Malware Analysis Report

2025-01-23 15:02

Sample ID 240831-rgvcgaxejm
Target https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5
Tags
discovery antivm
score
5/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
5/10

Threat Level: Likely benign

The file https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5 was found to be: Likely benign.

Malicious Activity Summary

discovery antivm

Drops file in System32 directory

Changes its process name

Drops file in Windows directory

Reads CPU attributes

Checks CPU configuration

Reads runtime system information

Browser Information Discovery

Enumerates kernel/hardware configuration

Writes file to tmp directory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Checks memory information

Checks CPU information

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-31 14:10

Signatures

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:21

Platform

win10-20240404-en

Max time kernel

1799s

Max time network

1799s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695895255052808" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2360 wrote to memory of 4136 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 4136 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 4024 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 4024 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2360 wrote to memory of 1612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffae8329758,0x7ffae8329768,0x7ffae8329778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=220 --field-trial-handle=2212,i,7704682871406900955,3506133514738145446,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=2212,i,7704682871406900955,3506133514738145446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1856 --field-trial-handle=2212,i,7704682871406900955,3506133514738145446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2956 --field-trial-handle=2212,i,7704682871406900955,3506133514738145446,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=2212,i,7704682871406900955,3506133514738145446,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 --field-trial-handle=2212,i,7704682871406900955,3506133514738145446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4456 --field-trial-handle=2212,i,7704682871406900955,3506133514738145446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 --field-trial-handle=2212,i,7704682871406900955,3506133514738145446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5240 --field-trial-handle=2212,i,7704682871406900955,3506133514738145446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4352 --field-trial-handle=2212,i,7704682871406900955,3506133514738145446,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 98.47.66.172.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 88.221.134.137:80 apps.identrust.com tcp
GB 88.221.134.137:80 apps.identrust.com tcp
US 8.8.8.8:53 190.78.22.104.in-addr.arpa udp
US 8.8.8.8:53 190.79.22.104.in-addr.arpa udp
US 8.8.8.8:53 137.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 104.193.132.51.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c0c4207145c76a7ba52d14269121455b
SHA1 1711de8168d82ac766cebc2f456b336a2438bbc5
SHA256 20f5c1ed9f5d2980527158c99e5eafc238cda7a8e4826172331d32ce25645f09
SHA512 6c8ce8f2c279adb44d8a6707f89c684f8631001b570d894f508a8048bce9fc142cdc487ceae55e5fb4175a968ba66b6f1230ee8173c8b442fe5f950028a2913b

\??\pipe\crashpad_2360_GZJKRVGFLYVYPIIX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

MD5 a090aa848870a532621b4e36fce3911d
SHA1 470618ef459ea058b175a697df9f771e413b7a9a
SHA256 5e60e2ae3d419f90b5d7996e86ea4cce1e0c1c836beedafa7de616c30c2b2206
SHA512 f6045d22a76eb54429c7d499398d3d9aadac48db3f25ab68743aa75e80044d6c2c8e3774ddc400385d2310b55652e0050b5f0ded570dfdb978223852980c67ca

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

MD5 d4ae187b4574036c2d76b6df8a8c1a30
SHA1 b06f409fa14bab33cbaf4a37811b8740b624d9e5
SHA256 a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7
SHA512 1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 41700b1e0ab80007f7df5231afc1ae5b
SHA1 041b074300de835939d14182eb123ad136ccd157
SHA256 7ae609d489a7212c71ae7bb0b900cf47f733d76b0a6fa3984bbb44ffe87817d2
SHA512 bbcebd8fbd0b174f0f985b4fb974454480f89061d4f5d78729cae954eac31b117c7260547ac34dffea9997816a3354b5ba43c7d0bf3799ed36e58037a7fd61bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3372c23513e463d397c9804ebbf4b813
SHA1 a18db2d29f76a02955547d737a64d68f9268ee58
SHA256 edcef96b51f29608070f49816f98e286bcf396d98bf08b8c90672179c3eb822c
SHA512 ac9c521a74e806f38710077aad913b45a3f6f0ba27f2c0205321e76b7de8a73b3de57707568244aa5cdf6e9feb5cab46a4a076404cbcb35422070767aaacc865

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 476d8aecd9761ab684bfae23878fc852
SHA1 035f6aeb62de21114349b1954ef3cd6becac93c3
SHA256 e9a937f1c46a75013925b3995ed8b3673a8fef975f7d0002f51591eeb4a2074d
SHA512 22d92a6c290c0b20508590c0352720fed6090c7d5bb92b42ad83be992f8594098aa7fd4fdf984417592059c603260dcddb43467e6bdfdb567b92a526fdb543d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b1d09e7744b8f1668007014c773784bc
SHA1 4a4995ecc84fef721bac6fb16a410c86def54722
SHA256 cbcd83bc63d67eed7c95a9c709c09e70f5bea1d48887f7ee40c209d8c114c5f3
SHA512 a25d2f2a4eb61e6563001e6787ad7bcd844ca159139ee25eaf93a7e6523a4abe5a18a3ebb9d28ebfe4c65f4eb987f283860458a38e03f97b56bb5853d54837a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 39152ea6a48419a93fd51154726a1d3c
SHA1 33e07ea3b524cc4ad293e8fd9f6267b004f6e1cc
SHA256 0675459073a9768cfd22b7cb2902ad38d87f67e745c0d7df3c78dfff302fe53d
SHA512 2da0f1d92abbc04d5029fd92047034328d2bf0f892942b427829f7af94ae241e271fa6e3c0ec83a7dbf063b2edf25cd31aac15e076ef648a6c6ac12191a60ab7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ef5ddcc67a18f28393ad1abca59bd655
SHA1 65ad67f5ef5bcfdd44c6a017160d04655ed0bf59
SHA256 52ade53a8e902eeb7f87fbc7ebb24abb1feb27b9f92bc12da96478cf39d1e4a7
SHA512 1f44db86e646762df579f2350509ead62dbb50ef7f0e92e6db0ae060c51d2e99ab6f5e7d478149f054275fd1ee29a49f7e1b9aaa5b7927f8ab3dde7606442a14

Analysis: behavioral7

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:27

Platform

android-33-x64-arm64-20240624-en

Max time kernel

1799s

Max time network

1808s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.201.100:443 udp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
GB 142.250.178.10:443 remoteprovisioning.googleapis.com tcp
US 1.1.1.1:53 gmscompliance-pa.googleapis.com udp
US 172.66.44.158:443 webminer.pages.dev tcp
GB 216.58.204.78:443 tcp
GB 216.58.204.78:443 tcp
US 172.66.44.158:443 webminer.pages.dev udp
US 1.1.1.1:53 accounts.google.com udp
GB 74.125.71.84:443 accounts.google.com tcp
GB 74.125.71.84:443 accounts.google.com tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
GB 142.250.180.4:443 www.google.com tcp
US 1.1.1.1:53 rcs-acs-tmo-us.jibe.google.com udp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.201.99:443 update.googleapis.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com udp
GB 216.58.201.100:443 tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp
GB 216.58.201.100:443 udp
US 1.1.1.1:53 gmscompliance-pa.googleapis.com udp
GB 142.250.187.194:443 tcp
GB 142.250.187.194:443 tcp
GB 142.250.200.38:443 tcp
GB 142.250.180.2:443 tcp
GB 142.250.187.194:443 tcp
GB 172.217.169.46:443 tcp
US 216.239.34.36:443 tcp
GB 172.217.169.42:443 gmscompliance-pa.googleapis.com tcp
GB 172.217.16.225:443 tcp
GB 142.250.179.225:443 tcp
GB 172.217.16.225:443 tcp
GB 172.217.16.225:443 tcp
GB 172.217.16.225:443 tcp
GB 172.217.16.225:443 tcp
GB 142.250.187.227:443 tcp
GB 142.250.187.227:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.4:443 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.16.228:443 www.google.com udp
GB 64.233.166.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com udp
US 162.159.61.3:443 chrome.cloudflare-dns.com udp
GB 172.217.169.67:443 update.googleapis.com tcp
GB 172.217.169.67:443 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:27

Platform

ubuntu1804-amd64-20240508-en

Max time kernel

0s

Max time network

1679s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/task/1616/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1629/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1642/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/grep

[grep -q ^file://]

/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/bin/sed

[sed s/:/ /g]

/bin/sed

[sed -e s|-|/|]

/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/x-www-browser]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/usr/bin/firefox

[firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 151.101.193.91:443 tcp
GB 195.181.164.20:443 tcp
GB 185.125.188.62:443 tcp
GB 185.125.188.61:443 tcp
US 1.1.1.1:53 ocp-ingress.fastly.gnome.org udp
US 151.101.193.91:443 tcp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
GB 89.187.167.38:443 1527653184.rsc.cdn77.org tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.17:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.48:80 connectivity-check.ubuntu.com tcp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:28

Platform

ubuntu2004-amd64-20240729-en

Max time kernel

1799s

Max time network

1799s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself glxtest:disk$0 N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-/usr/libex N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo /usr/lib/firefox/firefox N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/online /usr/bin/nautilus N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/class /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/class /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/glxtest N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd/110 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/113 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/1424/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1490/root /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/self/fd/112 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1804/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1408/status /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/task/1492/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/glxtest N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/31 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1690/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1581/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/86 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/111 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/self/task/1736/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd/30 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1591/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/96 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1737/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/35 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-afc-volume-monitor N/A
File opened for reading /proc/1576/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/105 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1784/status /usr/bin/gnome-keyring-daemon N/A
File opened for reading /proc/self/fd/97 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1792/cgroup /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/filesystems /usr/libexec/dconf-service N/A
File opened for reading /proc/self/fd/109 /usr/lib/firefox/firefox N/A
File opened for reading /proc/mounts /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/self/fd/76 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/93 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/108 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/118 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1798/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1840/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/36 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/gnome-keyring-daemon N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /proc/1816/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/1408/attr/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1735/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/gnome-keyring-daemon N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A
File opened for modification /tmp/tmpaddon /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/lib/firefox/glxtest

[/usr/lib/firefox/glxtest -f 13]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20982 -prefMapSize 234904 -appDir /usr/lib/firefox/browser {3c56aa16-3647-4bd2-ad73-ca813faaff54} 1490 true socket]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/libexec/gvfsd

[/usr/libexec/gvfsd]

/usr/libexec/gvfsd-fuse

[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]

/usr/libexec/dconf-service

[/usr/libexec/dconf-service]

/usr/bin/nautilus

[/usr/bin/nautilus --gapplication-service]

/usr/libexec/gvfsd-trash

[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 20185 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {2f745bf6-2b04-4ba0-a3df-6a1e520d1228} 1490 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 26587 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {574aa849-9786-43bc-b550-ba63a3b3fe2b} 1490 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -sandboxingKind 0 -prefsLen 27460 -prefMapSize 234904 -appDir /usr/lib/firefox/browser {038d5dfd-98ba-4b2d-be92-b51fb34ed3d0} 1490 true utility]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 25603 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {3fb837c8-fd28-475d-84b6-5f9d835ebcd9} 1490 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 25603 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {5d6e90cb-a75e-4d33-af25-369c07f841f2} 1490 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 25603 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {ca8613dd-a497-4ede-bce6-22760db65a03} 1490 true tab]

/usr/bin/gnome-keyring-daemon

[/usr/bin/gnome-keyring-daemon --start --foreground --components=secrets]

/usr/libexec/gvfs-udisks2-volume-monitor

[/usr/libexec/gvfs-udisks2-volume-monitor]

/usr/libexec/gvfs-afc-volume-monitor

[/usr/libexec/gvfs-afc-volume-monitor]

/usr/libexec/gvfs-mtp-volume-monitor

[/usr/libexec/gvfs-mtp-volume-monitor]

/usr/libexec/gvfs-gphoto2-volume-monitor

[/usr/libexec/gvfs-gphoto2-volume-monitor]

/usr/libexec/gvfs-goa-volume-monitor

[/usr/libexec/gvfs-goa-volume-monitor]

/usr/libexec/goa-daemon

[/usr/libexec/goa-daemon]

/usr/libexec/goa-identity-service

[/usr/libexec/goa-identity-service]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 172.66.44.158:443 webminer.pages.dev udp
US 35.190.72.216:443 location.services.mozilla.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.17:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 attachments.prod.remote-settings.prod.webservices.mozgcp.net tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp

Files

/tmp/tmpaddon

MD5 30082ae40dc48af6343db2fd22cfc645
SHA1 3eb577555ee638e8beb01173e8f29e172747a728
SHA256 85d4b95f9b2075daee9b0e64bce8d9d7343d0dda10e6072d7f9485a68472ee76
SHA512 53a58bfb4c8124ad4f7655b99bfdea290033a085e0796b19245b33b91c0948fdac9f0c3e817130b352493a65d9a7a0fc8a7c1eedc618cdaa2b4580734a11cd9c

Analysis: behavioral13

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:33

Platform

ubuntu2404-amd64-20240523-en

Max time kernel

0s

Max time network

1779s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself pool-spawner N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself dconf worker N/A N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/kernel/security/apparmor/features/domain /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/mount /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/namespaces /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/policy /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/query /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/signal /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/ipc /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/network_v8 /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/rlimit /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/file /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/io_uring /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/network /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/ptrace /snap/bin/firefox N/A
File opened for reading /sys/module/apparmor/parameters/enabled /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/caps /snap/bin/firefox N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /usr/lib/snapd/snap-seccomp N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/sys/kernel/seccomp/actions_avail /snap/bin/firefox N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/2564/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/2488/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2493/attr/apparmor/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/2493/status /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/mountinfo /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/2562/cgroup /snap/bin/firefox N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/2509/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/cgroups /snap/bin/firefox N/A
File opened for reading /proc/cmdline /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2577/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/self/mounts /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/sys/kernel/random/uuid /snap/bin/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/https; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/xdg-settings

[xdg-settings get default-web-browser]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/http; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/gsettings

[gsettings get org.gnome.shell favorite-apps]

/usr/bin/grep

[grep -q 'firefox.desktop']

/usr/bin/gsettings

[gsettings get com.canonical.Unity.Launcher favorites]

/usr/bin/grep

[grep -q 'application://firefox.desktop']

/usr/bin/gsettings

[gsettings get org.mate.panel object-id-list]

/usr/bin/which

[which qdbus]

/snap/bin/firefox

[/snap/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/lib/snapd/snap-seccomp

[/usr/lib/snapd/snap-seccomp version-info]

/usr/lib/snapd/snap-confine

[/usr/lib/snapd/snap-confine --base core22 snap.firefox.firefox /usr/lib/snapd/snap-exec firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 8.8.8.8:53 r10.o.lencr.org udp
US 8.8.8.8:53 r10.o.lencr.org udp
GB 88.221.135.105:80 r10.o.lencr.org tcp
GB 88.221.135.105:80 r10.o.lencr.org tcp
US 8.8.8.8:53 webminer.pages.dev udp
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozorg.moz.works udp
DE 13.32.119.185:443 www.mozilla.org tcp
US 35.190.72.216:443 location.services.mozilla.com udp
DE 13.32.119.185:443 www.mozilla.org tcp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 example.org udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 172.66.44.158:443 webminer.pages.dev udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 8.8.8.8:53 r11.o.lencr.org udp
US 8.8.8.8:53 r11.o.lencr.org udp
GB 88.221.135.113:80 r11.o.lencr.org tcp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
GB 142.250.178.3:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
US 8.8.8.8:53 img-getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 img-getpocket.cdn.mozilla.net udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
GB 88.221.135.105:80 r11.o.lencr.org tcp
GB 88.221.135.105:80 r11.o.lencr.org tcp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 normandy-cdn.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 getpocket.com udp
US 8.8.8.8:53 getpocket.com udp
US 8.8.8.8:53 www.mozorg.moz.works udp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 8.8.8.8:53 theconversation.com udp
US 8.8.8.8:53 theconversation.com udp
US 8.8.8.8:53 www.smithsonianmag.com udp
US 8.8.8.8:53 www.smithsonianmag.com udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 8.8.8.8:53 uk.hotels.com udp
US 8.8.8.8:53 uk.hotels.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 88.221.135.115:80 r11.o.lencr.org tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 www.reddit.com udp
US 8.8.8.8:53 www.reddit.com udp
US 8.8.8.8:53 www.bbc.co.uk udp
US 8.8.8.8:53 www.bbc.co.uk udp
US 8.8.8.8:53 www.ebay.co.uk udp
US 8.8.8.8:53 www.ebay.co.uk udp
US 8.8.8.8:53 reddit.map.fastly.net udp
US 8.8.8.8:53 bbc.map.fastly.net udp
US 8.8.8.8:53 e11847.a.akamaiedge.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 www.realsimple.com udp
US 8.8.8.8:53 www.realsimple.com udp
US 8.8.8.8:53 www.popsci.com udp
US 8.8.8.8:53 www.popsci.com udp
US 8.8.8.8:53 k.sni.global.fastly.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 normandy-cdn.services.mozilla.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 35.201.103.21:443 normandy.cdn.mozilla.net tcp
US 1.1.1.1:53 r11.o.lencr.org udp
US 1.1.1.1:53 r11.o.lencr.org udp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 prod-classifyclient.normandy.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 www.fastcompany.com udp
US 1.1.1.1:53 www.fastcompany.com udp
US 1.1.1.1:53 www.wired.com udp
US 1.1.1.1:53 www.wired.com udp
US 1.1.1.1:53 mansueto.map.fastly.net udp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 1.1.1.1:53 www.parents.com udp
US 1.1.1.1:53 www.parents.com udp
US 1.1.1.1:53 inews.co.uk udp
US 1.1.1.1:53 inews.co.uk udp
US 1.1.1.1:53 k.sni.global.fastly.net udp
US 8.8.8.8:53 prod-classifyclient.normandy.prod.cloudops.mozgcp.net udp
US 34.98.75.36:443 classify-client.services.mozilla.com tcp
US 8.8.8.8:53 metro.co.uk udp
US 8.8.8.8:53 www.esquire.com udp
US 8.8.8.8:53 www.esquire.com udp
US 8.8.8.8:53 metro.co.uk udp
US 8.8.8.8:53 r11.o.lencr.org udp
US 8.8.8.8:53 r11.o.lencr.org udp
US 8.8.8.8:53 www.bbc.com udp
US 8.8.8.8:53 faroutmagazine.co.uk udp
US 8.8.8.8:53 bbc.map.fastly.net udp
US 8.8.8.8:53 faroutmagazine.co.uk udp
US 8.8.8.8:53 inews.co.uk udp
US 8.8.8.8:53 www.parents.com udp
US 8.8.8.8:53 thereader.mitpress.mit.edu udp
US 8.8.8.8:53 english.elpais.com udp
US 8.8.8.8:53 english.elpais.com udp
US 1.1.1.1:53 www.esquire.com udp
US 1.1.1.1:53 hearst-hdm.map.fastly.net udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 fp2e7a.wpc.phicdn.net udp
US 1.1.1.1:53 www.thecut.com udp
US 1.1.1.1:53 vmtls-np.map.fastly.net udp
US 1.1.1.1:53 greatergood.berkeley.edu udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 faroutmagazine.co.uk udp
US 1.1.1.1:53 faroutmagazine.co.uk udp
US 1.1.1.1:53 www.parents.com udp
US 1.1.1.1:53 inews.co.uk udp
US 1.1.1.1:53 k.sni.global.fastly.net udp
US 1.1.1.1:53 inews.co.uk udp
US 1.1.1.1:53 www.nationalgeographic.com udp
US 1.1.1.1:53 www.nationalgeographic.com udp
US 1.1.1.1:53 www.theringer.com udp
US 1.1.1.1:53 www.theringer.com udp
US 1.1.1.1:53 www-cdn.natgeofe.com udp
US 1.1.1.1:53 vox-chorus.map.fastly.net udp
US 1.1.1.1:53 english.elpais.com udp
US 1.1.1.1:53 english.elpais.com udp
US 1.1.1.1:53 thereader.mitpress.mit.edu udp
US 1.1.1.1:53 e9566.dscb.akamaiedge.net udp
US 1.1.1.1:53 news.sky.com udp
US 1.1.1.1:53 news.sky.com udp
US 1.1.1.1:53 www.vox.com udp
US 1.1.1.1:53 www.vox.com udp
US 1.1.1.1:53 e10653.e12.akamaiedge.net udp
US 1.1.1.1:53 n.sni.global.fastly.net udp
US 8.8.8.8:53 fp2e7a.wpc.phicdn.net udp
US 8.8.8.8:53 greatergood.berkeley.edu udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 greatergood.berkeley.edu udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 faroutmagazine.co.uk udp
US 8.8.8.8:53 faroutmagazine.co.uk udp
US 8.8.8.8:53 inews.co.uk udp
US 8.8.8.8:53 www.parents.com udp
US 8.8.8.8:53 k.sni.global.fastly.net udp
US 8.8.8.8:53 inews.co.uk udp
US 8.8.8.8:53 services.addons.mozilla.org udp
US 8.8.8.8:53 services.addons.mozilla.org udp
DE 52.222.236.48:443 services.addons.mozilla.org tcp
US 8.8.8.8:53 versioncheck-bg.addons.mozilla.org udp
US 8.8.8.8:53 versioncheck-bg.addons.mozilla.org udp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org tcp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org udp
US 8.8.8.8:53 addons.mozilla.org udp
US 8.8.8.8:53 addons.mozilla.org udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 faroutmagazine.co.uk udp
US 1.1.1.1:53 k.sni.global.fastly.net udp
US 1.1.1.1:53 addons.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 addons.mozilla.org udp
GB 13.224.132.3:443 addons.mozilla.org tcp
US 1.1.1.1:53 prod.detectportal.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
GB 216.58.212.234:443 safebrowsing.googleapis.com tcp
US 1.1.1.1:53 o.pki.goog udp
US 1.1.1.1:53 pki-goog.l.google.com udp
GB 142.250.178.3:80 o.pki.goog tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
GB 216.58.212.234:443 safebrowsing.googleapis.com udp
US 1.1.1.1:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.58:443 api.snapcraft.io tcp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
GB 185.125.190.28:443 canonical-lgw01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 1.1.1.1:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 _http._tcp.se.archive.ubuntu.com udp
US 8.8.8.8:53 _http._tcp.security.ubuntu.com udp
US 1.1.1.1:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 1.1.1.1:53 canonical-lgw01.cdn.snapcraftcontent.com udp
US 1.1.1.1:53 canonical-lgw01.cdn.snapcraftcontent.com udp
US 1.1.1.1:53 _http._tcp.security.ubuntu.com udp
US 1.1.1.1:53 _http._tcp.se.archive.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 se.archive.ubuntu.com udp
US 1.1.1.1:53 se.archive.ubuntu.com udp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
GB 185.125.190.26:443 canonical-lgw01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 se.archive.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 91.189.91.82:80 security.ubuntu.com tcp
SE 194.71.11.163:80 se.archive.ubuntu.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 1.1.1.1:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 91.189.91.43:443 canonical-bos01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:22

Platform

win10v2004-20240802-en

Max time kernel

1799s

Max time network

1800s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695895283376255" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4900 wrote to memory of 3856 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 3856 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 1204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4900 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8749fcc40,0x7ff8749fcc4c,0x7ff8749fcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1864,i,18413994548258244912,1126897773082793529,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1860 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1724,i,18413994548258244912,1126897773082793529,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1908 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2252,i,18413994548258244912,1126897773082793529,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2372 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,18413994548258244912,1126897773082793529,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3108,i,18413994548258244912,1126897773082793529,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3224 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4528,i,18413994548258244912,1126897773082793529,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4588 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4372,i,11708048364682646792,608099842549576907,262144 --variations-seed-version --mojo-platform-channel-handle=4256 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4916,i,18413994548258244912,1126897773082793529,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3824,i,11708048364682646792,608099842549576907,262144 --variations-seed-version --mojo-platform-channel-handle=3892 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 98.47.66.172.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 190.79.22.104.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 190.78.22.104.in-addr.arpa udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 92.12.20.2.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 131.72.42.20.in-addr.arpa udp

Files

\??\pipe\crashpad_4900_HDQKJFGEGXXBUYNH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 aaa26687248ede37fcf2e56165d153ae
SHA1 4511294a3ccf8567f28bdeb0b38e1fe0eb2f48ff
SHA256 0003c2abe2d04e09237132c2c44a0420cd605ffa3dac45ccc27cf934df56c588
SHA512 72bf73114abd0d9fba962c23292cf8b5d2c725b228f3674964703adcaf1d6d7069bb6936a675a8e24ceb94c6586859421cdaa956bfd8853480f81f043fb62b69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f8d746e85b72f59fdbb3990f7fd3e1f0
SHA1 c4f741ad66d68dd5c1b273e59f78a014283a3134
SHA256 fb707531d317cbbc7ab5ac2dee2ffdb7193dd1bc82f225df542ba2aecfb5033b
SHA512 7457ce6e3d41c73afac0d4ef5e9f3aa81b22e6617677bfb45cc69ac6f2390faab2e0b9a8151fa98d993c5b04c27bfa4df046e3c3baf95e73e3d5089f8f061570

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 76b2291bef339a606e4cf61d39ff707d
SHA1 ac59c47a74e739609bb120957d6e28e0137d92ee
SHA256 364690370af3bdd010bcd6ba91d76946201e03e9c1cc30c2927f55e3136af311
SHA512 9a5ce6e03dd1509a681152c5ac4a4c1f15c7bc335d7928c5038fa0af1c6a7889a4d637425c521981894c79d7deb817981d528a8219ce7c5b7182888db213feda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d804e5299c709af27d5acb70ec6d0919
SHA1 7538bb395bb084dd4fc2148bccdc9c14e3c7431e
SHA256 84a40e4b453c5981708591fbf0ed019f9f05780e7dc8a40a5072030c7611ac6a
SHA512 2fd4555d1871839e58ce787477b8db5162e6624a65b9374ff1aade0cb82a619bff092b1554140a466c94b6cb4f4c9cc94ee14a0066213d58aafd6db036ed28af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e34e40b047e3df2ff2ab81d713d15ae0
SHA1 78bfeeb9798af8de736617911ac0da678388cea4
SHA256 25c65eeb44bbda02ee25d524ba77de577787346792a60ddef986422544d669b9
SHA512 427da1937f6d2797102f006ca145f313dfe69319d2389b97846a3df43621c317ab18a83e5c28e1cbe65764fa2552767de93fb19eae175ecab00a40e385474dcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 65b76676448270fb6c2ee2343ceb7001
SHA1 c06424f1fcc4463324cf1da817b487a76d188f15
SHA256 afb882ad7087e2c17d6a27a4d432d95492b83ff7382655a833f4a6611171b855
SHA512 0b07d974d0e83967816eca5e5004c8d2b9a55b57593da6c3ad00bfdd0a745b074461c8e36d5d1b28027cf4f67d42aa5b6cfc0daafbac5d09ed248674d57c9eef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8d095382a97608f1962499a9607a71a2
SHA1 10b81ec2e2a1874a8db9785a8b962fbd8c9078cd
SHA256 e66ffe57ecfacca48549ad1d1dd4c83f06bee6793a436102a7d35b9a254867b8
SHA512 7cbbb6342a439e5a850cd5ddec577c7f1492bc14c2b7dd59e3eb299f8c64f874928b4acd16c95fb02c88292f082bee2194cd37888156f6b7a586b88aba47dd5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a065bdd561887e8e15c9e926a9a05b19
SHA1 7270eba0298c67e6b1b7f728c00a4381362f315f
SHA256 05cc56785eab78ac7d13bf70c7a297ead2e602522c756409aae79863fbcd5a8f
SHA512 842651d8b0fc46684830f69ab218f21d6a6d753e713d25d32a511debc36240b6762d10a4d7455ce262dc464494c75aeb31339726d4c13a4c27f03403b8e81cbe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7b72d5ca8a7d3ac9e7ad1722cac4e2ad
SHA1 2fa0ad30232e55d372ecbd00433329d6dfd62d8b
SHA256 5a1fbf11c24d9050c5b9f41d11aece562189e2b74b137857d6891edcba992d09
SHA512 710df07a9e89a7a1c121732c4f8d8375ed640e51f887ee7ecd81ad13e2be9bd1f66783a2f7a46a088f1fbb0b6d9ac94d2d0d6eed00ac61740f7711be2ca871ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a5704d0e119e9279af67d638e4f4f80
SHA1 633ba52efa38829b7aa03636727fc469c9a4fbe7
SHA256 748e7ed97247806958c95379ce4fd1ea56f02d2d039fc5d287d6456fa3d6bc79
SHA512 db2e3afbeaf32dadd9788ebafa4fc89d2d7272d0ee2a8c620b2c6d089759b84ffef755d178c54cdfa2fff1deabf8c8cac8ab057b842d32e2aced1d7d115ab800

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4052de5667b3fc059470eb9dba45e0e2
SHA1 5148fbfd540ade3d25cf66bc46fd5439b2fec75d
SHA256 1667026ddc6c1b6c40ed4cfcd04d4b7eb9799f8e51a5bccb616b015421e9caab
SHA512 c524f23099507cef0ca168ae413a16f3426d3671c82df00e34957d0f74807c7f31d3bfa8a8d8e68be88de9b6bf6931f1b7d39d557aae1cc95b2db18bfc2cae46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 13791ac1424763f3a428589c12af5faf
SHA1 23adc59cd937bb4bae053dff0e71b3b8902b82d1
SHA256 3e13f4da814dacd5d8bb82957d6a7d773318af5cfe315d4c3f07a92fb9495888
SHA512 ec7baecad18622776f98e96bb26d53f0ce4aabecd9ff51a5918621f257f3da352532ff84443991e44d80132fd6e5ec1b0fc544057db9cee874cf8cff53a838c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c928ba0ebb42644c0dc4cd0720baa13
SHA1 69d083b2ad473ff5f2280dc16b568da35905d924
SHA256 c320cd9cf0684979c45d5642a7eee33e0e9655be20a1fb4dcc42e5bac05c6788
SHA512 69bced59a0f147d2c89c7b0157024d4cd5622a1d477764ccaa84dd7649295be2e15d015f647e466186e25da218192aa7b92bfca2a7c6c57faf45d04874686d30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 87df76742585fa36dd9455cdfd13e9b0
SHA1 404c0e4e29c5a943292f5e24b34086ef417e0458
SHA256 7349151e58e886d5da60b65682740cc5ac64190b2d04526bcba360ce5e946f6b
SHA512 c39a0e6a8fb5368e9af68d4c77b78d4c32151eeb5b3662ad8c632947e08150044c4f711e4ad127c4aac13c715710f753898b10fcc02ff5121199e184c96610b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef26db06c7249ea9ae2af2f26aa26dd4
SHA1 4ae24fbd12bcca8ae79badb96f0752390f5814f0
SHA256 d9c6bc6005d9cfb2e41dc464f70eb9f5b02a638fd254a8c0087923c3d0a735be
SHA512 c087164a3382c03e9f8ee618c1d6787f17f24727862a2b1c4ec038abebdd3e4c0350a5f997eb42a27a1480ed07364983e7c831b82f27b43352c65a2983d02921

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9b92a7313b792ee1978cb9156abd093c
SHA1 35dd12b60902998fcee25e1dcfc1dc6dbb067f91
SHA256 032bb5d358c426601b79383a575890921a1262e69325ddc79c237254f9c7add5
SHA512 73eb9be212605016b2e2a39a1a95604605e6f0b1d97a2c2ecfd9a568f09fa060e9b6ad5e5acc9cc479d4c95201d8611aed96b192d8f42a977b73fa2d5e11a0a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 12f2a885ce113e149e4acb254494d1e5
SHA1 df91c9da9f45d5d5a534cb48ccf3ca78626ef89f
SHA256 7b7f11c9a7d7b8fa2dd2531667adf91fb7ee35b75041c5b4c46cbdb8f2d0d430
SHA512 55da38b1a070f4a4c922f2e2e28f42bc9d95eb9b0f5f8e16608bb3c09d63d99ac37d617f0e24c6e30e50725e04fc68b15bc924b1bc0a5bcca88b7fb85ea0df9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8c20df255f90c47e233ef7472e1e9371
SHA1 1b2331dc3b8ba1f28984b26fdbf063e46a2f15cf
SHA256 d67a2c40cbaadec13a7f857e38e29c3f0ac24f9aaf5f3c306e9777e208c73ebb
SHA512 2de82898d655ed704bf08ab4745693c950ce30326556675b96ff662dbfe7ef4b1c79847ef5080425082c63ce3bb3fd7789be0fa007d83a074d17a7bbd04db702

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 102a1e45948551e896aa45a7f4ce94c0
SHA1 a244424806c421cd20b260f37d135f4409d6af9d
SHA256 7b128132a4febb503c13de876391f7028f2fa3377d8cb526cd1bd568229dee44
SHA512 eaafceb80f7e4e7f0ae6659c94300653646c0281708bb203d65345e7e14cc066245f10265e014356fd64cd6383e740ce33ef4b6d2fa81789a14ab82386f39ee7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ade196388edc8a4941a6049e1836eb8
SHA1 dad87831ae2cbef5fe6d60806ab140ed02a0c0f8
SHA256 46ef65d8470905599dd82e0cdd5a1d3c72e70cef0521448f6f4e8f4c0d1d7001
SHA512 71f02c6d13018c408c6543d1c88845655bdedecd6a0d35939ffa76410007aa0b5903ec07aa95d618f0daf9014258125ffeebf91566b6970339f6cb1b9aab576a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 35c2262120ae12aa4eed9891b97254ad
SHA1 3210bcb56986f9a99a2e14c021d68e9c1aa4db88
SHA256 a1efc42f3313e322924d227ed887475bd7784f5e06bf383d66ac93ad86c1e234
SHA512 777eb62d36c217373ef6e3ba86d2844d50ea35a54b2df76840414a16e87b5739d116e19cb92991210b612d1f8c1050dbff8971bf7923be7b2b7c940edba06a80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f53fe0ff1f61c62fb60b7a17204fd715
SHA1 43bbe30141cc3b045d333e09559c049bc93c2513
SHA256 3be2705d8fc6a11568de58fa2cd96b3319b129273ceff8dfd3929b37eb17ba84
SHA512 88f67baad6ceb80bfc95cb3e25bf104950b5286e97c0cc4580d1acd633fd4195942fbe7ff68ac563d04656952114903d9482c2166a911aed68ec5011b154ea4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c34c3ce3204efd99d0e5d163951b413b
SHA1 cf3e826d0abf6c2be1a64c05a3919b3e8288398a
SHA256 4d64d11aaab9b6f2008d01253c85f3d4f9a677731d85e0bd74a321eb0ae2f0bc
SHA512 e4c11595a7f39081a8c33e2c88b04aaeddb1aafcf37ef7393ca1466bc9f1698fb03db1962d6b149914093d01250c23ce67e7892218cd1c65793671024ee7cb23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 faf75c4c9382781e00d7f84eade16380
SHA1 08d3de525cf1563420f02285b4fbcc589e93d6d6
SHA256 489d3a908047e79f47e259671a427b72e00dc30c24a81888c6e5de50933146b4
SHA512 fe91aaf5d97aad379f950101a8734cb3296a467a6ca0857e8f479947256bf6887a9d4ecde271c6b724ca9186a44ea8e2ef2f8907dfa8f267a61ba83355529a83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8a2b536651718b020a08cf42f70f529
SHA1 d57ec6b31650bb7092c88574c73f6c5649dcfa89
SHA256 89790d2175a9e2eff7c4418b353bf02b4e39bb2dbfe64bbea4d067e8452b2ec1
SHA512 8139e7e70a91c7cda171a810cf51039369f8d3ac3d6d8c7ba1d6e99dc852570795f42bbd8f6b923aa777b4ba514dff59b955661d53f4a8efed22a00b91cfcbb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3333a8383b0ad88c273d1170fbd76f7
SHA1 383745ed613f51507f09cb56eab762b7666d445d
SHA256 4cd67977689070dbfa236f15a8f3542657762f3972b6e407160ad1d7b7c452a2
SHA512 fc6cdef6bc6b18863d56bef5f6ef24f4cacf72ac5518545e44dd0e62792b3cace545555d588d94c91e8f9925cdc9217b323b7e04e15e52f196dfb15db52605b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eeb890d8ae722588a75a217e427a1270
SHA1 cb94cc068e89be999529150665229a45190f6dfc
SHA256 3647866dc7fe381292f8d67964ed01d71dbec743954510fdfc43ee861c93b926
SHA512 e9d35dcca23609296efd8baf1de13ca8c9e1fed7302fbd4007e30d3a6e01853ef7ad1719fbea02b196c88b17d5397eaee292034acb835533ca71db5a346b1afd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 912e48fc6dcd468e679246678f793b95
SHA1 d4e230ac2cb77788219fcb950316d74ecf3728ec
SHA256 4eb15c423652c5bb2afc71ed07655c5b4230b3ead1017fd76336c9bce22f7f2e
SHA512 00997221723a0bd7b2540b591c6d59437c5fefd980dfb5bd423d5fc85e320be16051c7d481661064ad1441dff17d3bd054b242367364f8c836b0d7d3174ac9a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3b6929366ea82d27f0715edf41f53c1
SHA1 48ee230e97e9a2c00c20dcb28c37b380df7e1dc5
SHA256 3602b6b3e11143d256172924e0a5fbb30e87d069c11a7e7187d85afa64f96312
SHA512 470b86402e095c240d9f97e48f1dd99ff64bab71e8afb94ca3cc77c0193ff3cccf3748f7421b35fc40d2234f8b1086f04d10ac815629cf8e7a117da507111877

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b8c87a14bb0a3adc58f0a4cf0b5f1cab
SHA1 6d547fe58a63b94b30402d6a7ed5bdc30960f668
SHA256 baf92bffe830c07a57c5acacb7b019162810fc7a6f41e55f16b01b889af4ce42
SHA512 10b6bc6beea78a02be9f2b134e3264fc38bbf156ce37c63934d411bf43503ec46366e491cac5ca8248fe3c990f6f7f019af8f67ff13c19740dcb02a2fbecdad4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc387ed1172441b0b517d9c93c0b951d
SHA1 6521b083e4e805fcdb9bb9d3c35fa8b284f34e0b
SHA256 ac646a3fbad61ebb4b0cc6453aa374699b116338a6c84620570cffcd7c34ce85
SHA512 c59873bc424522e8d648c7a6d8a8f7f1595782fb9a77e20c11ea1aca681671dfafddae7070adf8697abf23ff2f9a8b39b4c7e8f05a55e639a919f30af206e262

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5a2dc7dd5229181734b70089203a1c27
SHA1 e3b4cefd249f3fb46686317e0ee53e20ad292209
SHA256 fa90aee9600c634c3fd9fb9df229b7c0f36128451ab0fa562638e2d9b9291d5c
SHA512 8ae575039f713bd204db023cdcf508c275c316566908d885b7e8c0c408e574ef657e86fa383a77b7711cd729f3a2cd54ea7e82d2e96d753d1498af374c893a31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 594243a79a8c4686254d2703117f1bbc
SHA1 c7c50c802a44b6a47056cc8a1235dd9db2e6f465
SHA256 b7fbf1957f06fa85ccd739750ffeeb1da0b13a3f14db86c5ba3764e92415995c
SHA512 bf324c8d613bd93d0014d42e27ae85eeefcd642e713852cb7363ad0fd9aec6c6c5ad34d3184204da0a9c522c590b9b19650748adebb7c677b9e951b14a6163ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3d339a2290f463f71bd127a618cc998a
SHA1 9a99f7b293083eca5f82c4b283f373c47dcd8c5e
SHA256 c34b095b395ed1db4d220f137fe7f3a314f3de2403fb3bf114087146e9ad9746
SHA512 1acee3ec52923795487fbe9e7927d78e4ea7bfe5fa0651afdac2e656b63fd13043efa0bc720a3e3b57e43f2e7f9199edadbddb25734f68aac6a2067fb2f13ad2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d19bd26941ee8abc9ba9d8d085dd151b
SHA1 14a445d562fc5406aab680d401fe90aba093d030
SHA256 f4a6af2a72c003fc36e8a6c11bb4e0f04a79b13bbb9a7742587185b5521f89d0
SHA512 7bf90a458b292efd9ad2eab6f44bdef8bcaea2ceba5fc2e98d707b62441c09c996c4c9b42ed9c651d986fdc919b7967b5cf28ea85c8176596c6fce277df9be07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c2d89770c22cac0abe5814f9c74fc27a
SHA1 4ff613f312535762f9b496c0ed346420c4f6c37f
SHA256 81f56486d7cdf89834233a1557b08efaae17f3f2fcac25f552d9cfa60210a8da
SHA512 286430e451c3f43c69d6a0b8b8312eaabfb18430a73047cbbf811c2c9ef055f30f20ae84c441088a28477957d1bbb82c4d6d92592bdb49b028caadc54f4b7ef1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 687fc6547ec7d851da5c02157aad1493
SHA1 2ae1af355c4dcd1cbbd8a5b2e9c1d1476f0b8f27
SHA256 2a05207be2e21a276c8317b7c22e06347438eabb541d6370fb14bc2fedf8b1e1
SHA512 900d10e54dba48f7835727ffc1f74ab7f6b471bbe7f2aeb41e72f1797a2a53ec92989f733cc3505aeffc19bf62e0491356fd2135e696554eb8674ed5c9789436

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be62dcb9b367f19eb1d43c64ff696113
SHA1 26fe665421606137b774cda7eddc0842aff3f15d
SHA256 ab644e1cc1c01512bfe186146b4eed0d78fd1c8d7a99eba0d7b7948e97da3d50
SHA512 fe3be634901fdcb31cad0d697112936cb9f01fcb8511390e8a14ede538dcbc694bc55724e91e5faa7fb73cb8cfb6799d37ce0eb6b761313b37b937c5377a2019

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c9af6d2567e6a4d91b957128a15c0bdb
SHA1 98d8189f87eb472bddacd984ddfc641ab27870ba
SHA256 2f82951523517231858d492109043472d22540df8f7d8f1ece2b52262c17d9a1
SHA512 7b46097def67419e591d94f7a6c646ed784b13494c9bfb216bbd6954b18d594a0feb5735f5e1a4036e090c3c7513dd30dff9309995850aa6925ec15bb290ca14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 33fa6a9c41ffb653b70e786ec298ad19
SHA1 5ea765f7d1ca9e8c5777358ddb58d75fed08d50a
SHA256 01f31a0abc5d57aadbcfdc29651c0b2583a317bfc6acd2d2a8718af1e7daa9d2
SHA512 5e514d961feef2c7fdc3f9e8b8ba1b30233020f2f68e42c4ad8e4a3723e6cf71da0f727fac03b38fe8dee446a4d2dfbef6e2f6b3bfd6e363542f4a7a8bc4c61a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a110767af7d5740ddbe817484437774c
SHA1 27dce4d3b9d864c75fed64f6403a10dd739629a2
SHA256 949f681f53bd6530a57ca4ca2b5eb934ffb3fd5ffc19d03efe7eb523dcf11d3c
SHA512 530efb35d3d78b275e6f36706a6632cecf91f01135a1f7b473adc8e181ce4e60ee53d33f2676fa940dc0f0c8274a1af5ec55ecc89847d442c5e6edee78378005

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d3c091294861e597435cf1d4520a891b
SHA1 0e6b87ab1fce4956816eefdfb907a9dc01330599
SHA256 9e99e03215fa6108a8ef034932e5933078dbd2c384bf780f952f2a759e63f877
SHA512 4bf01692d47d908f95efa67ed89e9b6c2d20c5b9f2b10f24a90e9a7d9d774e5e7ee27fcab9b910058d39ca2adf9871c600260c2684f81167b469408ff9a5bab3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 15befd01acb3edfdb4467d9937d954cd
SHA1 dd86fb759cc67a49378ef4983b2bfacdcfc063d5
SHA256 4da251096b181ec124920c6f4bc86ca1d63cfe7272cda67b57371602c2a64751
SHA512 e56e505903454814beba1692e9e5bd21988e1161c9e25921582bbd9f13533469a94cd4f314b30d2a0ee6fa58d8eae6dba1004261dd56ffaf742df91d23d98a03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 630e8405d1d2f55a3e3461bdca74b47b
SHA1 8dd3218c5bc63f91ff695794b8504f4dd0e11a9d
SHA256 9637a1cc0676ba82d6d124d0b91bc5effc300bb201a5f4f68909fdb31623c92b
SHA512 64b4d468363bef13f243765491c8394322db787aca50d0efbe35834aef3b4303b99b9fc8ce7ad6762a6242b7fbf9604678711299b71fafaf6ae2444ea904275a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 356b60ba3911dd2d2df9a89f3a46026d
SHA1 d15b0846905d7f151a066d92ac540000129fcd2f
SHA256 801d1af95702f8a94a293ca4ca48c15209ae86f52410e083d94a72a8e379b84a
SHA512 1baf3b0dcc4545b5b7ac094c3bf5375506437d6c0af459167225b303da443e72dd393354d10cb039bee8dbf7227e018ba822bd231b72fa8858d48e6d88093e8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 78c909a8bf48ee8959c5dde1e2184a85
SHA1 1a733844efe39dabf7ecb89dffa1c4b9928f1eb4
SHA256 3e4645d8d78a5f6c19339e089cb756c670418b8723a38eedb93e659790270a11
SHA512 923403c2502583950988503b6470547de79ae0d93b472164e637ec7de141b3e2dfda06f527d5fe11c71d84ba7f1072f7f27082b429eb6f713db21e60ff635eef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea64391471687127a592a8b39a2919ae
SHA1 8ae8e4f6743cd82637b484b2f159d8648cb7f730
SHA256 ec09c2868645e422e8a32e21618a53298694b7893477f0e9f84c0187b7d9978b
SHA512 b27cbad3a1943bafa348629f420ee33b16982c1281beca216a6729d7277fad5423c3616e8878fc899a90f65f62ef6eda304436422091f267aff80d076ddb3480

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8502160204f76fb559c3953f757204a
SHA1 f569a05e4948f0a46a9239d932f76c01ba7c869c
SHA256 b4f756cf33a7d88f75a2421ccb5bfd1cabcab23633e7cf73800602e15053aba6
SHA512 9648b739f8c34eb1c38b9c48ac32099ab99af11169826d7c1558a7dbdf001e97237b35dec13967008450b39669e3638e3463419f3967179d781654d24fd3d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e1c25f6b8824b3bf5b287dbb12c83edc
SHA1 d0cee5fcd9737edf361fe8377fe3d22978fe3045
SHA256 d9677b6c49ad959a40b529879abeda8716bf22e6270d8b10e10bb6651dadaf6d
SHA512 7eb3ba3a0ddaa3f162bd0a0602347f4507e029efa461d954e17f8d1c1f8ba183cf02e36e81a0194579012682a8bd8fce7773cc6689a85d63cf19ec725ffacf40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd3c837a1b01f5f846f6a8a6865f0db2
SHA1 9622d10a764891dbff8d74828abde448694dbd69
SHA256 26f0b395d8ed9bb330686d47aeeffcdbec95face70ec07267cdde0bf63d9d662
SHA512 93e8cda2499c448b0da2addc0f17dfedeaa714d3a14aee26c29ca52d0f9d23f0757d7633a2bc039a7de5398ed54cdb01211543d23f97fb8903f8e44d53abc0dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 15a26bcc8518d114634a93ddbfd80854
SHA1 3dce0a3c5844c69ebe86b3ea669d472ea225a20b
SHA256 1fb075567f3f555dc0e567dcbb3aa2b0ddc3e782e2971ac445ef0e2e7dd2b3a1
SHA512 66c2b5972bc6341a775c40e5bda51616c289b61867a9d149d3dd9109c2d0bb936b7ce7d72f4918b320c181b8f204eef292e575aa4e75f4ba82403ff0f61e35fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a834e1e57d8bb9f9d525ee67f08a42e2
SHA1 dd0b0456d55b982c49625845212e65a2512cbc9d
SHA256 5b6f85da851f8f832443c8562d892d8cf043c05747ffd4edd25301e4cede3bd8
SHA512 85dd3019daf98480caa4a3fd652855bc7f1a1745b6490252116bfe5267dfb424d50c037b407e59ee344dfac98e77dbeb8314d1b90788247555abdadf8f678d60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4cb5e74e6005d9c4fe1f64e879737812
SHA1 146efd761dd74644c70b1a5c549e2a9f26933790
SHA256 4f088398b56d72812fd45c4a94fa75d355cf190297a28b3af4885a61dafdf31d
SHA512 38af578234bdf42a3430eaa1060f818f9c37e8db70c013c56be8be0225cb8a9fb42d7e5f7f5d6ff6a39ec46b131694974180b74691fb7fecfad8d11b81261a2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ac7011a7634550b2322d4b663430952
SHA1 2d734f212ef4e3f95cbece0443650ecf659ff249
SHA256 dd7776a5f7d8fc23c615093345060e5d27eaf689a9297432f908484c3f5f4551
SHA512 24e5ba84b38fdc02c0d4d5392fd262b735c441936ee98a797561eecb77dc426bceda13a29f304e73e6f42e277eb7aa7b9766a32c9893f5be544f1fa499b0bfc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c642a41519b0d84907e6f49146505bb1
SHA1 f7fa2a4dc3b3c66c8cf71a94be728c227db1e59c
SHA256 34337bf3b10ed5e6c81457676c3e6c3b9a9b2f6b90e47cdb6ee9e51842139c57
SHA512 2282feec14517282d4eac3e2489a653cd645b80cb01a078976a814f809982a488234254d3e5531119b4f2b28b628745fbdede0bf392fa6b16df4c7563b4c5db9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e6cc1971f1450e01849331c9603e5da5
SHA1 49eef6a6f39290d2b6db7aa933097f5eb6665bce
SHA256 7f701bd84418d92099d5a513436fb607b37bdfffa485df4a125b66f81fd7da62
SHA512 72db4ead9538f826ae5546772bf4b39f8c44734ebff016b92ac9597252d4fa4fae66aabde86ef7eb7933a4b5980ad893c26a0419d486195ccc34eb7f068de835

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a1a26b232938fe73f4a1b3c7bc37d61e
SHA1 424315d7ae833d960d61bb2c0553cb821f1e2676
SHA256 7475394c374447cd595589c2e3a63656db20a49cb34512fea3152722d2577a14
SHA512 e7f1fb362de047fa03604f7ec628fa8e092bcc667054334410c078cda3d5cd72dba54006e83a384d865bc3e77dcfaa64391fc698c02219e22506b6a006c93340

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0c4ce26e27b5385fa847a4ea5d76c856
SHA1 3551dc62f7ccfc78fc045a655a94de351cda788d
SHA256 e126c5a12b02bd764d3a41d087092d70df524f67f2f1f06a7452dd80530c2cab
SHA512 82b678d80993def2191cb2432ef7ae3cdca34ec2494e320fdf8b83a7cec9aa6f53040d9afc9620e4c9dc98a79e5032bcbc2689ae0a0c1a942dc9188e845e7b74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 207fa6a97fe087234f3cbcf9acdd2af5
SHA1 521534f548bb88b784d09ac5daf82614c49d8ce0
SHA256 c5337d3452abc95570ee5fb605ad237e4eaab062ca3d7350f9af24c40a236568
SHA512 66392045a9da08d1d9284e1120e1eef85f6f9cf0379551bc44f726ab2401cff367d61bc53c7f87207372ada4a021c4a9c19e845cc872d4ebf63f6065ac237746

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2242284d14cc62efb33c500cc5ac8cb9
SHA1 f28d8964bcb08b63202aecee4cfbc49aeb1b6bbe
SHA256 58097cec16502804dbb5deb0157f0a0e342d5795c7a60fbe248630e677d671c0
SHA512 123752e91571d0fab3965528efda3d5a885523964742b55c7c48e5a3f32b03b4af0f15a8d0bc11ceefc9e0e2337792e401d7c2bb55a0f2b21cc3b771a13609f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb8c1e85d530120c07ae25963e45aee8
SHA1 fb2fbea69f4aa0b0e7dc603554c7263b08610ee9
SHA256 597ac946d4e78bb14954cf438a93b777479ce09c1a5fe5dac6cace5429b48374
SHA512 49d6044fe6b14f3bf471a5e8999019971eaf0ec2eb6a6406005ed9ed11ff84b7ec3a8a2e417683747d276f48824e4d016b1dfb9004c3e6eaf27ced6e9be979a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef9024e56242204cc7534326d0780165
SHA1 2b049720f72926528dbb8742184bb17861da700f
SHA256 c09215113a1682efe6c3347f449389473c816f2ecc4e926011bfd362d11c4e23
SHA512 96a0dd98b5ddbd29cc4650f8c982cebd16dcbe7b81a50d15d359eda12a6694dc5ee64e384007f75ad56b9d28364eebcc277414e714c2294c22861d572969bfcb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ae67a68ff9b6d7a27b3c16e099a78cc0
SHA1 2f5f76966fdee19fe6f3998c55824847a3de58b7
SHA256 75c46afae9d44f4109d02c998994573803623e506df9034af36c4ee90e8fa3a4
SHA512 f7c31a4e8cd96ae14aa86e3716ecad6f48505d6c39edf1dc0f84f1035fa89e868a519382a38842a971128193d0aea87c8dd26792082db1b7b8167d6656de9113

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 099517575e113aa6c59d793194fe7348
SHA1 6529c3d3bd518c995df5d15df16941436d20af57
SHA256 d3527219b19f185d853a1950a0543853f7035c666083178c100ce92931221e41
SHA512 1f8dae6722de8d24f6732b1fc6e6eebd44af6b6002148925c6d400e03b0c7445819d91fc6f5e79bbc8b35f0abbb3681536b7cc0c7dc97d6f438e3951c22461e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e18ab759bc1dde6bacc4d539c9ed2087
SHA1 9b8c1852ea3381234d39b49ef755268c281b02f2
SHA256 143c47a9dd275b670c59e90511c33493255b5a674b7b0c1fe1c723a105dd1061
SHA512 d3b7c805d2777628e607ab7c1cd9f04776cbeafe2fbdc8ee59f68631adca31e553ef8bff2fa70aa4d626a217696fdd56e9691226a0e38d1c580b04279b1c077c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a0203c063086d5abe4ed43d5ef6f3e8
SHA1 c7923364f7aa0b28178461663146bb72bbf49446
SHA256 bc5bf4836e174d5516a3efef89590b2ec260019ba5587ec0ffd42e885290a5f5
SHA512 0f043f3f09f2a3368957925eb928b6055feff03ef779ab9309702a5e76798b26c7e97ef394c7243cb94ba4fe475a2e3782930302a1fee5707f433a09fdca6095

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 744b3062c03a04f09acbd7c258e70613
SHA1 238fc8987599ce19891b6d4a602f104637e87a7e
SHA256 4de35e91c753f48b136682504cf07526390360ba7a86a9265a94b6ecccf8b533
SHA512 4bb96bb2a7dd97bf07c1cfca600877b65db8d30508c0f88ef23596e8bcfaba3c3b02a5ff8ffb4f05e7912cecf2d8788225888dd3dbdff4a246d56e9f2c63910b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4316458c05a6622e75ad710491ae9106
SHA1 1a069029b771c9b22161d9cbc13de59371fa6f9b
SHA256 f9a2b22b9c5c1336a3311f45c3d9cc905e4a56a2580691d0d372f03b37b38fbc
SHA512 b9daf1766cf91a8bd9051fa23896302421bcc12d55ae9fa914739a29895b155fcc866396e62e402a17224c7012881bcc40828c3b3e627380379785cff5034bc2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9d4f1f4920973421bd4b4ca549eb767b
SHA1 1fdca6c2886e4f20e635912c7a4345f23b6df68e
SHA256 517aa5c2454e91c0b636d6ee87653909c6db87275cef53f985f2c4a9d4923143
SHA512 02f3bbce490d5ce57035d31f4dc88282adb0c6aac0087683bd42ad5b9be3ef33076c05ae8fb0d4acc9db814eea040c02c586374587f1ba91615b689bd73f49cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e306ec27d39e80bb6e6cd08258d8c873
SHA1 2c4c3d24b9f089ca973e9108eeb2edc3aaff90ff
SHA256 cedd40ae90b12b1ab9472378370425dfc4383b05e843273149f0959d1c553e54
SHA512 7d2958dab8ecaf1e52005d1b931b38fe73b3586eb9c342e29efd72011e80ef1e0ab876d6eecb8ad9e74130fcde3171c0278fc696cbd4b4757b36ea49c9ca27f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aca83d8488cfb0e526e3db66da8e9b74
SHA1 1aa941e2bda88a7026e7fd7c0136b3905b844ba9
SHA256 a4fbf10628883ffa6c2379b227c2e1c693099e721318e2ad72d47628ca0d458e
SHA512 3d10a5c6a33f730156959cbc0bc8a59984ac69895628937305cc5b0f69020412747640887f4f45553f863335304e74089939d9a36a5c515a523ef46fbc16ecd4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 23f02e0235967b5cf2a0ccdf85ea08d7
SHA1 b6678d0b500cfa89c10cb608690f61fe4623f31f
SHA256 221413e0729ceaafbefd9940c84906d0409d74c0956a5957627e8caa8e07e0c2
SHA512 fd3a283ac8701a2d1172158b073c22f43e529ba287622e58e418b4608db3b1c9501cbca1cac84e2db11a699a922d068ec3bed0fadbc63c730b297d7921f2b35c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e6b007814a5fc0a7838eff2cd20d95d
SHA1 3cadc81db2bbef54ea62337c3ce29bc0dba6e402
SHA256 95ed4c938e1bfcac0af72bcb6eb540b4f7587d8d31c8aee314381a952a9132b0
SHA512 44f7b55be6c1ebf883f128f38cd995aaa76d5647a892bc7d59100696365c8cc32abae95f66aeab1232e428b4f29e359eabded1fcfd5e216b48fd1f4dd1c083b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 60fea12388d4c7b0e1bee8f9537e0c6d
SHA1 d1c7931acde03fdd853027bd3fc899e9de175d2c
SHA256 9d5b78228684bb3f35b3ea9929bfb3cc2e6a4505b80e82ca706609858f007802
SHA512 2a159a252d7791946b89c9e50679ac10484bbdfe4bb962f067bf7c0d6ba4c0d618e8000504084cbe134ef9ffc77503401993ed1817e8fa3438f83ccbaed750a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6754648211eab8ff29a8310b8158e84e
SHA1 25797054c130b98f71fb05389ea38acf9590aa58
SHA256 5f69f33445cf5f1b25f40e5675ac054cf2a1663fc51cef70a00078ff8a41ca4c
SHA512 7aa37c670ee6d4c9258b733b81ed2bc33d573e37b49633f5a5825c9f7877e19ca2ad03e6342fe4169e5582d0072ca29ed1a8e204678042e5d09c146d5938fd3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f9270bfeed84406b16780db42a63a429
SHA1 bd2df94443f348f513270be65cb475c47fdddf62
SHA256 b6f425d627b9527d34cc8da9dcdedadd395763cb69c07c569ef4b8eed17cd062
SHA512 8033fad4c851a36c1ba9e80f92b0a8fbea7ec743550fdd3822dccef35341d5feba06d7fb3687f0419bf8246f9dbc126b0db8879e1d81c7133d433e329979c350

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 302ea3034378e5a7703ace4762b137a0
SHA1 9362c5864ada059d674e4011c7337bd4eec1d90f
SHA256 40e5228a4dea9fa1f21dfcdb295c58897f1d413a1546435842e731c74dda93f2
SHA512 46b7eea66d8b4c384af6d723ba9e88dd7edf83e8453aa947ab14bb6046709ae940cac8cc8c76670adcf85f91dd42b1008603a7291cdc547ca9e533e27d515b64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 90ec62582a6b18edf078bb775066fef0
SHA1 353a2699085d3ee3be33b5f56df5d823464f3dd7
SHA256 861e298c905fa60ed2f6c2cc6f4f9a4a62fdf316e3568b245ed1883c331ce671
SHA512 bd28cece49af60a6e097031e897f9c0b6be80ef125ba0809370f8f03a845edf96197f11d192a935771f9c52ae1a8b10b79a88e7f37331ed95d049ae9531819c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c31b14434f75b46f56e1eb5c2f7cdf69
SHA1 a00c0e8d161117d6339599b725374eb9056cf86e
SHA256 6eae158a4c281e8d8c814bef3abe15a047704810358abbc0bc786fd704a07c39
SHA512 f45f6a850b75e13f1c9fa2fa866dad4d7dcc02e573a20f779ea78ca21b11a8df59d8a741cfc5f0e5fe3c3ee205e04830b2c8bcb3f6357d7bb595de8ba86c4a8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 405a152f94ecb9027c7908901ab200c5
SHA1 9768a4a0afd1019d853ba6f2b62f0e2fd8dae87e
SHA256 2e77a1ac07c94a19bd7f553b3f1b5fb7c59fa13d854fa285a0f8fadf8ffbbcdb
SHA512 22950c3c448a96e396ff23ded0320bac06fc5468f981cc1e13924dc857adc5a3590cbebcb578cf4a091ff861fea39ae636a6c7bdb75fcdad84e977e7ae490ef3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ddfe36af9ad71c25e48b260090271ec3
SHA1 e88826be53bf1eb8aa74cd2e7484b430833e3ff1
SHA256 43259722c10209747fb0892dac18794d604eeeebb524f4591f91da554a7b230f
SHA512 57397b4f2b05eaf16a80eca8f6a7c1facd08a3a061c085e0209750969d4efc61d5808912f3b90d836b81b7c526e6c6153ca143ffc761ecae2b4bb844f3ecae6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 493a30928cf7c023bfb075607a469e85
SHA1 2216ce5c7b8d10be464524be8705e50e6e859e24
SHA256 631f839fc6c5372a9ff4e196eb1e402abfe095946f4d5564e85c4f70bf3bce13
SHA512 f5492941d72cd4d92124ab32256f2a83b85e8c51902ebdcc5fb3d5dd13f2e2095f8653868d26836cc2fa5d76e35aa4fc2ae773372e0da06cde49ab7ddc10492e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 63f58ac2d21acf7613466700060c263e
SHA1 b2f60a6367f42f8a7bb0e39b905d64a79125b952
SHA256 a932a4c8359c4bbba5818081376dcc6d5f35fe9c47f7c6731ff0031cc9059cc4
SHA512 0bb5b2eca5e5db5e4b42e3f0d383d3f6f84ec74671c8512b30738be13d978c0ba5dd5dac0a863d331277fb9bd1ee58eec6268015a67eebdc9d567e9af1d20b30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1dd07a9f-4795-4d4a-babf-54b5bdd7b044.tmp

MD5 f85e71f8b35f9bb2419da82c07595d8f
SHA1 e38b54418698831f78884d8fbb013fb86e189cb5
SHA256 80732c685d1a1a645cca608f89097437ff6475d8b4f8a9cf1fdc9b8cee1679c0
SHA512 ce9a67ebec6ca10739d790270ce9d7681edb9eb44802cded114b78e62f684743b87313533105f5711f845104df5025c22ece10b78b9c0f071ed04a6d4bd952c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ed5e9a4568568ea308d3b9f006f545e
SHA1 376cfa4138afb66e51685c5210cc4a2d09a195af
SHA256 39f69965079218ad67f9e8a5a225a596cd656b522eb6f38d962fe690ff0dc26d
SHA512 8f28bcfada39e7c13a97505113417ea4a3bc07cccc51cd79bbb072fa147bcffd4a82db8578fb03181ff3be4483a678c6d0ad919cf2ebdf3bf27b29a5583daa3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 18fa5c0d3797b9d499dca61ece7e86ac
SHA1 67703eabf014c7ffe7c1de851686c02ac92662b6
SHA256 3a066747b76abc63142974ccbcf61c915863a4d65cf7b3f60be38166ddb806f7
SHA512 c2f4c505dc5615f6e72d7101d115c7d9b3cfd66bcfd208a60ece9b7d4cc7e2dc7988606d8cb716dbdb617c92d0ad00ca396347ffa2341489aa483ac9d4cb19df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e9dcd598c841d2a6aa7143d396eb8f2c
SHA1 ac94fc1616cc6b24956bf0f4faf609860b7cc31c
SHA256 6113d66c6af118ea6ed9fc86ffbf33077bd17e381e995da45a84ee46b8c9baaa
SHA512 54c6e79a1008aecd3c957c9551bce44b035b3789c7655282739f361ee1b6c6fc587151096071bf70d699e74d5603415719a1042b77de336db85cc18f2412270b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 12135cce5a2535f5a2cb2f527fa7adea
SHA1 7aea3e19b6694aca6f7b24583720c2702c02e853
SHA256 92bf8c219b4e933bccb9fcb3673ba18c07674a976de880a7297885d4f44b43c3
SHA512 93d78222874f98ed5b83aa1e3269b8092d84f239e557dc2b0d0c447cb93c710d69c9b9a49817551501b4301858d0fc5af83af37c5fd1cc951a8a0834be7e058f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f22d45c98d4cca7ef792384b60da295d
SHA1 b831d416aa9a421dc95569414d31c456dd2e85c1
SHA256 cafa20d12eb57184a960092a508028eb82eaaa7c937343d880deeeddc852ff9e
SHA512 03a525a144c087b33e40d66c47eddda5d8a970321e5f03c936af0f1b8e1b8fa933c00016ee963974dcb4028670f35de2d28a84a8d9cf36de324b362d86fe7fef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 777c84ae6ea0db23a566747782b6fba0
SHA1 cfee30af3bce16550ea2e76556e2186d866a7842
SHA256 c121b43aaa74f2fe14f05e1921ddf10892086990b3f4fac45c7ff8745a8e1a97
SHA512 a473dc870392485792d2962047124e96d82b9a085a3dd5c8440157cbf4956c7f1929e7043f3dc6487b0e760bbbc4e4adbb57446ae9fc8eb26d1d14f013ff311b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b293a91af07175ae4a0e89ccb91ac023
SHA1 6b75aee2da1e6c820ca47349294f264c206521ca
SHA256 7fc4ac7c640d88ff0cd5ebe0bd9c03bbc24f0d37cc979455775c88a09aa9d212
SHA512 6bc272042c399f191c5e0ea1f7079069efe2cf2fe30f352a99e3454dff6182bb5466b9052d6fd633f2b0d779f82ba1b79eea8d92fefe44e6b07f377f8aca378d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2529c29f4b5af43208cc4f42bff4b611
SHA1 3e27bd6e19d0d80056a477e08ea375b2a96cd909
SHA256 93235268f0db5f614b4ba38310f778a06d28f098be7e76541a3e440773e71937
SHA512 1d210ce8c7b351c82de8fedc35fbec091f31e27a5caecfa8bb0ee41a376daa7abff99b6f8d6f3ff636e73abf707475b011fe909cb0b63d9e0a96c5a171c3bd40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 019b58ba7a8bf2bf475799de38032266
SHA1 41750fb9ca3f43be7e5e81cd06ef4b1693ac0a37
SHA256 7336d19dbf31068511238ff7de8ad54bb00f128662b608a9b783a0e4d0bf8c60
SHA512 166bef2554ed7f2c8909d576b813c68b2db7b72f79da053b81bbc950190d6c816079da2d4eeea978195c012f7a55e1d551bcbe7d56098e5c8d45f8b6902b4560

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ccf7aa2176152877665dda6a0d504817
SHA1 e4eaa4e8dc43248864ee82d6eabe9fe826e6d62b
SHA256 5d00e20072f34c89b81758ecf5ee2ae51ae6a26e9fef584ba480b1bcf207a57a
SHA512 6c030c84d33b831d447a907554f7deed55603fb338b7edf4119645e6ca34d80b9b84d1cfd7581d822797d37c9ec22e30feaccf23550bf4ca80a3b21634394498

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 62e7e1ef2acefc9b0f57d230bf5c8645
SHA1 b13e7d7bcb83a72593f672d72923e6370ce137cf
SHA256 078cb6943ebd2f35db5739291b4d3d24f52b52a8f0e5d67fcd77cccaf327c190
SHA512 a0a71ead4a7ac5ff17131a958d54b8133818826c8593ce9dd8f06fb427d3db78808002b0c18caf323861b0552e6bc61f2c2acbad7a612ce836dd624d9bc45c49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c9fc0a5c9b65d71203738333dee90b77
SHA1 5486c855068b9bd3faf746202171f1209df6fe22
SHA256 fad0ee54cc4b9f6c1037bd37e46893c7afdb17cb61ca7fc100cc6357b974d98b
SHA512 0bb898b8db95dd953639923fd480dbe45f844a19440a7a2f1ac89ca49736f47e8bcb0fb71996598e7e2fb2bcc5bb83b0edd7b8e15334e4542310c4b8128c8070

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 58c5b1e30a43bfab73b87a55d5b516b7
SHA1 11c6171e6a7171d88482295d8b6d8b9f7bb16908
SHA256 cc98f77e4720e99149a52d175c09fba1b567dc3eb4435f02367dee052670ef5c
SHA512 2c7c5c8f23e34f9b2fe7ef47e9647683b9c613a6c2b9c3eb78988322b8c1f25c418a836767fde8a6a31cf6ea8e50aa68a235b5dafa106eb75354a5781921dda0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4948137d127315abf1661a55b1128491
SHA1 12770104e3fc754b238398eca68f732cbf4d950b
SHA256 86e3e1bf1048ad810c2673ae674e6d5584d5f2de7b85f72ed066d521bc7df296
SHA512 40f31a31decc5b048ff0091041ac3c2b4c8c8c3a9b1525d659fc6657b266bf385192ce4e104ada676b4901235a38a2cef4fee8874abff4a11c0c7ee34c7cf02d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a3fd3841e86480d9cfd0c4827112d93f
SHA1 b05e1e6779315542b5d7ac00392af133331530e6
SHA256 999fb934b114f1753b84895ade1cb89bcc2dd61bb0f2bcce701e4bcde1b6c8bb
SHA512 6a4dcca256c95011b74546ec8ba2c3d224f0ad57c2eba702b80f6b1914fde2119df5c6d7207875ecd9bd805a5f4fd8e6cf831f4e7c6606039d49ffd0c9e1e77c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f122b8b0e80a1c2ab932704ecf327aa9
SHA1 aa8989bf88bbac31c2d496ee99319cb7c5f4eeb7
SHA256 28dc0576e8691ba4d8679453dd394d948c5189885ee253433841c50b9958868a
SHA512 edaa648877eec2f43e9c01a0004fd4a8bd1c152a5884d7f4b56532ff81e99fede276bb4d283bd733a4d28af304e37aca5fcdb50744ee5a0d489df64e33f37e1c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f2f183af41059b64e72f25c340bfdfe6
SHA1 c8cafc1244123ae3aae66a98951c68dd5d1ba967
SHA256 89fb42e56be581239cb6910ca9a4fd30cdaaa18cf34e7532ad8d8f70ab80e0f9
SHA512 bed9abf40719b333fa6256f20bea46231bc8bb20e277a4056be1ff50f405228e43898cf0608efb698df9c170f7259894a27a93afdf36ee337aa323adb5e8e9f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2f84ac0587d0ecafe198a477e100e812
SHA1 08cae8c1434f5e67bd80ddc06d0812847c0da6b8
SHA256 fb057039417d73662d736430172957f22e66736d82702aff5df3bb6a6b11f3ab
SHA512 60e0eb93612afaac831ba45d20e2160e6678006cfd1ac7809bdc9456ecf57796e5566ae8edc99af6e3ed41be53c766e2c64e29b214e45cd514dbc1ee46435801

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9472639e267f7e93ba81da22ce99ffc6
SHA1 88605fc10e0ba93fca4861694d2b6686c18961d2
SHA256 4bafbf67ecf703b44039f4c0880fa1d5904a4175c6be83e230ba62bbd1cabced
SHA512 04d5e71ada10491abdc0abd22bee10123198dc5dabe818827a0af982837065a3e932e69f30a20c97cf840e2a51e12d95033a2af6a989497b41db8ad66ce7bbeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c451b9ba2d4181ea5585299f8ae5ecc
SHA1 28475fb1503f42ea478308a04a83dca7f8035bd7
SHA256 b4cd588fd9d83c58c66553d8609019b6b30ce8865fcb65a939cbc65acfeef25d
SHA512 2fb1aedabc1f06cfa6b02fbd27d5460aa5109120be59a1292e58abbd61b711bdbca7a2f1b8521ad81c6aec89d25709c4151345b4c7c5e926906022fc78b61ac3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4e5832bc592856d70071f3da1d852984
SHA1 cbe1b4c70b7f09a87323576b82effa5e319d9b8c
SHA256 45f8723f825247d97fd8c0a02d723132ef831ee2ac6fbda47027436e37599cce
SHA512 8773169eeddd8c8b9fd4d17bebca8bac8135161129b645bbdff8257eb973611ddee445af900dd181e40133992f211df2e8fe509a62f4dbd435efa1dcc50d7e5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 46db7e586b2b5f79d11c2d66dda67be7
SHA1 75b37c04621d46f07735ebf3729711ea906ee799
SHA256 5df5c0ae4008bbe169aeb0dc872f3a261acf4e1ec6b2597361c315c5235109d4
SHA512 d40b1e0237cf776f9faa0156850644b7524569125c6a990843c6a03d798cbc9858d777d8757aa58f873f47fa1abdbb7a4f5deb78d2e5ddc03628f3cf432b72ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 84acafbbabc307856dccd2a9c4c7069d
SHA1 26bd51d060bc14c3ca78100911783f4b9fc47f03
SHA256 b2214371c0af9b81bbb480060d13207709f1d122a09485cd89a14b8fc7cfe76c
SHA512 ea273301b5bc60e6f358e1a0e5f611a7f1c7943d5eb5bb4260eaa0d1a920f7a4d8984917d45ec0829ef52373d88d605e31c9c17ce25ce20d45f8d4fd3a626c47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f1b789b9c340d5352ee66e41c39b9d42
SHA1 4b76231cc68e1194601c35f1150608dfbaff30ed
SHA256 74dc519923b48a0ac7067f1e2abb5675a0e6f2a8a022189ba822dd866501617e
SHA512 3f0feb782b50dcf761364567bbdc4797437123ef44b04e356f70fd183112af0403f922040dbd59942f8a0bcf5af40a545a58efb60dfa19705cf887102f4e5d48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 730c4997b75b517917e153ca6226f35d
SHA1 c899b3f07678c9fe3c350d7d84a30b35b60c3d1c
SHA256 318e64bc602fcd0342812f779b339bcccdeacf67742edc960efbe4969cd1edfa
SHA512 c21a356eda06b049e070bbd2de9794b9016cf2d8f8fc3f4288c93ada255fb78f616428d31f5efcfb794fd9b9cbd1b17c9c0359388e0e70c45e555fddac6bc20d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e5af24d61d8eb0bf847b2a36ab288cae
SHA1 9fb35deede9247db8a71700a620a6702cee53c78
SHA256 c12b2aa0021d4a63f22fd1a34e5816b9f702c1c26490bd33aa9d7c4e68424db3
SHA512 85872a1376fed96f7761600a3faa172d7cb911931b2b194ea3c6a23e829496a9bbb912e2215f8a6ace3301ee62ae3e905cc48ba6d548bae116aa0d269c2ccd74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 021b983cb25f58c2708e356cdcbabbde
SHA1 112ab3c547c1ae625a78cfe9bb6623e6faf029f6
SHA256 da78f0b783934307332bde5ef508fd18bad3be67d1510b2c1c9804c8624c24a3
SHA512 567c1ad61b4ecf8ea947e80f433bb9f3c1d2c0327df0ef0f4ee05d9fe05c24654fdba6f6941a47f4c8e0067375878e79f903a82223a2d2571e304c1eb3991d99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b5d84e920eb8f1c71a42c8c25f9501a3
SHA1 489cae81481ecfe8c7a862c83192b6eb1ab9a00c
SHA256 be99336020e2402b7b341f3b25d286cb5db7ead8a08f666254ab1b70dc4e8377
SHA512 9ef7ebd6e656c325304455ad78171a0c29a4841431aea463f61c890e17dc5cc4b79cfe148f017519d376248a7daf1046e66026c01a8df810b393d64351d2dc61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a0575d8480bb020789a0bedba1990ffd
SHA1 d40adabbb5ea7ea7148d2c7a0f5a0ab3dc5f61d1
SHA256 13d9f8186e2e32e5a4e5df39e76d04897d2bcb33d2fb700df41eb21490ed746f
SHA512 5700230b46d85e1083b9810db9b133d5348b94acf497bf6f054e7eeee8b5c141ce67c16b0edc51f538ae05df34d598882ae77c04af477eaca86cae8b1307a147

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 28c0b5fed3795dedd9f15eb1c0efe855
SHA1 ae567f54608f8742910352ad2e1d065b70d88a95
SHA256 d71c7148de3952c67294a61a31d93fd527dcb5a866600bd69c7427495f62ef68
SHA512 08579a8c9c204f722a9c02597f706098dc96914f216fb01c2be956704b15aa119a64142133bd395952fd4c41f1ec4f2ae6ddaeadde237de2bbc96c51f270ca7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1efbc1d645bc5d27aa079955421f091b
SHA1 c24306c469d8d91bed1a154d3427d01126e4d677
SHA256 b6dada940e3670b2d83eceffa126dee9c3c4ac59c7cae89804520d2f018e0b4a
SHA512 ca05ff0836016ec7c8869d5d978dd4b9d32371ff232a2aa80be2838e44088d0d369e46c53984bfa786c1891fccc37bdeb1fd0bbe9efaa3152b41eb1e73b08d2b

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:19

Platform

win7-20240708-en

Max time kernel

783s

Max time network

1564s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1892 wrote to memory of 2656 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2656 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2656 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1892 wrote to memory of 2560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef79e9758,0x7fef79e9768,0x7fef79e9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1136 --field-trial-handle=1312,i,10189505224435921766,6058407144100348041,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1312,i,10189505224435921766,6058407144100348041,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1596 --field-trial-handle=1312,i,10189505224435921766,6058407144100348041,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2220 --field-trial-handle=1312,i,10189505224435921766,6058407144100348041,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2228 --field-trial-handle=1312,i,10189505224435921766,6058407144100348041,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1328 --field-trial-handle=1312,i,10189505224435921766,6058407144100348041,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3488 --field-trial-handle=1312,i,10189505224435921766,6058407144100348041,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 88.221.134.137:80 apps.identrust.com tcp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app tcp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app tcp
N/A 224.0.0.251:5353 udp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp

Files

\??\pipe\crashpad_1892_TWQPDPMUYNBIGRCF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Temp\Cab1142.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar1154.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 03fc7452f5d10979d4f49e2f78ebad41
SHA1 e3558d6216419dce5186edfed136adf6883d08e5
SHA256 f21126079d3bc2791611baba0230839995c29e8e9e0a699abd75fa1473912a00
SHA512 1c391d9a66093894a6089451d9162960eacd2e7c2343198a3d6a8b4483e4875ff9f50228fb40deda8f90fb58b877ee1ac3eb231e8b817a61fcb81c33dd7ac949

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 38d30d6dabe3fa421f725eaf70e6634b
SHA1 7b9efdfcd9fd0b16729f869090bf8451a1ad8894
SHA256 d00133a34543754acf511e89dab5613fc125dd774b490a54feffae6f32768271
SHA512 6eafe65873322c132b8f7910f4aa0117b8e77dc5ccc6ad14765fdd3d0cb5c9024b50f6e48e7a21905edc254d78395de20d433bcf448054ebc4ccbeee62d9076e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 acdc43980dde0f6ec2c4bb1b0578b974
SHA1 057a0a2a023cd93baf8390598315662032f9fb25
SHA256 967d538a3ffb365e78881e9d493b3505bff344265627e1edf528788c2b50c235
SHA512 01f14e290617b7137f4225b9a0266045259e46a8ef6a42cb5c51bc9cb92a6392753a21defa9e355c1a6f6f36a1b701f32cd7a248858dff43861a241c4f621f8e

Analysis: behavioral5

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:22

Platform

android-x64-20240624-en

Max time kernel

375s

Max time network

1792s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 accounts.google.com udp
BE 74.125.133.84:443 accounts.google.com tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.227:443 update.googleapis.com tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.169.78:443 android.apis.google.com tcp
GB 172.217.16.234:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
GB 216.58.212.227:443 tcp
GB 142.250.200.34:443 tcp
GB 216.58.212.227:443 tcp
GB 216.58.212.227:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.201.110:443 android.apis.google.com tcp
BE 108.177.15.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp

Files

files/dom-0.html

MD5 820548ac31fabba84f9e196945305158
SHA1 77c12f08a98d2e21816c529e1bb598b7f4fdbdc9
SHA256 54bb63bba08f821f37e86cc133a496eaf6e3d2152de3a1f26cdcc21c3098cf9f
SHA512 ff9ab8f7da0ed08c1557526788592346da289b087d5bbb599fb28f568aa681715e79853c7d8f8dc5e0a5b70f2a30ab355d52dbac1f2597ccc55603bcb989ed74

Analysis: behavioral8

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:27

Platform

android-x86-arm-20240624-en

Max time kernel

1777s

Max time network

1805s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.200.35:443 update.googleapis.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
GB 142.250.187.195:80 tcp
GB 142.250.179.228:443 tcp
GB 216.58.204.66:443 tcp
GB 216.58.212.195:443 tcp
GB 142.250.187.206:443 tcp
GB 216.58.212.195:443 tcp
GB 142.250.187.206:443 tcp
GB 216.58.212.195:443 tcp
GB 216.58.212.195:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.179.227:443 update.googleapis.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
GB 173.194.76.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
GB 216.58.213.14:443 tcp

Files

files/dom-0.html

MD5 820548ac31fabba84f9e196945305158
SHA1 77c12f08a98d2e21816c529e1bb598b7f4fdbdc9
SHA256 54bb63bba08f821f37e86cc133a496eaf6e3d2152de3a1f26cdcc21c3098cf9f
SHA512 ff9ab8f7da0ed08c1557526788592346da289b087d5bbb599fb28f568aa681715e79853c7d8f8dc5e0a5b70f2a30ab355d52dbac1f2597ccc55603bcb989ed74

Analysis: behavioral9

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 14:57

Platform

macos-20240711.1-en

Max time network

2s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 17.253.77.202:80 tcp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:22

Platform

win11-20240802-en

Max time kernel

1799s

Max time network

1800s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695895601836361" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 640 wrote to memory of 3380 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 3380 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 2196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 3972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 3972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 640 wrote to memory of 4632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbec72cc40,0x7ffbec72cc4c,0x7ffbec72cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1796,i,5022194913624227626,17975427257522320089,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1776 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2116,i,5022194913624227626,17975427257522320089,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2112 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2212,i,5022194913624227626,17975427257522320089,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2392 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,5022194913624227626,17975427257522320089,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3120 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,5022194913624227626,17975427257522320089,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3160 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4536,i,5022194913624227626,17975427257522320089,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4552 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3720,i,5022194913624227626,17975427257522320089,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4864 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4928,i,5022194913624227626,17975427257522320089,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4944 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4996,i,5022194913624227626,17975427257522320089,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=740 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 98.47.66.172.in-addr.arpa udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
GB 142.250.180.10:443 content-autofill.googleapis.com tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
N/A 224.0.0.251:5353 udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b45fba1ab0f6a45c6559a8b49fb5ce81
SHA1 67e3d977be12a5e960f1193122746fb4b11406fb
SHA256 cd42de19118a2fab14e3b4b274df00ee4c984a83b748c31d6cd2fdb114da0c11
SHA512 97fd26bc963dab003f44c5f9cccbf6bc94ae8f854e280ef2343b95b6a7c4d33c5da9aa533bec32436456c9ecb5cb424f7ddc65b3760992b8d65399a800eac545

\??\pipe\crashpad_640_MWFRVGISNHYJVHLO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 c5961e07457aba6431b05742748825f7
SHA1 dc3b3acc7788ff751bbb519d378bc7e4eacd7b26
SHA256 2755dd009a1cb682293b18d336c8e05029119cde864c9658467c9a2f04a7db40
SHA512 949c2f6001daf6b8d5c3983f40cc448754fd0f742cc59dcb1218cf273d007d49b735dbd23ac9ed0546ea5c0c2eba45bd65a6bfdbadba06a815d3b3529ce86c57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 aae495750e2a511f3791b879f7a1c256
SHA1 5e9d38c4cf037b35364b0ad3e6500b02e0ffbb04
SHA256 c00abff533a32d0ac223b6afb1edd31ba4cf3ddefa1a1f68a8d7fbd98e47e81c
SHA512 076ac4872a1d07625066f703a5b2e4f72e9521a691e2f51b8bb715eed97f317cc6791869367d3bbc9db3e7211ed8b12f781d8fc4f32a3e14b5386d29278c43d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a3858f27a136733f30a633c6673643f2
SHA1 4b183a8313adf477ae5ad28aa21e78a4cf5c2ee0
SHA256 a0a50d075aaa20a912342c7a8d24b4c2672874599cc8b4d1e5292a1afbf9d8fd
SHA512 c882c8c02628d089cf8e9ac73adea9591404f0690c632457fb444b49267408422b01df91b69af8739a9c260578d07f35200ba969fa2062133c7f6d2242de06b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1e18cca2d8113cc7d7ee66d0c53cbf61
SHA1 23a161148754f03ed726c262598408d1bcebe567
SHA256 72dce54cc9eb8e1f78233fd623b261a577357adfe6ef45de16e031c1369533df
SHA512 7717dd8848e95dc21e5603dcd76ef5db6badda332013d50bff3aafa67d4f0fca0365f7895ee8538f32c5ac4189b561015663eee9a783a988afd94256d9f727a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7ade684c0650cd2a1ee705f19f813775
SHA1 7a601ed5f8e2914846ea358fdab29adf00184e87
SHA256 c364b3e52de213089f8c00b0d55eec22a59fe38d02e473c5a97a8c26b44ba518
SHA512 a4c4c053e4b3ec5a10247d31da6d47ca6873e6133de67e1540038dd680f7175f42de3d9a65a573161b38c6e7e487afbf1f8bc4441ab2ea85052d0ffeda2f4001

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fd4a8681fc1f9e8285ca320097cf85e6
SHA1 c6299a02eacb886d8dfb5376fa36261799e4d8b6
SHA256 968754abc4d4534e7a51e8eb66cb3dac61faab5640333f4fd172a8539b5844d3
SHA512 7c256da83e81b8511e181f675fa65dcdfbede1fbc14aaf88bcc04f6393aab7f0bbbe26312f8c7ad794dbbf9957fe9307780e73253ec22e20a93d836882c0015e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 024127ebba3b102fad95f38b356e1473
SHA1 9ceb043b12cf0ce818a31f7cdf0681687e4f301a
SHA256 0d4a06ad8b989afbd2b9e127e2a1865065e7a6ad3a2e8a016e4b7c9743a46fdc
SHA512 4df452ba61daac3bd8467d6f98ccf114d82a6413db13f8dcf2b74bac6f105070d757a973ce67df5a7443586dddc7acbb0145c8fa8d567b60fe4de8a10700b2ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bf460b78ebc596a527160901658fd46a
SHA1 8f28125f546b460e0cd503e00657b7eb4e7f0892
SHA256 b205f18816fbc90d5d377305fa5a09cca0aa3dc758fb6fe2faad780fa2a4b4c1
SHA512 652e18e25d62fc2f9e9d0e2e3c0fa68cefa6238bd2cb1313ceff5bdee29a4feabfb8fd363fde396afe6d90b80482b8aae3e6c7bc80f0e4772c0a5dd5a8085a0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 647e660445a314e169055a84753b62a1
SHA1 ac31a881857289ce86800efbf7786692f75dc3f6
SHA256 7e6daa716d136f8a787a0ebff6e16113e2d867f89de9d0e54fbcf679c0a22c89
SHA512 886750993c5b7b5e7687715e2d858e834ba8b09f98b1ef274e7ca81936289f2b8d6bcc99c6eb97b9a1af2a5d0d3bd2f562b13cd2d73c6bdb450606527310dfd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 66f0b7788e2f6ecaa14b1eb0ad9f2985
SHA1 878086fea5dcadd4b95c98007a8ecfb185a917ac
SHA256 20cd670581201e9648d61c7cf13f24e34968038e6ae8299968456d8b1cf9c8b0
SHA512 a3c4fe5ae096b927d97f4c5618bfd305bf3f7c803e4b07f306b5846a0133decfc6bfb0763bfc56005f4503b8576e2be2763a51d4ec47e99b55ea6a19f4dfce3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bca0d1e09d987151f434aa471e290d37
SHA1 9edfaeae4880562ef40707624dfeaa29a7799220
SHA256 74ac9550c09ef25a7856269d40587dc26deb825ae8c665b0db60ff329ee78aec
SHA512 f2b3414d1b5ec1f862de65c0c3ea690151957ef6bb261bd6f73848784d3f606896f0d09a2d4936b13aced058ac17f1c0fc2b69d043cbdd0add41c1db595f0236

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f668f134f258c161c36b2ff3a76f8174
SHA1 06e5767c660d9d11602aa1ee3dace8d10dfc5f86
SHA256 5e109cb252b802b6e507654b83b9480b59a143c9a7046f2b737a2821d7e51e85
SHA512 8f46f76c9c3ef72dc3589e539f036bb232bfdd7c625bfc9c5792dae0c4ead02c19cba3c15fa413cce9361b28909317cb39517f57ae769165f5ee47cd285cb5bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a7417526721f0cf5a450d756f34ac1d
SHA1 78dca7c57344ef6cf68f465b84937cf885f70c1d
SHA256 e1ca4080472b0d47b0b4c9232e1206954c6ebe6aacaf518b66c726e58bd12461
SHA512 fc8927fd4b0a5b6383cb16aa89d631eacdb95365b5456664be8f10811d0224d11fb01c2b434ed4827a7a9188ef868388ed4fcf458f552be2154dab1b2666df09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b0712347cf7d6611b171749bea06acd
SHA1 3a31bd3de939c77e053dc35a22918873ee3a2d48
SHA256 0433576732fb5aaa0b351e9ab0e00f2742fbb58ccf2ee6713f2bce0f980d0103
SHA512 af1959414134883df719f7551f4593e94a537aa34a0e77eab6fbf4928be2bf437161c31e7d742872d9d2a755ddc6f0e2bb8b90816ce8bdc5a5be06d6cd476993

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 949f334845f13f07d2a142761d8edc2d
SHA1 0d09c0e0c740467470b1e0523fd740066c172cbc
SHA256 2ffeba483e1820c49e91efe46e5341ee881d2e29f052a659cec81f0f01b38bc4
SHA512 aab4c594a0df99a6fdb19739a05e67cdfb043a78d274d1b59c0d5d2e2d03cda0c647d1bee24286f83b23b7d226b5c99d3fc3262823e0bc802f762e3636b913b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 435ae8f7cb20aec501cee2788126faf6
SHA1 4d1875952a5e34b8b24f43066e56e86ac3d2e41f
SHA256 7668663e119552a9a5b61f803fbc4320749396fad95feab2ee05142c47722698
SHA512 fc330d0b647e75b5b5cc6f1cffda616ff13418d45a0f6c4ba6b366ecbbc1b6687d694d88a23ca7a2c16ce222dcc40ae2a36e0b8121878fc20b5fb733bf2edc02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 53c0ff34ea8ecfa658b933f1ac5242a8
SHA1 4e70781ea4ead2649c0efd54b1bdbb67aa7c6cbd
SHA256 be02d43baa1b97be9d54ab7ba1b0f0bd80a6ae2d80007311f24be89c8c96e97f
SHA512 3e674d3c6f7cca161b5c2c771355a9d1f4ebc1917756f26441234418124ca0a78083a1b3482b5ec2ff2dbbdfa436d7422d7d64c8fb9ebfff4e7a187dec90e191

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cfc08c37e1fd973544b6ea7f752db1d1
SHA1 51b4844c8f792fa423dea6fa4d6007938cfc15da
SHA256 a47b3de038848f11335ae992ca35672a74d905940a7b607decb126f4f66c3831
SHA512 4d68c7aa6c76bfb2392500d76fb81b1b89e402fe935a8d50ebef4fc90e5eda0b109a12008040b713a554c33f49d11d8a64eab746f6a781f47c30efa051dbb5b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2e16be17457aebe016759fe5f8095030
SHA1 ef9f0881bf7f716cdf2585c2067afd03f1fbaf17
SHA256 17b36bd830c92a3a12adaa22b24ff8744a8a0b05e84ab0988a12ff133318254a
SHA512 e0b98c9a38fdb26eb9f7a97015f4877d746e16c3126a19e0a89d0cd032dcba35c7e83710684b3d15d350d72c447fd8be846a7fd966bb66ea89807504c90f74eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 841edeefa4426861c31839aae109e2b0
SHA1 3fc4578628934f62841c175154f5b79e07677011
SHA256 8808e1d2b526aef35984eb7d2132627f6b161c1173b125bb0e3826a122b355c5
SHA512 6d9f20b0abc1fbe7bbb2ba0e44188702cb900fb1e510d4e8a804f516bbebee6aa914567b06299604044396166720a260c0cdbf67dcdfb11ebc505bf478b23c4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db220bea70e0551aee36c5a3ca83ff5a
SHA1 93306f682e52e97ddf9dde0404422758e765879f
SHA256 c08e05341d6e8ac352d23a98f9e4fd4872ef1bef4c383a327c03b62888b21e9d
SHA512 f1d87cfc278d5a38aed1cc85536e07f269f1c3b20a521e0aff40604d8f1677e8f62fedbd256df9de1abf64b25877cbb4ae07084bb0113abed2abf1fa3bd9db0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2d7c10186dad1b7dbf0fd370f12beafc
SHA1 544fe0589bd9909b97a2e799d25ad43c698da169
SHA256 4f8994389742e63031b80bf62b52eb38d5e3e712ace59275046d3d71e6718d4f
SHA512 22488d12b40e081fa9414bdfe093103bb9274875c75fa5f4497bd834f90f17ef2af8f5be05871398d66796ba5bfee2f02f3096a70229be13b0314d987bed425a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3dcb53d4780a938ab1093e911b05defc
SHA1 fe4f6f988cc63d1041810a214215f8474bdc2e79
SHA256 c91aa0b9c643f0ebadaaa6ba401d34342a2718afb082fed52b3b2ee9ad00c892
SHA512 f2e4970bc59fcb3cc81ce9f55c39ba9a61d451750c4782d48de1ed26b0323d14cb41fe46fabba82f15e8c5e58596055285e2d9d53de7d331a23478c44949bf92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a6257b71903a5ec237f8060139810454
SHA1 6f06ca6c27b5d60e44b8b68f6d85e93cbb0d10ae
SHA256 f99c1621f446abddca9b7d63e547f6a04aff8f8f3573e4eaafc3122690b3a709
SHA512 57aa67ab01c0c4d933857393366b27212f09835071cad6edb1b3374c5aa715bb01fa8303134971dcdcdd777b1d14b99959c20b80190e0c2b59c63db94831fb56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0b6f3b27557c94c69ccefb008b4521ec
SHA1 c38a3495f80d1617da43639fa8d2f8104b4c3a86
SHA256 14f41b0922725a7595ec847d050986c5bb0ea01677eada1626d510043808ea4d
SHA512 f6e7aeba0665d8c64a6f8a8a5e7f4502f0216ba6b6ac90b83c0b9f496401e20b0b6065d5399185dace0c38e60cdba2161e1bca9e6cefe096a395cb3f77642f97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 746a990c72df0902a57a1e6c4e993f99
SHA1 9c979947ad5a3dd92152b4fb8d2a52eb67124e07
SHA256 2c892fecf9f302a8abff360932b51054a6980f24a5ac488e827f3f8b303c41aa
SHA512 adaa1a1f4c3f9ac3320fc53e106bca2bc10f6ba8acb60100ac2ed754dbab2817e8c97aed35108740df84939ff7217e81e45b3b9586953fd595dbb0e473da6cb4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d7f9f6faf0dfe479585bd563c220ed33
SHA1 5aec5d69153ecfa0e278f38cd73dbb7ee45079d9
SHA256 035e730b91830c7f6a1af236d5be8b273954731f7ae2639dce851d1870a0d5f2
SHA512 1c2ba2b03a0e1960e30afdb025c45bfe0ef4e509411edd8360738816cf6ba61de29cd03552b02a92e6bd8495ded426642bd0d8d4c26cfb47321ec1c008fbd416

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 914c86f9c630f59a8c4011fc445aaaf6
SHA1 5aef6c10383a57e7efd096d6a976eed337d32383
SHA256 f078b8be24fef6a4686cbb59a9a7491cdf6dead15e4ba98e7706e44e9d34d5f1
SHA512 900f4776cab6735f0745eb4cc3fa55bea4af0746ae488f5fe956748af25a56d512b66bb5e3a3d525ae5a1de02d12389d90eea8506c10d72eecee938525b80bc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 093f0fe58009df50c2689c115b4bcd8d
SHA1 6c0e360631eb6daf62ad0e42c195735e3664e4a5
SHA256 7562818bd8bfa25a759a63cb6c9309a531961b3b7e5d394fd55f70fb2e664482
SHA512 7c8dfcc91b54c0ac2b712addc4cde325cfb238e64a72f3b19e47d4fba5176aac3df4c62ad2c1c27654ed4cfbbdf88aa8c7973f48f0b65c369d8ce33a05c1d767

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4c0727350a0573125a2fd87eb6e29e2f
SHA1 9a09aef0fc2f25539e76a45031d92ea5996d414f
SHA256 92e01315a9610381af7b7c62c2cf25499ca0538b82081208f040b0a07ce86bc9
SHA512 192c15713602b1fe35fcb1ffb63c25c05c28a2ea064e33fa1fea5fb1527242d6d650917e235bb86b37ca2d65af4f70228595f85f0221fdec1989d3b35b32c82c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4dfcb7cc6e3706238f67067eebb87515
SHA1 20dfad4922b98d38c080b28cac42c64d1746838d
SHA256 17a8a7ef5a795a3dd5421d7be3fbe7106910ab37f8199aa00ba00c19b225bb74
SHA512 adfe85eac52f9230501c695e7e40d6a6b42995f459c0990bfebec10f7beadfbfad433770bc0119f6876ad37ed34e2a644aaa6d82c2f24eb5c39cf4d657f1d9bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ebc50facc0cd251ca71c7d54ff121d45
SHA1 44e6798b896efbac14acdee3a7505a548ad3c7c2
SHA256 1c92622403d68e0e7937172c3c368d55a2fe3cdceb7737c9ca86da58f14a202e
SHA512 a204b4fdbf40e28f65d795ec7b6368033e9a6f17a42fa9a85a0a1f8afb69eb1e69745e3939e1bcc6b3d1d9f7803acca7ebfefd3ede1b24d91c55daaf51140efa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 301fde243a2dc5b833bc3ac656b1f5f7
SHA1 bcc42d75fbfa6cb38e2437559b4503a4adfb04e9
SHA256 2af715c17bed7676afc30988d43bdea7d96cea40f52cc5344edd0a5b481196fe
SHA512 ae88aadd0e6524720adfe923de9c60b22f80415e886442154049c295672fce6570096ac5986fdd3a173360bce4db45c99586c1613af9ce50078e3b3b3caa3d44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0f9e9d1f82081407d13db5b8e878153c
SHA1 d2f0af1267ab0f61117b1d9dc153bdc4348998f3
SHA256 82459f67955bafafdbce06de336b996835366ebe2f00ff297e49e53cf950da95
SHA512 7def394f0f8fd977d8ee7274ed63f28038fe083b7f2b0f112884fa2252ab5a3260578df2e4ad592017ae78c3c28ea140db0068cb3bb3f8ca79147daa30249a66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 172bfb69e1c930f7b26c18654b2410e4
SHA1 1d5a6ed6d982cd5336cbb3c221a1678165fb8352
SHA256 4ff191ad4ea86f513a4587369c72c81fe40aa0718989da27629520e45a91f14e
SHA512 02f3d6f398ea35c04cdb44437fc47737176cb839c35a9fc74092df0f6e7ba00f37598db1d4a058e4a0e9ebecc5631677d250c23daa2c40914d6a03de85e88e53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea857214d7f99a0a575aad2f1e846a6f
SHA1 9d46b554808a17647183d413506284052e82a22e
SHA256 b07c9c579f9821c512d654b1c0c88915f6da57275431d0063f1d17eae7e056ed
SHA512 355d235f21365df714bc850081729896ffec323a278970b8a1bc5411302472418db9c5a36a23033f2ec7d3742d23fdf412c7655f14659191914a52bbd76475a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f6df41851cf7c35819d2319e72ada8b4
SHA1 14b96f8fa19713b9e2dcf9085cc46431d9c796f3
SHA256 130bf5536e29ce886472bfc3335c15a6a28b7de2d6b96c57d59d07b21a69b06d
SHA512 004a26b207fdfe7a16f8e0ea740ace240495c278d87298882484f618effa45bab4acb2d9416cd569fa996f61d6574cb42e6d28f97cb58a154b55e8981576f500

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 585f62387132cd0b370f53ad23aefb55
SHA1 9722376365c7c02c153b23f4e974dd2f468360e6
SHA256 329b81ec377312eb1eb3cfcec1645c1563951252a888eeac394a4e417a4ff3d7
SHA512 7d309f887ae530c025163eb32983fed0a727c802ae1b7cc4fb61794e451be4f6741bc15ac3b41c543cd26c9a1e977b7fea1c851967291b6f42181340012dc672

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ff1a2e51555e8413f6d69fcf494eee3
SHA1 dd868a1adf6806b49420ff11cd274fe51a64fd47
SHA256 bf0688d9011c470eae21cb3b9a05d6180f3b682d38f79a59930091327b24439f
SHA512 e8fc3659bde485410cc85350398aaa147898bcf21f4dd4acaea8c6152bd476ed361013788d13d538c9ee947a3e4c6b41b66b894b940750d674337eaf08e2b379

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9b9233516f53b462ab1f60d0e319e074
SHA1 4dd641c384bbdda61ec41cd1066b15808301ff5b
SHA256 c797b8990c3ca327876147345f962fe4a1af23d33b8d3afeba38d03362e3d0cb
SHA512 c3a932128382219e3fd614a1630b46d50114ed843fee8c230543a079523213a07378db697fcf3246298c52b1d891aa41e657711519d9e0907105007a7acbdd83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f32df29c579703b98f366aa8371b968
SHA1 9341d343a5499da3ab04cd03151e2b2ecdac13d9
SHA256 cb8cebd7b64984e5c2d2196acd727717775ce6572b024247774e1782e92f285d
SHA512 50d742955d6646d9403aa8245cbf0a0ca7369866f05dbcf0675dc1624cf876732e673f86fb17c531651b6f9188daa9e17d5e607cd6cc4453e902c02d32eb91d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d666e1a41e65155ec37cafa27950d4d7
SHA1 f213b6eb5d16e545c6c543d741b9e2407074bf37
SHA256 daa0154cee8a4d4402182a521fb1433a2fb8c22eafac170061993dcde3f2bcff
SHA512 2f4255dd2a7aeb20f04dc7586e7eee1dd2993e4d1eede97e1c6a6fd8f1279f79a23564826d474ab629ebe9781c1fb63dba929d5968035da25f36338118fb0b3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cbff13a462912003c38002b0db3cf36b
SHA1 a47ccc317263dce90f23f428c808aae795ce35ec
SHA256 87704433a392f51c177b17fce943ee3014e0858b5f71a6301687472583c4b5d5
SHA512 659a89c633f2c3edf7b13d764473711a2ab885f0bb10e857765bb162f0ae5889b2fc08045a104d161eafb0e70ffeb8980bf69b0858d5e41ad7d2936eef933eda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0923926a1210f45f0735b3917fb293cf
SHA1 ba0a37a2c901a820c73c9741d69d02c2d2dd7541
SHA256 19120cdf7f8cd47fd9c44df00ad753d301ac1718ef7eb9e3c76a52c2500bc3a5
SHA512 4b747bb2b5455f0544201ea4239309d4b25007614b48fcbd10f6f063b9b66baa2c28627d9a4ec1985a8a1ad44957c8e22566cd9f79c347d505cc9a1bbc80e4f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f03ade153813279110040b6966732e82
SHA1 64b1ca80298fd094416f3a630b6b9227545851b5
SHA256 6393cf2e9ac365fad0171f4796cfb804d913e1e1fe3bc4ec143f6c1f1e679a97
SHA512 daecf2d67d19acc6214128b6a6383d72bc857fe874df4e9d04a5f7b99aaa53e2ba6d2ba468de5fb54599e63e437ecba9fc5e9068477e1d127468f8cf2d09661e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1516cb5afe152d933878dab11e5782fa
SHA1 f4cdc9a0a43c4be55947f65ab103785a5e760bf4
SHA256 68c9322fed2508c16d27a1e327a242ca12d262bf90ae7af634bb4582306a3a47
SHA512 0c6429aef71c24f7574b286abd4b5421845f5dc8acd77641314c140c27d2b541f287ff2e44c8c6f4b5fd853a5d67097a55d2f5c63b99d7fe34f74d3ca99a8b7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e37e1de5e0b03fe53f722feb211048b2
SHA1 52f1b2900193e276b32099a7873a57fbbc92a333
SHA256 352c6e27d9a2efe5c045f8231cb73f536e5101b2620f16e994c2a9c4fbd61f69
SHA512 0a5c94c365a23c7900dc272986d0e310325552b25e81220d24785a32e6ed64b809df7e09b041b5726e4ddf5ab11bd6c1ae9576e5cbe503d4f93966a172515a3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 64a45f1a3f24636bc47a6508a9a3c652
SHA1 86cd956218432126f9ad390bced75a665556225a
SHA256 86342db934793225ccc1f1ce0ab31df6c9df1e9692f5e56ef8c5f1f22270f848
SHA512 b7d118fbb5e054b592ff8e13436cd50ee36c6132712dac32bac21c14b3017e737fe775b359fd548742a709c3af8408e29ce9a3a3a58cf31928ec056493d6ac78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22e6e3e624b47d21a1550246c92a7fe1
SHA1 0e4e6e9ecca73d6bad6f4fea116b765970d8278e
SHA256 359f5bfae23d1427945dc550baa0df68e11003a722540c62d3b8e46c45d2cb62
SHA512 02e9ad4fe4df5e88d8dd2c11ea783073b1a8ed52248fdb2ebe4982f276062516caf62562701ea7a777c36f82652c472ca0d166244f097fc0b2d4521d7c3b2d2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e6fb735c0688b98a1822802a72ebc765
SHA1 a4030b3887b0c84205d17bfc2cd7a07338cb992c
SHA256 06422cca65cf314008acd89d335ac962e15c25c67e3f44ae11ca001409d67705
SHA512 0db6cbe23131939ca02d97bd709fd295ad3a00e240ed95a99dfca43c026feaff2c2b5dc9d9eda72d5aa9d2e1ec316d9e54e4000780f305d0810ec6627db3f9fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 095d6b939375b4ceaa32b9a084b3e7b1
SHA1 11a42bd3c8e6649a7f1984e7adc061095a28a6c6
SHA256 e40c3eed4f4865f008e57749ccd59c22ed0a8127ae986b3008fa1f2c95bb18e3
SHA512 88af948230d15f07a6b72f62f82ab49ce82e722070425d596091f6f2884f69fb181a15f4b85ef50ee125daa2aa7ae8d1e66dc85aeadcba98dbf7de9873be8cea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5f8584e65ec500ded17091c52dd93a4a
SHA1 542f910f8f24d2e39520389b8fca04294d6940da
SHA256 fe815d81209d9df0ce1365d8905cf83e9c2945005215419c65ec23e4dba5bcde
SHA512 de2ee7eef19db9c9ce597919c077faf342254bcc397b1ea95ee30ef5860955983e40003dec8da5af833dcbce96e27c69d44ee3e8f53237643b033b1c4d10f438

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 95c0c7ba0282eac4e802a74bbb1926fd
SHA1 acb8a8d3488992552234c144eeec4f2c632ea212
SHA256 4f296400dbda552ea211c10bf8cd02c10ca908e9a349abe7ba799dda93f91d6a
SHA512 77caa01dcbc1d48f16d3c3cb0cb964b51f3bb67d2ce621bd39b5956799c8dbb4845d3c2c8296484e48e5058635f42b2354fc07e9cfacba8f44dc3dc7f0d3886a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3fd3740f8fdc6fa353fc7c7b21d137fe
SHA1 93120127edea6a4f0a19c6b9b45cfbee2afba9f0
SHA256 877291cd92b704ccb8f5767569523de969a100be40abe089400a50df998f58d5
SHA512 22d57174f9a574f4df13b2e9af8a2545583acf85444644148fcaecfc6ce4c535ee7a922f0b5ad1106aeddd48f09072eafde7f0975ae20547a4ee41808544673c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ca3404fcd5265f9874c42908f345d3f9
SHA1 42d599e50a593b3537f3e78d879614063d56ee93
SHA256 807501e571ba3001e6244d4a1763ab9055df5a7826018ee1a5d422c7d621459b
SHA512 818d6a13a67ba9226c07a6d0249503c120e3f0930e51aafb9133da6e316ba2240613dc6957d7f12f1f94a1ba23723d8bd0cb0627232d673e3572c18f4199f7a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11e866e14150e7d2071e823f8164a7c6
SHA1 d682352a355c5eb06a5b88a341d34a67b89b7708
SHA256 92bec87d8e22b92dbabe592f903338409d99a15598d43fcd24094080eb51dfdc
SHA512 77874577f4bbb222bd6d2fc5f2e3451f77e571d9c00a8d3abfffe3940fa30ed6f1117959bdf0ca3b3e56b4feff3db5bbb0778e3ca1d9472817abf257395a4d07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e6c0ba819f7b5f54b2c522e6bbbefbb5
SHA1 8235b851a709c0b9706265bc018927029a39975d
SHA256 00672d27d00a66b4bb38f46888e2bfe93a3e2d5cc9b7b39828534193101443a4
SHA512 1435514c2d8a110062a7f3505cd710feea040de9d20e020eabd60ece35405b3a8c4d7c5692978ff27eeeabcc9d5636ced94c3e2a8d34a3150378cbfbee37b6d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 356887f16be65a705d501cce5e57bf36
SHA1 830b17df40036c6cfc4fd676d18e37daa5a0edad
SHA256 a6cdb855e2c554d0db6ebd91c5fbd318a5d8fd8baf87f4bf13dbedb9344ad467
SHA512 f1f305dcda8bc465fe8c9666b29d04da2668e8b9c19f325edd30a9c023ccc29d0a4311d007c1644b65ab125d16fb1d47fc3904c3f15a4a5d9de0e0b1481eec10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b2f4fdd26ae5c73f4d333eeff895f8ff
SHA1 25d96be3b1ab9212a70a073f308cd4e803978cc4
SHA256 cadf7adf437646e4ff016951b7ba56f285c6c4388a9e000bed66bffaaf560cfd
SHA512 617616556e7079179b2b8d765f756708ee06239a11c2544ae5266f6fe260f9f88cd28345ba4fc0ae9882e660ebfd6be44a19e291f16beeed8492977736de6e4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a2e347da7ac5c7850be5994da10583af
SHA1 a7b58c0f63a98c6dd2018cc839180b645bffe9d4
SHA256 9cf2604de13833f17d9c3a0ec23b4eca7e817a3dc57c3f0fee1124c74c625018
SHA512 0697efc9064e8f3805e9afa9c83be4cc4960dd47f18d59302bdebdb5e96718854e4f2c407ca0535b3de29064136dada9388b482a8350338680178a599a4d55cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 938594729feb808083adc4654693a2eb
SHA1 2419c7bd278126185e9cd276bdc2703f2e50f465
SHA256 b07411c255d995f87d1331f7fb126d20c7a34a58dd439df26ab98257192136f9
SHA512 b5934505eed10082d4961a5d672f0b54c5bc926e864c95ac966666e82209fa6eebbdbbd163ff139d0be02f8e07d3ddfd523006079c2598e1f56fab57db00f434

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 35115700160c9cd3a2fe7289d15966a7
SHA1 56f023c093365c2a9114c6f05c69c1316b6e7c57
SHA256 4696183ade09d1e0e6e68b85b6dbe7369c4d3180a3e881d267e6c6ad9f7fcc28
SHA512 cb12910e7a17acbf050986a76d1ae3de0711e8919403d66a50c21d141347e26eced7d1c3350236e850771b5a011ee433de98ac58764b405357ebff337742ddd0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 116b03552e273633dead2029b9ab224e
SHA1 07fd9af75be2f8d9a43d4d380d9a656a0f0a5126
SHA256 dc22b04f17d5f4919b685aaf731d2b4902300d428703820d73db3ade30a56814
SHA512 2be2b6ee778e587a163a5325662af9954530c4e0f6834f9463fd79e47b675e3c8fe23e0813eea26c521c9cfff370b62b697e40bda450bdd4ff980e92d56a8e59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c9efd24ba65f7829e80afeca6f358393
SHA1 b71cd6c3dbaabe630a7a56bf8c08e93d647e5aa0
SHA256 9866fae84988aa3bf304d76846155af94cdb296e026be419ab8f7149ba56ae70
SHA512 ff75c68f2345bf30dff0ec90a1fe60b8274948c0d34cb940281df632c7559fc3a219f15731b7b642abfffefbacd5e11650c7c9d626b54cc295774fe421dbd44b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e23d69ee11c01f2cd986932122180e7
SHA1 cd1101995ccefc76b21d0d12303b34a98ad54863
SHA256 92de6ff0f25763d1d2a2b09909234b41821a82059cdc5b6fb0f34158b32f336c
SHA512 7494f6b968e1e7f71be2ed9efc59419a19b61763efa674bfa3ea5235174d2736e8fef9bba32fbb38bb15c52b0e010a033052d4d8c47c6076746df8a494db379f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2eb7abd72fac428bb00d7af7648faf8
SHA1 2a52e3a8bc156eb4c2176841d8a1647ef8f3598f
SHA256 40fb4eab4b170a7de360be0efe659e052c8b9bf7f5b92b671826c4140ef47f17
SHA512 1ddbdbc6f6dc2e31d9b1cf72af044bdeeb69a23757d55aba0654f1c956c350b183837cba971095161fc8a745ef21cca41067e7fd6d763d3db2ced90a7c3facd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9e99999075ff76854fc69dbae42b7ee5
SHA1 8a8617a18d4590395d0b6fa766576367b751510b
SHA256 4ecdcb3a703cee99d4b64808ba4f504e826d1a659b988cfc8ca829519766ea3e
SHA512 186ccff38bbc863ee28f949d1449b16514703b8f9954779a88ab6584e83bdfdbaa6b89d0baae9d48dbf000757a4a968516e352567c1bfef71bb4ef753cc9ba17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73fa2ec1bb6ef699ecb802d89093a32b
SHA1 790e072d782ec559547daf75db0c6550a8523848
SHA256 9c83c7bfa0c6ad48f983c54db5e349f84773374db923bfe6a696194a6fd8f8c2
SHA512 7eb0b81788a17e59e41a83cbf2b0467324839c318ff3e722d0fbbac27791ab67ba77b678f8d15a9d79cca14237f52d9a5021cdb11dc3b3858a942d7965e4cdfe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 20ad744ce3a127db9a146ed92dd0edef
SHA1 943e6e8bc850573d494e1e88dc725a288c0904da
SHA256 2058d38d11fc64d4755226ecb25fc475396d5dc741aa36a7647578077a8b2398
SHA512 4d4ff4514fb0bce5f4eab3ca4dc6e22476c142223b6cdbf2eded6025b1d502a50a5252567de39dcaff4ed2f0bb502a4e51f2363a754ea31098bbb8bf7e519ba1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a78bf790755a9bacc180dce1ea9f9e4d
SHA1 49857c91b661a3594ec53ce41cb25b5230b15832
SHA256 5782ebe825fa39c46f0a4a040c27d9c7f9a5440aa50fa53d6fe4e01ad1a6cdab
SHA512 770c883236300b0fdce1d780cae68229209ccbb4acbed568222b6feae5b8954d691d6ca4b50e39ad22159e174db7f08f3477d62c4a8616eff44fbcd42964ceb9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 29901f2bf392d6628160094023b2c7f5
SHA1 0177d3b60bda991072f822b7d3b1365b6090a858
SHA256 76cfcf09823ea7dd979580442e7cd7d746644657c7f445e829ff5a73c693cde3
SHA512 8bbf7b395bb65ab06bd32d8b767affb75adb9de0efa231c64c8d10d345ca23d639195f432365ffcec24ae6d0ccda1fea1773657917adebbdcdcfe5cd96f2addb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e11ee4e50e835a352dadb0d20e252138
SHA1 97eb5cb451c7db8649e785041810dde16c7a1bff
SHA256 fd5e6e6ffedab5efb5fcbe815ab9d28e7260d25ea65c97e2b65d07ea81260953
SHA512 d3aeb89519346e33d73b1895eb968a807f50dca5034dc592058d1f270c0dd19fc978feaf43ba1faeb9ff3a4091daa8fca34e97ca85457a16fb9808f1cfe7c49a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f06f23c1f6184040530b7ddcedb4b82
SHA1 478f53036578042d6fbec7461f5ce4e1a4cc2768
SHA256 8c133ddfc9d702e1b29828863e7cf4a854c8c69526957bb0db85632437b63c07
SHA512 d0e70d93e6a3b6035e937b52fcf2ff4371f77fc848a7c5a1ff0e14938fedd4b822f0ecb9323d84f7abc211917339df5e3262d52e68ab9847adf4078a45f8a86c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9424dfdddd6dc3a34aa2df6717f3bbcf
SHA1 e64c35cc8a4fb8a267e847910ef92f1e340090cd
SHA256 334e85b3c0546bafdd6c2878ae0c0069a0c9b61c93453effe36c9671591c5bd8
SHA512 278ee04ea70bf1b0d2fe41f488af2da131fcffe9c20c7c65c428995d3f26082ddfe4f9de539cb2321b89cb1d874a6e826802a3966a752db5ae49c395af2714db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 45c97aed10dbf794dd2d5e7bee03cab4
SHA1 face67b8ad4acdf44bb7e5160d7d36ed1b06ec25
SHA256 c9425ae132dfaa9b657adfd9e9d8d19b0375faf4fb46c4cc9e5aa8f20c671ac2
SHA512 27ecfcf4bdbe374dd0d119882e5930faf6429ebd49568db7c0e80a6c2b29cb7b5d62e84064b7e6a9c32601f32c0e2408112f5a82cc4847b59275aa32e464269b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 32f97003844ca4d6eae1588f7b0ca0a0
SHA1 95326890c0b711e76779fb8ce2f145d6ddc9c960
SHA256 0493afaf8e001549e3286e1515eff5f427c753f139a51d677b16ff0054fc20b2
SHA512 2eed4aeeff75487d816a628e779bd21db18d8ba85d4cf7b260f04a68ae8623ec9658fbf17539fa77439a035d7501afdc7e72ec658905a4e5c571f9a7ec42b730

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef47044a6d8ca6f7589ab9dd5ab0f3e3
SHA1 8d9029a966e76f483a939b101b3f6bbcdeebdc39
SHA256 bade06afe90f94e4ffaf733b93ce5a9456f586be27c562f16eea2376782e1376
SHA512 39c7c8730c552ca73540e8f10781e38fdce3cdec86f6e090292f6d2b9abdc28c8564c6bd1bfc54fac343b91d881ec4ba8292b028f0effc24a17788cd2a51de45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f1f67558a340c6dff698caeb7d337796
SHA1 e761f739a769d887ba08db0ed3c118c3a2409b5d
SHA256 9542c15ac21c84abf9ecbf83ebdf3a6aa87bef2a7186559453cd22e54714596c
SHA512 72d67166e1af3097b78680b7684ac097ca917d0e5574f91d7f3c79ec62808a3c8e7eb97904ddcaea959a1ab436bae4691cfb691970a99ef82cd7ceb79d4ed8cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5f30df31153a6a32e8ae251df1238d8c
SHA1 6b42d2adff5728d7aa6002a5426dab044cb715ca
SHA256 d3faf4882bc07cb63c2578cfa11d1bc105e77aea2fff4dea20bd345c7189e009
SHA512 99d816e92d53a58fcb2bcf44754899d84addbb330718527eedfd1dad3357caa93aedc5a29d92d4d372033d96a6a79b02eb63c52fe55efbfc49557e01c92b5b8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bdbd2ec5d8fc9e1492ae0bafbd6bb74a
SHA1 8ee4b2d565db6922fe14afa11085be7f1c42ebbe
SHA256 981b7a86ce89dbc1cdc88a8c9c3a271632d2056e096f74b818c61f60f9ce95d9
SHA512 f2d557c4e86232a80d514580399dfd77ee747d480c4fdc53daddc8eee8ca32bd31255a936a284b7dacb059f438c4efbb283b83fb72f8c5a16a0939353e9fde0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b26ffc491e70c80c65359b7f361058e1
SHA1 e59b561ec4cdfd09040797cfb35a353a83e0e18f
SHA256 3d0f5a08ae0583122f2ffcf4f5883526b91ecfd017ef0f4be78aa1bf506ab078
SHA512 faf980101f2abc042e05d208356fef3a1c8d724745ec2459282e2efb2be9956c3404f2ef68ca3b71b69a1151d994226e2ee04f0ac247ed964e8f30d1a169ad74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 87d61ace53336f4a025813d6a93466db
SHA1 f63b86ca2a4a71561aa158e55ea79212dac115e7
SHA256 b6bb377e00a1892260efaa4c54d8e581d508c73ef772904af0319ed8c8bd3c74
SHA512 00ebc8afe28e7b207f055b84c00d4f71f07f85da2519abb0b895dc941c0a8075b96101f623b46d27dadee1988be7e7e26661c5aa28547766033a223de36730e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1ab8bae67d7c0a8180affd54b7963386
SHA1 877844e1e2e38156b963b23499317d3dadbd1027
SHA256 372e17d4d940e84078d5da42e30c4f162631c3d317ab8e01086ff98a12c93b9b
SHA512 68b336ea12e497c901c1289f04f298645a8a3fda39a70cb1ac27413a2403abed98bdbc0bb25dd5d842976fa08d02aec0ade4931e1abe81dc7e0cfa7d160a6a17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bef537ae4cf2f384b22099c26513b248
SHA1 40480af6ef92bd6bcabaeb0ddf701515624d9df1
SHA256 edb503d80428ac72b620da9b19de6d8c4df7a4a02f21c45dbc791f85fd08989c
SHA512 a44287a94d964946791705a439ce714d6e68ac9f3163e88a1cadd83c382d54bc2f6b29314285f14f0a67c8f06b94d8503a11f2571b057d399b58a72bfb159327

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 92236ca77d84bfa254497fbaf4c895d9
SHA1 367e729a456b4fd56799adfd42a118066b00ea81
SHA256 b53627226961350b3202507b83fe2ec7684914aa8040003b54d7ec77e02c2cb3
SHA512 d23837c429416c948b1ddf85bd2692f46f7945d46a6b6296002f99e1c2c4877b2db69032c37d755d31c791453cf4e5c1966f1a6dc997e9e15773f3a5627145f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a40241901c6d64cb15e88ee536fc3f9
SHA1 03c1ae235d93861e906e23879de77e38db26bec8
SHA256 9f3c055ab0225f9967eb5d2e463c6d6902f92033bb0a6530067935a715e2cf28
SHA512 bf31fb55039686981369d9b7dc7583839d7b5bf88b23317a072029170529a176c6c7de0ea0198bf557b002d98fe0e7cc74ef9d5d1f08a3c15d2e626bdd8f1aae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c88b515a1f53598ddeb6b41bf4f06458
SHA1 ea043822ec890150c98197f7841699b04364628f
SHA256 a3ef515ec9cccd59b83a25dc49ec457ac31419af2f9b85f0853853b28719424b
SHA512 50065dcccc91e6257e5fe7fbd802dc7aefd1cce7c655dd07848e482013a4e022f0752dc25bcc28c6289fcd0fd6c584de41079d145ed751d5328c23d414913eba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 43d610d6059da3043645f2c1e2ad1187
SHA1 f58308d6a36b45cfe42fb4305784b22c0e894818
SHA256 a3ff9c81cb9c1d32ac9431b5c4aa15f5ea9feff0120653347356a3469bd5ae8c
SHA512 f6706ba8a1299882c3febf102d1985092bc9c3e22ed4ea654a2de51a38b1535ac3c91b2ee7a58aa5f7e50bbe37d921f07a029a13a1a93178fe4ddb8fc116fc6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ead86c80f9a9851ac9faf36f3da00be3
SHA1 f35909442d06c04203d2d4716da03a1127fa00ec
SHA256 7f95ad55c8113319f529f37716d79227db1e9f37f861ade4408c4fed99c13522
SHA512 e29892a11bb7c934580aba43febbcf847d232ffcf44628fcaf3441747154f753964dec60e328914b926196656c6404f2a95704a11728803cbd1ec42c1fa8c7df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b178ad5ff05d8c65a5e7b3bd51500bcb
SHA1 4f84b0fcca5064e95a9a5cac831eb18259261664
SHA256 7684082c4bbd9c809dde52c749ce3002175a563f3dc4e562dff00f145f3b0743
SHA512 7e6b95e55322cc52ea931c94910cf201523b4d2c2d654c83a892b69591fad2350b7b0552ae615752861465edb0ab2d8ba3e403d02594913aca03c2fb34d8058a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 87b4972a5ad4e230654d47c4db47cbb6
SHA1 c7fd9bf237e7e1947b4d59c39c1b9e7c6d2037ab
SHA256 0cd69cd86f04a1d948c15d8ba0a2c6f2cb3ffebabffa3e9268e749dcce995294
SHA512 1dc95b30e90f7acad85dcb3830b8d9aaf052d13756066fdce1ef8a36e2198156d4005f78589586e5640bda2ff0ad51f8175e37878131cf8501316b9155ac2187

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f74a8a1df3cb3c3761c79fd24d54062
SHA1 cb040968300fd66ee08bbda33d6e3743f29e4c80
SHA256 6f59e6ca50d1ced1300e2042c258e2b027739f3d4723e5a09f4aab606f645e25
SHA512 f4a3597d07599fd5dd09a73b6761f0a779160f2c9aa227a6ba842867f70037726d5e271ed76bbc8ce771bdbcf8d6ce755e4424eeeddaa38b0ade08bf1fc9c79e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ced5871bd5b457c3b60569a91729bca4
SHA1 017095c1d5655a7fd1cb40b6a24ceb4cbb28a9f4
SHA256 08b74ac2ec6cb78363e7527b33064c13a9f1be7fa49cccf1f8e3b346aee1d707
SHA512 eee6c99fad6a222ca5ab257feb8c4ad3a55330ea88168ac3cb8d3d28f070ca130bb0fb91aa12bff5f9a1238e443965bc00c568e1c787235734b8467316fc7324

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d296ef4a7924a3529376cae229909cd8
SHA1 cd6b1458ed123d52f981a36f83233620f5a69de6
SHA256 a5675b0de33910ca99aad9394eebef7e2ae3605ab11e0979882dbb3af231aebc
SHA512 b828e210cb41600404e8e4e592fde1548270b9c3e11dad8be967572b7ab661c479b1bf63aa4458f121e46385a3c38be2a8b1aa8e6351056c88b87f87638b1cdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a51335305b9013d6d6628b0a2a7c688c
SHA1 613ec19aaba89fb1b99513edfbccad9faed17501
SHA256 b13077171d1608cf333286f87ad627e7d8636f02d3cc7cf30fdac257643911e4
SHA512 05b8e6bc66dab62dad1c3c028547b07967b553e4b9a61fbc009b20ff5945ed61730bd6b5e8471e76846eb14d93161e9378d0e16d16edb42bdc346831c5b8b9d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8670ffdbb4c6f5c5d27d9f1fe2041287
SHA1 c2e5b328700fbdf4fd9d234219ae26a0318d2860
SHA256 d0bcb5333f52ad78918b3193db9e8a143eec86e21c2d45bb340df7d276d462fa
SHA512 f1e2bba282ad97ff1d6edbd3bb1ecaf1950d6d08f7a213dfcc70bff34b8acff95af80459bf0aad2da9cd560133648258caa921a1ab472ea858004bab4935c4ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d23da6a442da2d1d5000513176c2c889
SHA1 cf8d69947b91a740aed534c3f4fbcdf218b0273d
SHA256 be6f65d77d1c626a741b65fbcc18b9ca43e97d02abe8e157b0d0ccde1e52e7b9
SHA512 60a21fb828ded81b01bb823ea586e4efb9a15329bb5210fc8f008868361e728a80df10557cd9891ea096ef60daca9ddbb5134e245c1f09fe3c6660fdecbaebde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 08508ffc7bd83fe1d4fa5c0411373fa5
SHA1 fa4625726d71d090e39d77a47b8d64c278dfaa79
SHA256 58b450a0fbbdc75bf492d42000bcee1b20441ca77c81c46cb56cf1a07c42a7db
SHA512 453964ec465e1a78479d4a3d1a34f1826a0b1e608d50442a0cf95f88942c60d750720bdbef76a59bbbbf5c5eb9c088bdb13cdb711d72542e8580af4ec7fb1d3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3915af6285f7b0a5b54016a005499e7b
SHA1 bf23d55affaf28258a11a5cd4bb1039c2f36e0d7
SHA256 b76a06d1142bff7ee4b0b4b1000e0fc5d1c9f92ff0b147a89c28bb6d75a95f0b
SHA512 efe7ba26ff4137d199f3249b5c923f26833a5b29b3ec05fa71008f155a9749af3df78998737067529dc4e512d4733b580e0b38f5b0111bcbc9ade5ca5be9328c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f590dfe28ba44cf05e45fce9bf59349d
SHA1 2f5d49baed3b872df3f23ac21338421e3d91b243
SHA256 32fd6da24de12afac4dd7bf79f690c94773915153ac01a67269495afbb170567
SHA512 15218010f797d975f8ac5b999a1ad32a483958945c3c18a072f87fccd919e350f0f0f94c30854cfe32cb11ca83b57fb64f86ef61b49467dd476eebdd3bffa5a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55068c03fafbc97b89e90af920bf81c9
SHA1 8499eb1de8a1d31d0eb7a2b2fc10d392faa5bf22
SHA256 6221414eb715f579b3c59dee7a8e04d418446d1f05feaac957bf5e26471faffe
SHA512 406d68fb042eac473cf20ac95ebade5a4cdcca83b836a4e39bbd1a2cc8860c35219a790b30b11ac8b0bbac942aae5b9a436329a277fb369b4a72386a11036c57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 993373e08f376034eff08b6a414ff7f7
SHA1 a6dc0e28e0cb9ed9ab5b82f0c6eefbdb9d55eec4
SHA256 6edd01d04ac38a03aecb8aa10057ecda701506dd9b4d8c4d66a49f93d8e69437
SHA512 e251fe1b66ccf4e45095edb3888ab7b0243bdcb059333433e7071e08842ed1f03e6f8de022485a86d80b19f7a50dd6a8b9e846a01acaeadf7607366488e6f327

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 65f26fb771ebf513f6ae2d1dbda013b3
SHA1 ed16236adc4681cbe9f39423163e3b3c11e11cd4
SHA256 b915afb440385db04e086157913ee5b02a80a85ae66b670abdb1a58d31137007
SHA512 5dea581cb817e1749a8112d66b9201e589586d3b19098a2decb37f5926a84d0e0245631e0ffe98cd70e20c484c8c2655ee3463102381863effb0ab575dbaac76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e4718804abc9a18608c36e53c4ac387
SHA1 1c47492a6e595ce00370e5d101638eb7716379eb
SHA256 19191db396df224fbe1ee4082e5490bafe88ae0b6ca2841a5bf1162ce6c504b4
SHA512 6d22fc6d91708aac84f1b6cfe0d997d0cc94a3938d127abd2be985df3765074591d4c12509995da02b4ccaac0339f5dddb2196a579293ffbac1979d7e0d3b6e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 68016bf73f2b6cd5291cbb4d07d7e269
SHA1 db636adf7a7b6c9f0c26ef7771629d01cf4a8fbb
SHA256 78fde0c61101b0f111c1d25c794628d5670ea8ec7058f4bb5172194088538bcf
SHA512 42013b16a2cc131da5d35992880d8d515760783b439db2ad92f296155dc447a89023e168985e75a097802ca9e61d3cd4b2c94865687f37ceadce9431e8de085f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa7e551bb370a93abb9d1e01110bfd53
SHA1 1e891c63f636db1887add41170a0010432d08f92
SHA256 685a5f3a28af60d7835ea82678e522ee083e63eb98aebf9c3fff1267a2259ca9
SHA512 a4aaee86d79ee9601bfdf013c86506a0c17e41df264fd0016f294cac93b485be2513482a378356cebd600ef112d68bc2dbded99a8ff4eb1d90358c241d97f274

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bdfefd4306edd432f9ed5b428ba66446
SHA1 1d2dc9f00d76318eced76968a73348bfe305ab56
SHA256 694956a3531578d43a2757a16d80bf911e68b1a6a1268e9f21da21e2a815f46d
SHA512 f6c743bb615172dac85b3a32b15bec99a3b4103aff47980519514d8f2a7e4e7a837462fb0d7d90e01860a2f72d9c9de0c5c84dbabefd6862e459a10e98cc3632

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 100675be729b9700f9ddcc64cef6a6f9
SHA1 1e8359c6d74de24409a03759d3a801ff6ef35622
SHA256 308ae4e3cac20ddad95bcd92937deb20402744c605cd03a3166b0b5dfd099548
SHA512 66c089e922c1fdae58431f1876136636745113f5059920bd8800059405295e57f8026357de0cd5cac575843b85801dd313a2d8d69d7b3ebf6f58d266a3fed14b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b23383043dde0dc7361bce280675cef
SHA1 e710cfbcfa17f60ead473edfd38c31b8397e3ae5
SHA256 5e475a64b705b76ae1c6b0b0132e9c3c07807e67c27faa99ca840c1bc1794157
SHA512 738e4d9db3563cdbf7047bdcd73dfd93780285f459f23916b19dabc2a18be16190dfa7c8d6ee4362cb9502c74be85fbe73a9200276c3492cf154e9496d4d7d10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f68ea19fe6f62ab37b77da5939cc4ba3
SHA1 c146ad6cd0646351785bc9b92e89c845b75badf0
SHA256 8e88444054c81de8b0f4d2509a11f2d5313e4300948e535107a6f3bc7eac1264
SHA512 7ef2f07d41b4dcef9aa6915bdab94fc31a669986c8718e181a864c9411a4c3054bf2d2778d252067cd2410877baba8620280d522585e032cc00f19ead043f0c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 513c7d8113544dd4ffdc384c61c52a65
SHA1 8deab2fdbe3a753de111eb013258eafa4ff4d1e9
SHA256 4a88719f4ccbe5e44eb5b197d1e98d4df946fdb225aaeeb06f4c3576f61c3e2e
SHA512 160f2dd142c7359f354ee8561e60fe1800caa1fe2e083ea22cbe0fe1c5005c7741967baab17fa4001974593db7af8e19409484a33317180c912749a93c8e4dec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 07055da09d9b4f01ca44a7b25cab294f
SHA1 cc71889bcf291d59ae2fe37fea5a7cfd8fbdb491
SHA256 d03f5f6925bc8fe6ca35378a831be8529f5a5ed743b59a1a59a527b72b6336c9
SHA512 02a18b82b13f18ec8829648da05eea9787f53e9a42867b46e16b1633143b837f9ce99b0d792501242311cfd6518a8f8d4ff8f0e13b34a36006e6635d772a7d5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a36e1e443cbdb85be305beaca2ace27b
SHA1 b11211c04e50d55c8abbdf29b32a9c47bf30b666
SHA256 421bf95532557364317660dc7f02fd7374d4fbf4fc3b5958814584e845a901f1
SHA512 3d24c58fbc5b4308bb26d8d1e7348aabe63f2637536de1f24dc7728126c3d591dc19b4d63c49c20858fce8573340a7276f9b0057b3deae924dbfde5d128cdd88

Analysis: behavioral12

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:33

Platform

ubuntu2204-amd64-20240522.1-en

Max time kernel

0s

Max time network

897s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/module/apparmor/parameters/enabled /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/1570/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/1591/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1575/attr/apparmor/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/1575/status /usr/bin/dbus-daemon N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 _http._tcp.security.ubuntu.com udp
US 8.8.8.8:53 _http._tcp.se.archive.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
SE 194.71.11.163:80 se.archive.ubuntu.com tcp
US 8.8.8.8:53 _http._tcp.saimei.ftp.acc.umu.se udp
US 8.8.8.8:53 _http._tcp.chuangtzu.ftp.acc.umu.se udp
US 8.8.8.8:53 saimei.ftp.acc.umu.se udp
US 8.8.8.8:53 saimei.ftp.acc.umu.se udp
SE 194.71.11.138:80 saimei.ftp.acc.umu.se tcp
US 1.1.1.1:53 _http._tcp.security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
GB 185.125.190.81:80 security.ubuntu.com tcp
US 1.1.1.1:53 _http._tcp.chuangtzu.ftp.acc.umu.se udp
US 1.1.1.1:53 chuangtzu.ftp.acc.umu.se udp
US 1.1.1.1:53 chuangtzu.ftp.acc.umu.se udp
SE 194.71.11.167:80 chuangtzu.ftp.acc.umu.se tcp

Files

/root/.dbus/session-bus/f2de92a803c744e586bd87567a26b68a-0

MD5 754f8ba684d6893b8a60e0cf357930d1
SHA1 b8f66a0c2f37d356e8e0a324448f768190e78c14
SHA256 8ba109460e442391b3c36b91fe6f3e1da94a4e79ccec72d0f94deddfb97c24dc
SHA512 a01b4fb60c4132d45361735c2441c42cd52d6d4438a2ca72c395a0ece447faebbe2ca58635bf518bf574ffdbfc9b2783b92d27c99870d9961ff4e02f238688e4

Analysis: behavioral6

Detonation Overview

Submitted

2024-08-31 14:10

Reported

2024-08-31 15:27

Platform

android-x64-arm64-20240624-en

Max time kernel

1799s

Max time network

1805s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
GB 216.58.212.238:443 tcp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 accounts.google.com udp
GB 74.125.71.84:443 accounts.google.com tcp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 webminer.pages.dev udp
BE 74.125.133.84:443 accounts.google.com tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 clients1.google.com udp
GB 142.250.187.206:443 clients1.google.com tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
GB 142.250.187.228:443 tcp
GB 142.250.187.228:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
GB 142.250.178.2:443 tcp
GB 142.250.200.35:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
GB 64.233.166.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp

Files

files/dom-0.html

MD5 870c89dd4c702686bc72d26874a62c5a
SHA1 44a4b3aec2bffe0eb07a04aec1e8de971edb3a78
SHA256 9f1120da18a3e36776a2b26973d15f39b175a4cd8094057af7373a6aaddef8b6
SHA512 7f410fe92993036b8ac055710cb053b969d921e9c6ea3d08d24572a4dde36969a4c84f6ec56a9545abe7a8eaca8ab021dd80755999db401ecdd1d01579f58e0a