a4757f53123404

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c21542de6f543ea6ededbbd4913ebefd
SHA1 a03173986944a85c4b2441106ef442ddf120648c
SHA256 f2adc692b2562d94423a84da8d2f40a76a948d20cfbb7316120c5c55c3759b72
SHA512 1825f99811e1625f6c9f39378ece29144ce8c647c5964efe23569141649fe65720f9ce0926426f1c184049df6ae98112a4686dc18d507aa39c46166c4c1c6e70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 505fca78de673ff50e71219b0558289b
SHA1 7689354d232a50a529d5c7ee0046a14027ffc3f2
SHA256 3c731b31c72e8703633d304e0208e049cab7ea80076e5f43f4c9ebf51080b993
SHA512 cb93ef8505113e1bc2526a2e40d82f7d32238c4c8ecd625ea6e8d3f22946af109b9a85e6f4f549d4b4702f51eda9405d67d1e7c54220f5959db03945d773ce93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5a99c620809cf1ed723f019d68ba81f0
SHA1 a8889ce4192bc2f9043d95d8bcc17ebf6ed1100a
SHA256 852c4f8902bbec711ae0b56335ca5c75157cf9e7c658be2075ce9ac404839fd1
SHA512 8164dcfa69f2ca2751daa9a2775b50390f79daf68726423f83239522dd673c4df33c14b547e0eca3423224fb4c702216a8776a19953198909c5c62a888103e17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c828c2bcfc44c633b6d6f5a80154d497
SHA1 ec0e26a676e5e8bec32bf426e8df4869190f85fc
SHA256 a3c86d99e8884ef8f36f4daf4bf707c286c77bf87624c007f8f3054cf14731da
SHA512 5f8f895ec14ea0590e6afc53626394b65af9d4eebd8a9d8309b4ac559dc118fed8006c58531885086d0c1260b1fe5d44b47a79da8d5846f385e4154049fb5b5c

Analysis: behavioral6

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:21

Platform

android-x64-arm64-20240624-en

Max time kernel

1781s

Max time network

1803s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 accounts.google.com udp
GB 64.233.167.84:443 accounts.google.com tcp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 webminer.pages.dev udp
BE 74.125.133.84:443 accounts.google.com tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.169.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 clients1.google.com udp
GB 142.250.187.238:443 clients1.google.com tcp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 update.googleapis.com udp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app tcp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app tcp
GB 142.250.187.228:443 tcp
GB 142.250.187.228:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.212.227:443 update.googleapis.com tcp
GB 142.250.200.2:443 tcp
GB 142.250.187.227:443 tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
BE 142.251.168.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 www.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 172.217.169.68:443 www.google.com tcp

Files

files/dom-0.html

MD5 218ecd5896980da140dbb9585418b59f
SHA1 3f37449b79386f907f90e4b81e5b4f1025c9210a
SHA256 466359c53f903288b3028d27035c8739bd5806053d48ed30ce08f41ec991e49d
SHA512 232f6305ed770e7792f062bdc367e72a262807e6c3c1f4ccb2345ac70a2410f4bd09b5ea2867b3501d6ed9abe3f4db75aeb8a2b029375078fd6a5a0a683873fc

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:20

Platform

win7-20240708-en

Max time kernel

247s

Max time network

1694s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2572 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6f69758,0x7fef6f69768,0x7fef6f69778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1380,i,1882366220998810713,8951729634320113455,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1480 --field-trial-handle=1380,i,1882366220998810713,8951729634320113455,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-trial-handle=1380,i,1882366220998810713,8951729634320113455,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2276 --field-trial-handle=1380,i,1882366220998810713,8951729634320113455,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2284 --field-trial-handle=1380,i,1882366220998810713,8951729634320113455,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1584 --field-trial-handle=1380,i,1882366220998810713,8951729634320113455,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3384 --field-trial-handle=1380,i,1882366220998810713,8951729634320113455,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.234:443 content-autofill.googleapis.com tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
GB 88.221.134.137:80 apps.identrust.com tcp
GB 88.221.134.137:80 apps.identrust.com tcp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
N/A 224.0.0.251:5353 udp

Files

\??\pipe\crashpad_2572_TFUQTBNVAANADZTH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Temp\CabC62E.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\TarC6AE.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ac1272bdfaeca504dd2d4092698a4ec4
SHA1 9abc834c0009dd74b595168e99027696e43e6474
SHA256 b405f2eb429c05f4ce4981c3e86a3732e4c3bb59830e4eeae45d9dabf1a81f93
SHA512 61defeda6b6a90417788abbd9319fa6fc3b9ba77e5642b778037669126a443e8de976d5d85a07bb87471356514ed6c5e398af62bfad04ca424957466ae753787

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fc1ab38483750cff15d9c1ced3b7063a
SHA1 2eb292f86815168ccc9dcc32d7d22872def3e36f
SHA256 1ce05a721b14b92602969e876852f89f7fa3238e35c75ce72a1d716ac08aea90
SHA512 7a010c1711b7e05153865b19d37ae1efe8cbec8f4f00700c819ee10eb572584e3f59d74d9923ac4bcf2876ecb54fbe43db8612612d058a99a12215bde41c3a00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\2ae6907f-e978-49e0-8798-477b2bd5c27b.tmp

MD5 67c98eee5399ae9a668de45e1be5f76c
SHA1 3474a7819693b687f2a0c6eb31db186bf345e339
SHA256 d0081afc28700ca632b114a2535b2be0bfbcad36b09c4cd3056c773f33da2a5d
SHA512 b541a5d4f4187867f5eb3ea1ad259c78a0fa9d3e1f72bcd9ff95ae05eb571ca679c01df2fc8a8a54e19fb1121014ef07aecd3310d5ff217b38c9c25fa739fcf1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 530ef1952cf8c9cdd9c8acb55082378a
SHA1 dc935e756f1a6f348fafbdc84f52d6edd9eb2331
SHA256 718c67fb62c441eb66925ee0c2afe2f244cfa0725ec87b24fd6c2ef3719ac34e
SHA512 e0a89342a1a6100784af21c8d43290f512d82312bd5515ab197d999c4e365e7248e9f3b5f68cf65a829e24f9bc445680ae15f4ee600518201b0bcc8854b2a1bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d0e1089e876b82ef1f0e3356dc9cd31
SHA1 70074f3fc000d307eb26a936b69b0a28e7299799
SHA256 5fe07877a087b69e03904b9dc92e72755e20d0a4b2068481c4657ea322892e4f
SHA512 941eec748d640ebb8081b622c200e1a52c6c828884582f883467e766ddae84140fa92b79fdb22753d36f73b3d5f95a073c52989e44d1359d8a397cd317ca4bba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1adfe0aa5157fbf008d8ef3e5a754a6c
SHA1 03ee21d282090dd3985509f68443e9054567f637
SHA256 89cc08ef661f6fc73fd7563a1aa4c02dc83c95b83cbb881ccb61bf28ba951593
SHA512 d9ad8fafe0ed4480a870fcc5c52592f7e988359657b23e49c237ab78bd3e62f33663b9635c5bceeb549bd5bb3fb1bb9ddc6bc18d44a3d16ab04175ab4b4943b4

Analysis: behavioral3

Detonation Overview

Submitted

2024-08-31 14:06

Reported

2024-08-31 15:21

Platform

win10v2004-20240802-en

Max time kernel

1799s

Max time network

1800s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695895075449706" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4908 wrote to memory of 3644 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 3644 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffdc667cc40,0x7ffdc667cc4c,0x7ffdc667cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1888,i,6373708132172796602,4073681064875452244,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1884 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,6373708132172796602,4073681064875452244,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2140 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,6373708132172796602,4073681064875452244,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2432 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,6373708132172796602,4073681064875452244,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,6373708132172796602,4073681064875452244,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3284 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3660,i,6373708132172796602,4073681064875452244,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4612 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=208,i,6373708132172796602,4073681064875452244,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4864 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 98.47.66.172.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 g.bing.com udp
US 150.171.27.10:443 g.bing.com tcp
US 8.8.8.8:53 190.79.22.104.in-addr.arpa udp
US 8.8.8.8:53 44.24.67.172.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 22.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 107.12.20.2.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 52.111.227.13:443 tcp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 225.162.46.104.in-addr.arpa udp

Files

\??\pipe\crashpad_4908_DPDVUKKGRLSNEFAT

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e641f8a8d91863a7e14e7adacf4c110
SHA1 574faf9b79951ae9bc6d06621d7b717574fa169e
SHA256 337da688e94fbe85f7db009bacf6fcdc85fba57dd5b0c1e4edcff2a583ced47d
SHA512 076f96779e2e88df9bf3ad501d23aeaaa16ecfe13ede45d2e2dd6f002590a93a8d74610dae8e413ac316ef9565a470097cc55d36c8adbae45a9d53d98f7df9a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a6dcf5f9d1aeefd4a2f90b31d2f9dae7
SHA1 b2138d691b4d6a2f7d008fc0ea2aa26b038ee97b
SHA256 bf1e8b1282876c0a3c97ac0230e00fa6df8545b5f5e5cdd646caec8e28ca1337
SHA512 fe5f5c3c96cbd9487f9d36689a44303bbd44d435559cde57b20178f21c76f4f5808d6a1879cd8d9e82ddb40922acf0cd2e7d1833554672c6ceff7171a8f959a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 8091722ef201cb7ea67ce06441d0288e
SHA1 f1fd06ea7efb76c5083d25f1081d0cbb5dd06a68
SHA256 4b9bff679f4ae140f381670a5c1ad9081d025c7d52ddab298c10e03d0a3a8950
SHA512 8ad86f5e80caefb8abc83d136622d49e7fbdfc37578d708e219efa6c91b46d5cb5c730d4ac9147d6da03713d1c027c922ab1892bfb0f9c50a3ea5c04a6fefbcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 100781ecab3644129068f7afc0015189
SHA1 b2b2517cddd0e62ba27b7aada74b0c318b0d1b90
SHA256 d40e5345cdc913e0f4f957ef331af83ea21d5bf8b1cd0f9231b897ba7007802e
SHA512 ed790b1df35b241e5035308d5052c32a8bd7024aaa1c95c55a1c82459e83b6eef14505cab35df07defd7bfc1ab69d2d72184e8467fd8abd9ebabcdcb5660356d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b3bae226f33c271042ddbf324c5bcade
SHA1 13339fc8eb87125248ab5d53300a3def70b2b513
SHA256 23b8eeed8f04e5ea02fe9d6d41cd8230563beb818e370f7778cf5605b5343a18
SHA512 a2d4b29b9e90172a5a37dc986c838817a79d7d62512dfeeb0bb1d393ef933c6749a0e48bbe138222426e2b8552ee8c5629f6783d78b0a0897eeff33323820926

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 482973267506abeaecf1140b4e8eaca9
SHA1 de5f701d3ed0c41fea0a87018236f96b36857eed
SHA256 e8f19bd693d1b1daef074b9ebf2fcc81226f9447981e108869e41e9f61870ba6
SHA512 1e930528b0a0a6aef79a8e1f225f53c0595a21b12386765e51d3b41db7388719b6ff94759501c834d641140e05c97f612edee577ceca916f446f44b973f49afd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 17c8cd8207e03015cb3a66e91587d8e9
SHA1 8edfcf9baa36f5eb49e2c09cf17c0102db575727
SHA256 47a2fa00d1e8282197e45f6d8cbf91f2b826daab6554ee2761c351bf45f28d6b
SHA512 ee62003a757172271564fe9668bfe8964657554daa518059424fba0b26f65700ea23d7a9a6dd8a632196608da52a736ed3a569656b839c0c18c68d68a9b5ff60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 52724c71c69a45b7c239f21436697593
SHA1 93b4c77723ef1b81c1546058eb04a4cf8e43177b
SHA256 f07d1c077b19608fb55620559c1bf676addd6fe58da9d60c5a14d2ff527c38fc
SHA512 ee45c5822c14b73b14c1f0064b4fb965d348ed8c961c449c2a47f6b9c12c15d0be1dfcb46b16a8d8da50bcf39a8220537be1fd31cd108b9b24e1d254e90af2f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c82bf8abd8b1425825f636f99582a5a4
SHA1 5f40722a43f36bdf628782ac3d17a4ee05eaab0f
SHA256 a3d7f72aca068abb81b099d640403c56bcbfcf03a06a971c6751cddd32ec7312
SHA512 ef278b65b508dee71c638db7fa80adbad4aeb3c4255161559cbf5a47176fb02f02dce85d227fc1510beb9958485195218cde8fd3251ba8502c0716997b4df520

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1c161a3097644215e26ad3c04e077baa
SHA1 56a78be1d0f136e71e23a88352c4a88df13ab84b
SHA256 0424b4e317b5935f9155cdad185b6f895c3a4becaa758b4134672900b548713d
SHA512 cd82aaeef8aad0643aa8c85d7a338de49458dbb5813b8531ca40cd8d5dd7cc6e16e33382050dd5191a7d7fe9ffd8250816a7a1682368a20ca73e8e8a8275b093

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ddb730448e4ef7fe6925ee1b8e460959
SHA1 b6a7cbf64a6bbc4619b54a836bccc3c571e28fea
SHA256 c4a06bce9f000f0e675fb8731ce23f0519d365fdc78a65ac282666660de37706
SHA512 7684dc91aa969e239587a3b44339b93d93bae94ca1318de7aefb071eaf75de64c6b7a8ccae7b6325767892e96d2f967e0278e12defacb6546002b3704bcf182d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 14f2f2f1c9d1ea519bf45db3479bee31
SHA1 be752c073edeffb2b242a555ecf975315a4705cc
SHA256 da0cb29918659770f25ebdf3eb54392d37f4307aaed6ebac50dd20fb2b6dd984
SHA512 3d65ef83b4bdf54f96ccdb072a0769e9eab42a559ad402e5baade1305a6d472451175941d53c4dd00484fcdac4ad990d9f05325c7f637f996e57c624683ec2a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7b40030d1ee6093de7085c5e282b5697
SHA1 02937d0f871be4e46acc56127dad0fc3a00a4262
SHA256 d924ad70922da740df7a9ad309a2c167be3dc61dd6431f708ce71130af584196
SHA512 0d97515bc2d10c77dc47515b1e7663d87a57cd6cd09b2387f8373c90cde6e75ae1c7dfd110ab801fa4489d145d745cec56b71d513f93b6a4913e50d38d8def62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 096ea0d0209f43b583c752f8b91208b5
SHA1 fac4cf3789bdbe05d1b75b2b89e9bd2013b61c41
SHA256 c192e73412e1c387188b65ae1939b29d43c4e0540795a71fff3ce10e12417491
SHA512 b90529317c67362e6fb087453f4478cd94be9fb214edfc901fbe47f006c9d80944c86c76d14379ba7018cd42a1a837c853710a655985836136047d33dd1a3c97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 67cabbbd36f52fa53123a9977bb1c55b
SHA1 b8fa94f046f407a09ba843290bef6f7790050726
SHA256 b34603e6b86764129d5e3b32a21b25ca9ac280dd5e4c2fecee506ff2b8de248a
SHA512 c3626b3fdbd4643b905cf5ec56edd1115f26fb158ba1fb57fa828b7d50efd5c618052e76108ef0912caec1920e03945c455f54e740150fe27dcb19dc4e6b1297

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f4aa8fb769e1efcf2f6e21a96c987763
SHA1 ca219c468f576c2504415b1166ae92fe1054c9fa
SHA256 751ad40360adabd5e0415283052c7e6475e46aef32f67ec6a03a42cc6a2bcbfa
SHA512 fe72ea91f8f643be97c0c4575c12f85ae251179d45d71cc7a8328311711b6d9ada0fb81462f453568e6c27838e8bf24119c93b47f672bff09492551f7b804bef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e678f3321c22097cdc1b3cca52a4a854
SHA1 4aac847a47a1d2ab382884c10bb22bc17113065a
SHA256 ef08cf1fbea3b26ee1f511ebd761972c843cde1760c065aa5a441a16af92018c
SHA512 d5e44d405a3b6e1fedac83fa749e1898f3f2e310c68fadd0013db576f4c5aecc4bd0818d4285fa5d82f3d2899ef861d4cbf35a9f38fd71c92068cd22c06b0236

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed1158f53917a090b78e3e908104adf1
SHA1 41bd36f1fd1a532a23136305bfc6dea911b9036d
SHA256 00edd01335a479142f3bb80fbc19ba61a5068f84919278796615075a9d0fefc2
SHA512 9b7138c909df84ed8787a449796e9b36c2906d0309785eac6f096231ad24f67a2b2cdb9ca39603247f505805f1d21c02933c40936c5a8888992c2b3c98d2e395

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fc223348dbad61acbe30b56840f3bf4f
SHA1 ff8a15e28ad8915019afdb6c30a11526da7a09d4
SHA256 28576092f9a0f41f72e44255c53f542a7e4c5dc4679155fc149e5c766f70c0c8
SHA512 0da232dcff7cabfe2863b0894f8a801ae97bf1982f3ed449937119eb7581c5988c32ec7902aa34bddecc92ea5a6f02ff9b9ea637c38fb9d70ec70f87418d75d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9fbd507a6cc8f67b1befd4561e83caef
SHA1 4b6249e52d9efa80fa3df8e972d8329cf78eeb10
SHA256 4be3e08155387547a3014b1036c881c8968b28c2027e09ae160a4765a98ee8d8
SHA512 4c09a1ce5ee28c82d418674be7db033de73dc27fa0f1bfb3ba58e6d340b5a15fcf5671f91c9efbdee42bb1bf49f0f5b798e570cd28fb4660236957f0a27aaca9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f8a3db1f371a897dd5abe7cd22821770
SHA1 62b671bfc2d8191a5cf285f74e6d4ebf98139a84
SHA256 7925f3558844d3ce54dde6f7615f670515cfb9cc665b7aea6ea2864a13e7626d
SHA512 e0269660fe1c878a51ac366d3377a6de04198db3bab3a6497a504a9386aa71e55240356eb5cfe46013bc9a1d4da2bf1505c7c5a08a50aa8e5a47d12be651176d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 def9933d5b998eade3c717b7e041236a
SHA1 885b917bf2179b2792d042ca4d5109391b3f0ca9
SHA256 2c498f2ad9029f8cc99b46f628354e182192cb3fdec4c2c173f547fcf4e4f051
SHA512 f9a8cd82cb8142ab1c0a161d6340e1890979138f126b1c3434c4a5d2a09742993bf78c75f090bbf6ccca12ff522101b6517a01aa84204612268ec07658eb6848

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 681365f22aaa1f0c34507031b3a9493f
SHA1 047062e724b9e262ce2158ee5e078c3d8134c9df
SHA256 8d677b0affe1604f349a908b72ea2e1281e844a3919ee1179b457a2b717bc326
SHA512 5d761a4547e5bce7a5b9928a0517d7cff6a869621276cba589b37d9f58275bc85c8ff1a7b10e5a3f389a8576d30d6d52c4b8b0d11107f60e390bb40fb5f34196

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a593d5dc49b9241a2a72d82024ee669b
SHA1 5d439a4a30d40be338f826b0f08c02cfd56b318e
SHA256 462aadcaa09fed81a222fddf6893912090f5b1a7e2f7cfbd1c4b66c8112789cc
SHA512 1a98d2f78ea8a1d2b8a48d24c718de67b9179850272a0b1cbcc46818cf37f869b1a75e055acec9e6b29bf251e4f2c77cd1d530a7a30b1e3c6da2c765b7146ef6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f91004bae9986a937c41b789238d5732
SHA1 a2d34494ce09037e0bcdb0048015f80d0c9c0057
SHA256 adc647497457a0be2cc1ed9a982091d96edcf8dd9a5ae647c13d0de8c7c96ef1
SHA512 a25c4a6d6b2d0ec5207c2124b799fa75f7c0a69b60fa4b97c03a72fbfcc2d77b07c32a37d0c6d77333b90eb489ed22a6a113b6bc9a8c583e11192b07203c1575

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fae22fba80091136880186f77de46929
SHA1 b58f72adbf2640e741d45ffb9a2a8300b7527a30
SHA256 b74b1abc66b9ef3a847c639cba62ec54ce58b9e3cebdaec077b1ac73eb297c4b
SHA512 4ab2342781f4755ddcabb5cdd3618bd69a69f2992b588e18bd2d72abec0cd45dfde703715f644e1d7ffda03f36d24f3f1c4a276090ae10bfc517554dc84c7ae8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f36fa75848015f3b9c050860139ee66
SHA1 3f746883ca7ea4d376c3580db366a66483dddcc0
SHA256 84e7f6b73cab1587d79b7334dde2bd995890fcef41c3febc651c30bb25a35bf5
SHA512 7374689ec2a273c1147facd01a829b35ed4683d65987f1a139f0a0131a4782235d5ca144924a12d6a8f4ae2a451d8aa801cd275a41e6cef7531f4416085f96e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 426138e81b7ef0f4be5bafcfcba6a00a
SHA1 49a7867eda5968c025d78f67230cee7184e01ab3
SHA256 0f47010684f338e59c9f6bbc5557616ef5c8db1024b977be2c65ab990e27a6df
SHA512 83d23b468f6d9bdf6bc44619f0500413cfac6fd5d4b2d81830b0c15b89b64615062c348f685053645b06a599a3adc53eb480455969efc3da9ff3e1620ac15831

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9c3cc18eccc6bb9f54ed497b1c8beec0
SHA1 ed3ba4b3dbaa84f75bfe320bb2915d055d5faa86
SHA256 584c9b79db1b8560fe473a8f5797c776e897b2a8d74106e514a1e1e01715ab0a
SHA512 ec45086df01aa5ca63788fc3f0dd67dc431a702c01699617012d9c3ac2b4d119d7957170950ee462accb89249c08a283d5a03629f236af452027499191b5ba77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3aad11d3f4d536fc21563a89bc3c948a
SHA1 7a870801694bf1482e9260abe7fafc813f8481bc
SHA256 17fa3e95e82510537a886fdad9a67eeee2078de37df6ada28167c3cfd2052ea7
SHA512 cbf37cc751bb77fc143efbff543a5306c5cbab2a9a20f83cc2c246fbd537c51def4ff443eaa0a00781ef386e3cd5434a4f6a6025e42056b12d8e4199dd5e34fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed37ea890a218914cfdfbe04d65ce63b
SHA1 9e6723ccf581aaddc7758bcded49107d8f3c63eb
SHA256 7cf0fbac31690363d0b54e1e415dfdf114b1c43bb3ec4c47c1971535d9daca5e
SHA512 36411b75564682c9883f0bae0f9b16d7a6db40a04b9384167dc091a270250ec0133c39c5c2ef98d0140038d75094dce1ac1dd3f299569e6705d4ee77eabd3515

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55098939f1c666e6cb2caf79818e094c
SHA1 94547efd67028616e22bcacb145878c98e8e9d35
SHA256 80cda227b3e9c01973c29cea4aec1cfbc135e7982faf16669c844165eb1f957c
SHA512 700f816681bd69b1f692ff104074188d777bbcca4c53736772bc06d5defff854a2c4661aa281c56effa8d88fede9531f7a0b46ea54d36c22bb41606c5b436485

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d5ee19950242c18d85cd24ab32bfdd88
SHA1 17493f70e294de89b88e65d0cf4a90f4926914c9
SHA256 f52479f3ef2e1b2543fe39c114b3873274b95e4e23d46592f238364464413cad
SHA512 4845a3dfc57389881bad132e6f4292a9746056c2f88c714a9b32f837d175eee9c2587d4d5e42253b651dbb0159ed2a6545b817ee3b1937f1ac1f2543d704eec2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 36b9ead5ec0f9efbf92a41944117c958
SHA1 8438235131a4cacfad36ed5db22e629478165600
SHA256 43af85762b6dc3e3de4bf2f6e942f26285c740e39fc6be12274806cea4c8ca91
SHA512 59635efb6b0825d951ad6bbb628bb05c17793d6e22929731470b44a07883e5d7e0cc4ee8b22f98e21d7752898841405a4f3731580aa821208745568f2e79d016

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e084fabe432a55340c66f69f82be4c3
SHA1 18b9db4df9ee797cc12f4164cf5f396932da3776
SHA256 0f24b31a3810de16fb6272a51c5df519e410a44354d5dde7c987a71f40763ddc
SHA512 e3a32b567bd7e696288051db5e1de45c3d74f891094466984ee8bae46dfe8bcb75a9d495c48218dde0c821132e20337c0e9b2bae91ae9c50d07d16eb82390c33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e8968c14aab9859af15489158cff9f46
SHA1 f48162a6da67ecbc6f095374db4669b6e10474e9
SHA256 73fe3c1a82dc485f5831b9b9115ba2fdc1b9854fbcc25e2d56aaac4c29bcc720
SHA512 246a21a9d7d6b96e9284ab526b2402963963a99cfe3b6c55ff2b322394b8fdcb59d328227556f609bdf6cfe619122487242bcfb58c018c108ce3cdf650813c9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 387967f219d711d31d8eb610b2a89f4b
SHA1 095ab8a870d38999fef22f2121cc01ca1f54e6a9
SHA256 4cc2a9286308f411dc997817f4067135b29a83320f1201e87907d292f6430341
SHA512 4d4ae0f3004217c472ac43443e189c70a8807f781cb8eeded0cbeba099b018ed180340afd26bd338ebd691d3d667851dd6c15d34ec2945a8d8785710846b7641

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7db20c7211ed3fe68539f1b9b1556f87
SHA1 5b0e7699843afbd07b054345cefb7fd4d96afd82
SHA256 2ac46abaa4c061c1e833275a47dead49be7765c349264458b20318b1f4cafedf
SHA512 37232e932d652df6608c6ecc5a950b2ebdc8b4fb2a0605679bd3750d60478f2d800046dbbed8334f42dc54c04a662beea1a9a231c106a085e8ab25a027b916d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d04ba4357ed00d990cb4d0dea59ca2b6
SHA1 9e06a3f2a80c2e66f1940019bca7639924e45a92
SHA256 e05b3195cb2e04339d4947cad3604a367a7dd25d72f5bfcc2570e634a20b21cd
SHA512 6adc9672d64579e3bcff1d13af1490c3873315c1a33e7e983b8351e7277f03b2c5b9472ace4148d491069ef2061993e397d0393321e44ac2db63191601b97cfa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e08bbe7ff829c37b045117b8d9cd2ba
SHA1 3407e4b45c89d109c210cf4af3cfc9776ea03a7a
SHA256 adb6bdf88becfe841fdb00d2194272734dcc98a260df966882f3fb2199048ce6
SHA512 d05daba9b5b196686a192ce26185fd139c6d56168f156419410a41890cea424d41b34505dabab53ab9e0500783d8c2f2c68e748528cee5a2b0fdf0a2eea9dcb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f30573633a9931482f4fd51631d3f34
SHA1 dbc04d766f12a9c11b5e5b18215090fa91330bef
SHA256 b589fb30a4c51be18ebca015fcc4bde424dc4a47dda73ca534a831662d170909
SHA512 5d0b2a1973cd6eb35747ea43ebb3e4833f939b65fb26fc496ef18910696fa6a01452843b0475a151635513cb0fab4f34ac442724e964c02177a5c2617ff92f80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 08dd8ecacbe8db7fba7680ac02db0fd8
SHA1 c4879d58e994db425d35eca806c462c10289cb73
SHA256 0127a4d2477ef4eeb7ef2e04bfe3c2c7aeec5313abee05888366d880dbbf6794
SHA512 b4bca206fadc8b09518ebc7d4010ca4e8258eebbc9debd1cfb6fb2143b5cda2e45c8ad813877f48cd758f97127e19efbd9b37bc2ed9ee11869d131fb5de2b858

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d82c52b2b1f876245483a49aa2f06aa3
SHA1 285b1ac4d2a81cd40fc5da84d0a4c9ac2b805ead
SHA256 6ca1f089a1977f54a3515c059bd9605e74ce9792c21a56e749f5fe7edbc31d21
SHA512 dee24f98d882cb3d7ed3499f73938cbc1250bf359e373d75748b6b5bf81013df2a9bf6f95d38be71f2689ba98e3d6a33a1fa63b142e19b4d660b020c6775fa75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1958ad6606386fe2e89358a201bdd8d6
SHA1 bc385bbbf85a0156d0215eb618afcd9a81d4865f
SHA256 565303b51a3407ef131d6c85d2aebb8c5e3c5464c407b1879d0cfea05375a406
SHA512 0a0b0bf1806ef54dfb1854e18b394f9ab445d6d0e39bff02609bad4ceaea95e67618efd55cdd637b85c70124cf538d03313c069a2ac437786391745bcd07b286

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2a6f1c97b97946834c68474532f7f4c3
SHA1 649859252bc41d9e132b60ad973474110cc6d559
SHA256 5ed9ced954ccf4c33305c51a98fef2cf47f3eb7df0814d0edcb7dd4aaac903a9
SHA512 47297abba8cd54541b3fb66119dbaab36a89e6b83f79e1931a99bb36ae5148727c934e65cf3410c10e71b41d83ad2ed0a9c53e26b858c0abb9a94ca79a11b6fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6a8552ac07a5acdf21203c72232f3a26
SHA1 19250226077b1eb5f7e224b0a246a1c9675e4b58
SHA256 cea10784f90903cc9f8afc0df758f5f058997a83d6ace908dad112eb6369a2e8
SHA512 b24b2a5b4d7fe2c3770e29f09853e2057bbf527523fecc7dbfe89bc57754e36bb38d0717106874cbd9673a5fd69675bed0246f1c6b2860651a6c48da2583ac38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1e9279b97306f47e4fccbbdf1606117
SHA1 ee8fe2c782b1ba3d3ccc37a98897c9c9dd0a9420
SHA256 a27c960625d63da9d15e108ce630b3bc549473bcbb21203e32c49c791f1530db
SHA512 2daa6c2481a8c1d2b189791cba397176b20cdb7efae5c48c1c991e1ff9de2c110e63fbca028b22f27599af4fe5a011dec425a62ace988f5e4c54700a9e8faace

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6772c1de5df0c1ec822105343e0f84fc
SHA1 b411eb2598a22e257d472128ae9ea5406e1dc3b2
SHA256 d935a00fc9702cae92a8b3d4f5e0dc0acbf63064148112eb6e3dda0d16a3e224
SHA512 7361e2f2f35224002203f6f1a275680b472c7bdeacbae51068f90bcd21689b08b4d9f7718ea357ba5b26b300948349d6d4d32fc8c1d01b5ce9f1fa55a3dbdd73

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef6ad00ff2553f59d38e77768754b51c
SHA1 9d6776f282b392a1f3880cfe7dcb4db509c52e51
SHA256 be342f4e757ad897b15802048418842ca55c6299a9c2ab44d230a70664b70916
SHA512 7092169cd2695f30157852d0e4cda2d72be898efc952f7128c21e243f8281fcbcd0013c9a289c796e08f9a22dd6bbf8639819b36a13c0d4c3cec6acfcbaffc86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b3c353cc45ebe48b9f2ee6240f4b5816
SHA1 61e382eba97d4d30f5ead50984d22f119dcaf188
SHA256 2b16c3b694aecb684e422b200c9b91a0527aba94c10ec42b6307a950fb45a99d
SHA512 0fb8787b42f0419fc9c71cbedd2f03912a7daf952af738a0358caa16b944d047f9329685a8e4a872f878f9bd825531fed6f35452602cf96e8ead9871086fc7f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1705f2bb70e4e5afb37aedf6b508bc98
SHA1 80a5edc8a10f4d973b474a2b451821a0a06ddffc
SHA256 218afbec242b24fa8248a89d3dabfe91e42ba34676e039c77e5b8dbceb395032
SHA512 3d8513a16e661c1b98417eed1b4806892d9fd278a2d8765bc017ad66e80d449066737dcbaf2e95e013d6ca0382df6881c5dba632e9c4c7ff11a71bda79e8bf22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b89cd34b4b14a4d5e4b31b10cd45711c
SHA1 1267558fea6832a641035d99ad3f40277c0dd710
SHA256 f92bb4ddc3256727236acfa69d016976d88406940cbe89cd88858afb48d7952f
SHA512 a969a4db9ffc02f3188ec1f96ce7bda052750daa03444fbafdf954ad5016cf22cc3a0418af42b73dff6b9ae62d31fd3407998642126e043ee2094137e4ea8f49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3b9c315664324ef3506b6224a8746e44
SHA1 a8e5145de1cd95faff7f6bcd4650c4c2e8e34688
SHA256 d5d0107f2fd83bba7c972464a57d4bbd4a960631274f8fde81c9059c0114e764
SHA512 47ba84693c8e44708ffe23f81327655116cf13fd5850e99cad5c7d74221e6e9e1596a6fd29e9b077fb2a523c48ab55525bae7b5ad2ff8bc43b620cb6af12dc79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b0e91d680c128d66513c114a0653ea6
SHA1 583f23767c9a481bd76dd1050fff4d42d3a43e30
SHA256 42e14200d0bd1d458b70484e9273dbc7bdbe6d8a4ceee85c64712167a9f333f5
SHA512 79914a4bc87b48609b2dbbcba3c6d52f50ba3988889713b3b45f9a09260aaabac294d70f5f8396a2f1224ffcb3e1dafd7e96313313097ad22e88045fa3c45f83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c0e90da0622ee0491957c9cc50ccb009
SHA1 cde1e65375d583b4bda9310381f86167ef67df6a
SHA256 d7bfbc7058c017228ccf13a69ad660fd94257aa77a3e7fee5897ca41feae061d
SHA512 698fd66a5b5c133d2e7856f0448541f27861e9941205781ff3ab0048655b8d7ea89558ff3339ee39d29c51954b9b5cd7d67a18a650bea3af9618646679bd90c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4facad0752faf0f0f2f0687b788e1b89
SHA1 4a9890e43348d7c93e508cb9d2a6b874aaebcdc0
SHA256 b03d5acc989177b51fca933b0cd033f40589e242fba39095934f9a089793a306
SHA512 599f901b770fcbc439de80dc715c24e581931040aa59b9a3e741d9b7eb4636fdd466907b5abead24dfde99b2f2d7e45f1886cbdb72d84f414e1394b04bf72ffd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 25fb4d11cbf1e68bc84c68603d551237
SHA1 3b8974f1879bdc807e958ba2c0bb8b14a7d7764f
SHA256 2d3f53f960fce7694535f855291164bfe21af2882f3b81e530ca5e28dd163d4c
SHA512 0e62ef39a451b709d45a086d89b5e29cda3b36beefd494950b5785803505c1388d55b899337fd83799a3dca5f5cfac8c03c4f6e7525b5ba9c132e9dae78a6308

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 37ac453a519f5fd4a8cc982471909560
SHA1 277c80f18215521837355dc90b5d1cec03696406
SHA256 9f79bbfeef6d8ed8bcd36fbbdc27e93003841c6ec31388491df6e7c6e49ac8b3
SHA512 c11525bd97bf91b53de9a55400f093a04ab091b4d02c0c5004847ed0cd9a346b0869d3ac77107e5a6cd5247623d81e7c5fc81b5a8a7894bf48ce8c61e2018ae9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ba17f267387f99e948522ac055320b08
SHA1 f4ae1e7e14fb16bf89bd9c2cbbd073cdd7e6975e
SHA256 3d18a8828f1b49397e70b3377e3a1c530ccffb643f7cc4a36a943329e4fb997a
SHA512 05595c5434386125d9aec4467d6d890d4826abad64d3ad4b84d4c05f61d2be18ab6686fbb129d12d139a11305aad0cddf68897aaac9897169c76fafc6253bb8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fd2f1ca129a7596cd8488a014bcb4aa2
SHA1 5cf20045fa2493ab52c5d3e22c66cccce3a9a091
SHA256 36270a7213ac3e43d9f3d2759eb21d12d0ee579299e4680e7dedfc069ae0798b
SHA512 844ec186ca8199c5fc200729be40349cc34f4ad99efae11601f8d6de4640427136724e6628213fa30a2b4359d59814f6f5bec52aea18891160d2de23287db97a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 709d1dabd8cf08dd72109a9a40ec7921
SHA1 2bdc0f9e95b62c79e1a0e2fc3fb79106074c3b64
SHA256 064263655a9b2ec5120fba38cbeef2c51486b26e3ac602a53f0c704e2dedbb3a
SHA512 66609ba8f45757eb846ba3a3c5f61a427e1946cb98221891b81a2fe7528aac1eecb80f697f373bf0151fb76f6a948378dad12f51a1c0e9524f341a1bf8e8d603

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f6e002b493d0acb92857ef98b8e191f4
SHA1 83847d4f814a28b032ef3f0fffeba056592a4faa
SHA256 8c08e04d9a3b812b92b0f9e940f0268d077880e2ff8c87d25d60eeb48f178b3f
SHA512 81e0e0967b6d93546f6c29a6cf4d56d6e4e772f53b4bf0d4500ff4ee1d12b7a1e9e4bcdc052d059bca60d8db71b40a414bedd97f201a959ad797c3d09c2c4a68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 563cc00cfd9b08aed718606eaf7dfb2c
SHA1 2cdb352e3b76e0373c9ff81bc9f2c37701cbe002
SHA256 b9214f5ff49ebd99ee6af93b87657ade87613b95c134209ba6bac0e9b923c133
SHA512 47ede4e4d54f327ed0a6186fedbebd8a9331917218b9926329b431551b63d17c7e535efa1d4458d502b5095abe19aabc99ce4d2620edc3e915dc2f76cee47936

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0188fb208dc92e3b9d69a3503c9a0c6b
SHA1 e0cf795f72ac0afd24027ec08a492fb5db1c2349
SHA256 090a1ac076063afc584a43f548410baaccf16f577e2d4e46a13e6e44edb63491
SHA512 d341ac37e8e86999672ce52f260d3081684fd1e130d341f60c3289c3855f6190efa53542fd3a8c54158a5588d26175d178ebae3263d8c1be3c851a58440e739e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d1bd352efb9b929375c92e38c9dd5f04
SHA1 61c6a9e9fb5daa30fde55b59bf073f0e81c68db9
SHA256 714866a807c9ff07a54ac3ae934a0f5e351cd63ad5d539bf9ee767f537fb8bc8
SHA512 2509f6be60f4292cd8e76f1140c9210b219a1e8db9718769225975bb6abff54777dada73370a331e6f9aacdd73002394fc7bfa48e4b5abdd4579a7cccef7c870

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7fb6448a5ea89378e094afce6df92dd9
SHA1 6e972a9ea04394d0978678cd70a2743de448c9fc
SHA256 42b0025cf8efb446de75f9a874924693bf8d57a87f2bba18cd513a1f6a7a988a
SHA512 31fb47e1ace80a7073eb49b77cdc39f9b4ccc0b1dd0882fb3231f1588c3432e8cb9f7d5ae980ecc6aefed8b1d47472c50c863d27ac7cbd2694706d0e5e2eec2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 871fbc10f917ef9b901ae85546c3a5ce
SHA1 b62bca8ebfd096e8c81fc1c9deca034020bfb79b
SHA256 cafb68df48368b2c2ffce3647b7f615462e822c052a752809970d4ce0469a6b9
SHA512 7db1a557d2e77c192bedcb9dba5aa62bcbdca91f2d967af3d538fce45c06b965e75ad85da45bc02262cc97eb1e853aefa90cc912723b38422d125143d7c3f148

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 973784bbcd9bbdcad3ac292c293e0846
SHA1 f61c6fcbc0c5960b8df29ff5062c2949b43dc978
SHA256 5c21dddaf3615fb2fe251bb3c676ef2bda015397514d0e1de7020b154f0bc881
SHA512 30a2cf0d5bfc283eaae12534366bb9a9bceb3304c8aa98d580912aae5045ac0dffb253924b406b19d6dc061846a9b3e5cb30981275b7526156d70aabaf5dd1d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7575a0e562a9e66d15a7e6d6143c5f2d
SHA1 f3ce47b8c8a46f2df1de0d2c5abc9fad4748efe4
SHA256 1ab58a59114203eaaa6b4593b8e228ed3adfb7f651838bfa1fd4594edf334b2b
SHA512 6d2aa6364a570632973440499519bdae766c08ebd118981efeeef04d73f60b961b6b779c8e10b63385a26a84341d5343e0f2a24d3b5a917f892003f122b32504

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0aaab3f31c4993c3d08b586091da319c
SHA1 853f0e4fb6b029c82d4c004dc5eee7732f5a7808
SHA256 38e14dd7ffc54a2cb281f0c6407f7e99289dbb329393d715cca1ef302d6996e1
SHA512 f206aebee809593d600d00190c47671ee923756dec6a7fbdfc3fa965f053a0a5477a857a90c6b9235bf93337852fe341ce652901257a4f49b62fa140598e8a55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3d2e25025039e614e828094af3bd348
SHA1 e871c91849898ffdfdb038e0588912e7ee5be0e7
SHA256 6bcca660a4701c386e5f26279f205be46e257c3685552e95237314877da805d7
SHA512 086940491af91ffb33997fdc155d7d2eb64db3be8f65744987b3e52af44f7bb300dfd3fbd18216308a5e4a0581df53a2acb3e3095736ef89eb2ef5b04f18880f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 35fb18857aaff4d89db18b749ad98135
SHA1 e6eecfb41d851580584cf0dfa20fd9601564e64b
SHA256 8ef45b5b2e3b9538a2668585974007a5af4511cf14d4060d64eb221479bbd05b
SHA512 b3fba54d22380d2d13b30d457770bbc36ff2ed14f69a5310b6bd4a87a7d731721f1c5e84d5b1f75999442bd1a55debb15e19cde17f1e4a4eea31937c78b7b059

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 86d3df5a737baec77a22be78322e3044
SHA1 dbbc74d0912e5f52da70d7c812947e1b1a4029b4
SHA256 a321be94bf71f9663934377337175343d26db0efa860e6ad1065e604a6437060
SHA512 dcfac1e424ff66cb741072dac6caf5cb7e450068b78bcfdba668a9740d3904366fd690ad8ba295a9dcb50f053f0bbb2e445df88f825cf7fb8762d8f52355f462

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 99238e922eda5d7f1c95a1f14dbc2373
SHA1 0d8b21e6a6699bb291c6bbb7357a51977f70033d
SHA256 5a0027224300d7ce46ec5a8c6a3bff5af3fad592bffc1448f1b3dacfa9b4699b
SHA512 f8ab71d8be91e36bc883a01c4d60cd3e735981f4969227272567875766f2de007ac79c0856432a68a0ce07f48cef89da12f4dbc7e4b3329bcfab93a77d729404

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ac013f9ba9a8dc3f511bbe7297dd625e
SHA1 bcc29aab3b7a7852914dbd1e53e27f611252fffe
SHA256 5b0ae19b2370e6d8b8ff8675cb610f7fbb073cf18fa7a341145c6494ef29a118
SHA512 70315819878f1f790a5972cb1c1e98997bf0cfb6dea02257a67cd506495297c2aa2b72f873a00071f43a3faddfb268df827e27f465afc488ebed77c350487327

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 41092929418486948dc7ef06bf3fee6b
SHA1 7043d67a22bafddfe74166824d37e91bb16bb556
SHA256 7d4d9963d76e437827cf7d3beb1ad3b5ed50fe4b708f319d5d7229eb36788496
SHA512 d4b4cf90898335854efba0714abba981a897208eb747d16b9b1e95b3696945b3ce41cec6872014eb19ad2a4803304baa65edc2fa2bf1b358c4c95839dd0b19be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 99d3a60ca5f440603675a9f9fa81f82a
SHA1 bb5342784bd5ef1591550aca944feb91cccee962
SHA256 fa7ee5948dabeb26e9c5dc14b3cacba8897e5cf1309bcfad6c5e20ce8a899353
SHA512 5c70352bb14868e932febf272b5f9034d80eabc6cebd01726da6f5dec7f8e2ee74768ab357b2c5ebf3d4e07be7fbdb29777d33f71bc7565ba99d4e33c2c42189

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 963006a15ae2939af273d42b09cd33c8
SHA1 3ce4e77e0b2a9e44963de2607947fb61c78080bb
SHA256 70ad7f00a8da4bff156133cebcc2dc110619c1e0f2f5fe482ee61097c9552f03
SHA512 f9c93b91f23b5178c2799f73641d9ef7274e38657193ef017502794e1f1d0e565e23c1c813badfb7e49f089b263c314ba8ddb232e40ed53127c62e96e586c3ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f7e70a61b74ca244d72d022c29a789cd
SHA1 e955d19a79ef7e06be40551b2324a946e287fe34
SHA256 453663076a3faaf0acbaade530ba3e7045b9809388e63efe36af68cd56d968d9
SHA512 04f4d1a45fcc0dfdd7d31cdc5a80133d9e12887955b1e2e96f84274401dae77c90d79422da637c30f0d34534ed2c77998c7a194ada9a0aa05b476c702d5c5f24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c7e0c39b102bf862da605a25aa5707f
SHA1 cd3187e9463bea69ea42ed0a3f4dc3121720e1c3
SHA256 21fa1f360a33867f1a402309377d0384594c421120b39311bfcb3594e759cfb4
SHA512 ab265987c5757ed0377a47584103f3fa64205c15e39563148bf618a06322b033b8375eb33b86a33ed7f1e6bf8d6ec4c6a589ab5f3d9da6dba9c12bc79e45b653

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16b3f7b12cfaa84666f42ec92f76b449
SHA1 cc44c25cf1b9a483fa6dab69c3dd33e50f176a32
SHA256 1fb1bcb9e21d7dfa64a22048cf3fa7efd2090514cd147b25d2902f652af8b886
SHA512 29745b7760b49f6f5a570713e5d20296bdf80b2d5903718ebd49ac13db4cea45a554bd7e58bc586d7c81164603b8439e158bc23f387a862bfea460a953dd7c3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a1d37be9fc19ab3d9f4b317b0121f12
SHA1 410e36518d693ccdbf5d177ba6914df4bef86035
SHA256 aa75701983d135e9e28238d34a49ca2a2b0f4d00619aea852a064f4e9330c248
SHA512 1959b64e4616265cbd71f43eeaf8965c40197a351ff21ba54a13cf6a8d28bed7b7a88776375a8974df484f57fc8d0ff446fe4abe927631c70dab9fa3130cd996

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dcf273acc0d4b53eca4f283a4d4cbf65
SHA1 dc55ba7be8b506b646a521a90060f0d08a6a96c8
SHA256 e0f8d261843775525b7daa498f3ebdde43813057aa4b68d2d859139ff691f10b
SHA512 7380e391b404b975cbcbaff351af843773071610f8603eb2d66bc798b7feb2727489cffe6aa7dcb8e59cc5ba45619d8f7445052dcef6a770b361c54444dfc794

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b5b1b0a76159b1fd29087c2b80381711
SHA1 9ae7a151ebfa15a50ae94f26a97f59e593b5ec96
SHA256 a218cec4bf6c962314950a69ef0708463b8117802efa7899468964b0c507ee44
SHA512 dabfe0c111319ff6a43014dd941b2742d9a63bb3494220f5d830e3b37174f509b854da3199d832bda20dcc67467d3452b2d5fc0709bd9438a6a2ec2af5715b86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a6a14ec4c997cc0a0db7a2cc478ccc37
SHA1 4a431db02dc78d40eaa0a116be3ecaa0a9e41227
SHA256 9f63c1c1fb998def96b4b2ed7be0e1557b03294d8eeff43f1ecb4c3800d975d3
SHA512 e9be95e1450932326b4a22fb22c6f6d58d5a57f361d1b4a76ed0fbf54277389261c0cab7cffb73dd9dbd7764d05ad7ccc6ca9c1cba394b4499660e9c1d73ec48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a7456c1a5ac7b8f5d321a6bf0985084
SHA1 744e6f1b8541a44a70da3a822d5ce86480d0f476
SHA256 785b10ddc8133be5b30efa3fcd8cba616481d3dedee1b72b4e3f6d9abcd0a151
SHA512 a77913fd51ce650f0eb195ec4e051f90ecf5b5f9f4878c19dbde358566ae1de503b8f5d3e6ff53f4bde5ab826412df16cca029095b4805722bc3a30984366ad4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73c9f7f8c311755a2617f75f1f4b3893
SHA1 2a4cf7e8e8449685dbd07b1ceef4688275f78ebe
SHA256 78ab0b9c9edd7b9e6d1bbb567fbc381c567ac1e74ae646c65943c0003c4debf1
SHA512 493a4ca80a896ec6425eba59cae36ed3c0f267a85f75ce816cbc45985e7c029243f02e1839bdfa352015c7bcb7e982c8e1e36d4688a68b2343bb5a35cf70f867

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 23ec5ba90bfe73296fe8d2315929cf05
SHA1 a36974df0f3d0af0ab0f59c98376363b043d66f4
SHA256 feaf80a2ffb26033389a5884c1fa7da08afd890d3c9ba4d693083b42c56f19c0
SHA512 e2485b0125f27872a64d8e7d19da4751db90562266ada9aee251d80998a8c29a397af543801c673ec45be110c239e7c5da9469d4ccae082d13a131ace5623e35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 daa7cce3ff76db99052fb593dc4b0046
SHA1 350a0383e1d957576b50bf3638b76ae9b7e53b57
SHA256 a84f2ec1ec05204479ea467dd3e0436904b660b499069e52e763dfee976c9b97
SHA512 ff55ade22dcb464a9f6865af06cad0925883b6646c474c2e73928f145e45168cb21926093c025b0933c939aa7f6a5b5c4b32e1537826a48b97c53de410f45461

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 98997a2902ec0060d7cbf9ffd3b7504b
SHA1 cc696eb0025b41320b338838525821a8558e2642
SHA256 12a677cd6472020498b9c5b382f23be2cd4258ae0e7d2e054d31c71a66a4f926
SHA512 809a728e66659a091d9815838a64a817bf74ecec4b0c65a32bb1ecc0cb3642463494fc85fb197dee34be2d62c936f1f0415df7e9d1011c4fb6d39fab2eace563

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 92da35bad3ab89bcc7f54118367f2701
SHA1 e101f09cb7555298198b338a05e62ea816dca1a2
SHA256 9216518060936db700f0b2b18ce601b773fae35e12965214b6b5b4501f463f21
SHA512 da54e52fbe9b32835a956a6b9c41da7d86920991c7b22f444984b12d0a6f17a8cc65d046bb8369e5a03c3b171294bc6c9aa99be23dfb6781421562ad745e8e87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a57bf735a5f02e46f1838bd3ed54d12
SHA1 6f73c2673b8be51253bf17f964e37769238a5c9a
SHA256 5631e256e6dd1e357e2eb1b8a6f312918b53392b664447de16835422c49b6ec2
SHA512 8267f8863e1ba0aba82bc8bb1e144cfcca9ac61b7165ac425aa399e9a24fc9fbeb7d6e7674f8c33078828a2358819be24b713fdd1b3c0083076e6d659e0f7034

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eac41b1938c2ed960af0528588b33660
SHA1 773306263d1f3242d057d8fdb30acd3c54ed743f
SHA256 d4e3a4bd0bd03dbe773559b612f651de2858b9884ac27fc48cfa1fb326f459a4
SHA512 0dfaaa0680ad198fad7b406a5cf024ec71a5b8948206a6041c5b0b27ac696efa282f50ce1a75d0bde4ef3d5f491de7be4a9fc7a25ee5c3510f59799ddd7e3c03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ec85c533dad3659a5c66ede48dd87ddf
SHA1 0d0c0ac7ec08743f39b79598dfb439d7b0d66940
SHA256 a851e62cec0a41ae2bc2ed3ad3c9257aa0ba55507d844c08b4288335754d5714
SHA512 a5057db2af63574a4150854aa3e1a4e6d39eeb9cae54745fc8a27f5198c48d476b226ec7d0adaf741d03fb4ed4ea28ec0a101d273626c8b9288f6967db31d6f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 84b087afb1d9f0232f758798f408495b
SHA1 51b7b190529784351d23bea9b024ede09ce0059b
SHA256 959db227649b54dd71f6943b3707fca2ed3ea3c0c52f42f90c57d7fb57ab7a81
SHA512 a1aadf1c2ce154b1843ef60abba9e3277620a9b24b50f3eb8fa9a4092a1d1cd3d7ca81cc91b184a1df767b92ccfa12b5b240a6c17257ad24d0d7dfb7ac7cc433

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 15b61d376b9ffeb548354a9405ac9558
SHA1 46d65dc8e87351a1d683e928dbd4dedca218782f
SHA256 8ec396c9adeb2ae799766bd91a7de5b981e3ed43712adc72b1ed223ae3fb5198
SHA512 0403d9167749e853d38d1d08701d98785e0ee6fd56b23b9ee334ce4db30b8001463045887b4d169f7ce3e09bdb91d5bc573a2cce35c4777e554c071b0efb34bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b2b35ead7bce8c7c6aa73617ddbbb78e
SHA1 de9f84aa6a2ebde10356525148fa91b3ca4e3702
SHA256 df6b64770709c6d4729bde386cac03e68330b451442117d397b5fcd7bd5c7e26
SHA512 4f858e666d10d6f391a5a44132d385af614ba58cf78948fb70f41a9edf105b732ea309d1816e75b6c674ca89822534b6be6e99a93f0fe882c12e84b2b4323719

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cce9b1e427c814ed21b4b06f33d66f63
SHA1 cc8e636fd5b8e2e006427fbb340f992bcf5c4dd8
SHA256 449d94f254fc71e99a599362cabe0d7ca46ccd00d3b669170da8374124262388
SHA512 9936df8df582bb3b67f352f47800abed8267617fc717f104df7e794ae15a654ab6b7409488d566f3f7b08e8e67b02d0cbca5c94ed3f55b993ea1493121262fd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fa93f38df5c35ee36c8f061e3aa07b2c
SHA1 a8f0efc7c8ad1d3bf35baf6fea7e24c6e978527c
SHA256 6ee75e406c029dda3af872987aebe990c1b22f31f3699a2d98466b906d55c421
SHA512 44a6d8475c1267231ad4b7f421d297af20f2e13d7bf2a7a4b2ad75c1e7d3359c73f6c11a5e16f02d38be027c6db74fdbff1a806d3cb3cf5e725eac16ddb8a45f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be7f4423c04a4b59c2406e78edd2d366
SHA1 6503b105149dca2498bbb69d8a81709231fa1115
SHA256 920f4e2f54caa9a7d2d475d48fa1a8a3386ebbf384ae53e1f4daad6714c4c0f1
SHA512 a16c9de4ecdb2f4bc2330c867103bd64e90ce0ce62c829582b6cc44f73ea1fad2a1ec28ec43d855d2beacd3fb5510fae67f63f22ae30475d616be1979014dc2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cdfe298a8dfd23068152aaa3d97076e9
SHA1 7b1e4cfcbe5ae710463414ad77099843c6eafbc6
SHA256 d716aa34b665fcb3d024eb0e7a69d2ee308102e622f0c3f266774a3c8edde653
SHA512 013821b0cf666a191a514b6960236388b96c0e164259734f7f2f91bf424baa54e91e92e466f21e10280d2d2b460cb4bd62eaec0fce149d6ce9d620e4b4a9964e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1dc9b0b0927488c5f2aa12d1832ef94e
SHA1 1b65fe66487215a43be04c9999415b10dcf76e81
SHA256 4ff65c8bb9cb74f886e0fbe8b1e168ca4874421ab48af68dca1b5e754350850c
SHA512 c2b48655de9fcb445c0fafc34bf0102985061c87b49ca61df696fd4445780eb15ba610a8211b55a9103c0e711275da6c35bcc3afd0a13f47aadc2cc3c6066c5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7d199c6e6dd2f420c4e5d27e6414624a
SHA1 ffa9e4299cca59fd1454858273111e9223ea5e56
SHA256 ab5105bccf414f9ea99401facae5545dcc0bd6451e964b5ced7f5431b6e252ea
SHA512 26bc0793ad7450b8a8bcf24748c5ab0600eb79df5e7fd050ca7c0415bcfee56979ac5f2a623759422ade71a7a824a1aaf5acaaafad0cd1867d5df875e99e9d7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab50a776eed8ff05ac30c7d9b6a7985d
SHA1 4510a96bbed38b75841dabc1f65132fe98f1ab7c
SHA256 c3aa4d4797cd7192f0bc5c41f8f2830ff2c496fdc254e005cf4da211c7c9ecea
SHA512 1a96ec81d715e8bef4bdc32e6681772b5f55e190f95e3d4569d990d398b98a2195374a46e318951fa3cffacc4653dee7d0fbd5f23ca8a47ec8cb39b48fe4dce0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5417388881659914bd83a615133b2010
SHA1 4eb4d8d58761e43080778eab8bd00ca2ae58be24
SHA256 340c17922d9b65dfa64632d768e81ba8e60cf351ecd6f51848edecd0b3adae34
SHA512 dca873303c5ba16fe772142d37c21e07481c3cdc7f623043835745186e521f72ea7e9cc5c718adb9118d327a554fc4d0d51e150dc6d78ef3b056faecf1ad44d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7535829d2c4676f69ddbd1963c7e2b43
SHA1 e51067020218c0067a69dd58dbec5f441822462c
SHA256 0e746f63bc739818a70eb241519596a1f15406fc9e136148216882d20f731ec0
SHA512 52141b829d640c0993d6c8a56bbbaec63c4b9e577fb64adbb6f6e4830262e2da30af59573bba867dc8488fa9b14ca886e3429f315bbe716ac435982a88504440

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d2a8e13f98c2cde1d51ead6a0020c490
SHA1 754f0c57a26bc9c23f28b2a3659684658ca5ca9b
SHA256 67c3917db7c27b94cb7a0492e2b665a62763a108cf4cadbc71c0359045540d4a
SHA512 4fc0918d58a64009c2b8658ab4d5e7adb59fbd1e3019aba77597961a3df017e3385c80ac3f7bcb255218fd7d2ad0af13681bfd61e433abdddab4fb0449312593

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b9fa2968d0888bebfcc678235a2f0177
SHA1 bafd437e2cfcded0c04aef277b542ac2b5427a75
SHA256 062627e3a9955fb1cc7c8840cdef70c6c84cf8b87df9c37eb3ef8c14bd67732a
SHA512 9237bb56d01c829a3f02d58f2f76bd920b9dc05afa76e1b58c97668176132ec6529c927f97a96728fecc5d10f7792b2ee5d38756aa10d8a3daf4564294ef08f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 88c819cdc8a66d57f40b6f55d1d586e3
SHA1 bbb05162668dd43142ad8615cb7dd45024d5a5e0
SHA256 6ffed627b1123c59e25ffb718232ffc4ff660bf9e8f466082ab7dfebba3d557c
SHA512 c5a5d482275f0ef741bd7056637422372c8e8d97e14c63b35fd4550f0634911b23e9900b1c146559b29869d3d713d240a816ca8609d8a36acc36a667e053e48d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 009a9c1478f9c82da20881a6bd3afbe7
SHA1 aaa33e4ea2e59f095bdb54b55250de235dec6e5e
SHA256 4915b52435a16f7c1884e44ea0165b4aa0f2fe928fc76c745c7a880a1c90eecb
SHA512 66b559bd028c818979b8095d6507d9b4a869f88fde06e3a14287051e6d1d130c2d2c7b10ef0bea63056f1d62d2ab346d8560a4945a82debe3fec71278c8a3794

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 644ef7ac40c0b7f8c955aa3d1d0fcd6b
SHA1 7ae0a604cac1eb6517b45dc942f1a5b0ffa404a9
SHA256 df443f63ad411da83e11a5a8f9240957c53e58f192234437dbc0d7b4a7ea2e3f
SHA512 4a025b2eaf7fd980feaf78ea9ee5baad460332be703306e6cf4b6f1d113108dd1f91ee156a9db3a38cfa5921ddec73c362286ed187ec4f6bd462508ddc7241ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 62223c65d6f1dcbde2ca5d19a6e183b7
SHA1 457c8a6018ddc0893932bcc8bb631eab445a6337
SHA256 738ad9d42dfd780c37be906a2b9aaa0ade1a64fd5018b3d3111b858c8a2880e2
SHA512 47340200ed97a08169a2162af0be14c0fe71f3e7e5ecea927ed41b0595546fb7e7f547a4baec58e4d98527ec9d16b82adce86dd612bdeac53ecd15b2344592ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e9df4bd05656f5178c307a5f2d95e2da
SHA1 ebde24d6c1c117dcd2e24588446841c9ecc68318
SHA256 2cbb8f97f761d20f4855b1f21ed41395de7c0c094863c798e79c11248b18ec0c
SHA512 abb5f7e66c1b719291067426ccb38757ecd314e36ca10aec4ff6031403f747ab8b71476d10680bfc03ae22411fd7b8fc1312ee6451edcf455a8d8cc23c294c9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f955bc5493c7b1bb3c12b8cfbb97b441
SHA1 6f94370e59d7f36bf2e603ee3ff64bf7fbeac6f4
SHA256 b6077b1e7926f489d19866dc284e494d86ad75b651afeec1613a4178ae8119dd
SHA512 301a6fc883329e97480d061551b86ded58b52f433faef3d05f61aea1b74321c421d477049f9769c21679873a71f740606bfb08aa470ca78485597d7fb1fc5ca4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cbc29bb3534a4fe34df08fa52f1f138e
SHA1 ab1781fdb931419ad3b7bbd83672ce468d1555f6
SHA256 79a44dbb0a63300da6bb1d4443ef60fe665581b4ea83834b70eee87329d23217
SHA512 cc40a5ec78aec5014c214ed6eb3836b71e4830b55559a7c7aca6d91ab374344ba05bb9fde590570e7e14faf19957f38664be01eca377c9b4b9040093b390845c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4140215cbe763852293ffd54333cdcd4
SHA1 3f5d272ce4e70ba106c047bbeb7aeec26fd7fef7
SHA256 58a7d501d0984fd7ab3c865e771df53778425d7ee1506a03e3a7a32ed0fd5fb1
SHA512 fafa1be99d51084ac80c3470d586f8c69882de66d0d4b4cbf52f6c81a61b0510e0d6025bd6948bab784895c845ff855f0ef0a796e2969683aca568ec03a4ca69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 14f7c099110904021404fa2090aa4a28
SHA1 fa555d5449593db54d83a7f9b59a8dcadbd7ba90
SHA256 9f70bdcdbc592c59f5e3131d201ce774454974a5b730bc0a2f7b8820e84034ad
SHA512 c82f8668bf841ef1c27b40009144041fbbe6163bbee27a979a54722cefd1315f05d855f42893d43332b2a98a00fe7ba928007a59e230c663c237f03be7ba9d0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 276c6f728c36a3454138a20799817e44
SHA1 f5d64a17cc39d12a09117246f329e9dd1d674b48
SHA256 0f79379c81141064e06c72fa321b1406a34fb259429b6f27fb3918cf0fe08850
SHA512 b321f3a94280ecead87d1f23b5c76ecfe39d4ef2ae446fc72a0dd95002e9873f8328a1ee26b775b1fc1c5374b30043c951a8732287b5522e529d8ca1298b04ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 18132de3078dc00e57734a36573e1b6b
SHA1 1a6aaf0602228128d0467a3b5972a4812b0fd624
SHA256 bcbea26cf7c8327f2693e278843fe5957883be0592bfc0a1faee21de5ea69303
SHA512 9aebd22662ea244e6cd75ab41915b216c5837d3ee98ca1f91be57286d8d01919a3e6c72369e72945b0d049403eee3e7f5ed41b558df38b2d8793b70a2985fbb7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d61fcf067a57c1c09085588322e4de71
SHA1 7fe0bffa820f5f3912800dec33b45c1776e0fa3d
SHA256 ec891ed66386246966e09bc5e28eefd11702af5ebaaa8236e1b04ffca28e60e8
SHA512 3729ee8cb7ba829dcbf6e85787b40ad1a8f21581698c629c6f081a1f73be63582c5a9f3f4b800e43e87e928412a952c9e5e6e3863bd94e4111dfeca706c04143