Malware Analysis Report

2024-10-19 07:15

Sample ID 240912-w1qwlsxfkc
Target https://wetransfer.com/downloads/9be1e0d748ecdb65fd7cd24652d997e620240912181016/ff05de
Tags
chaos discovery ransomware
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://wetransfer.com/downloads/9be1e0d748ecdb65fd7cd24652d997e620240912181016/ff05de was found to be: Known bad.

Malicious Activity Summary

chaos discovery ransomware

Chaos Ransomware

Chaos

Downloads MZ/PE file

Browser Information Discovery

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of WriteProcessMemory

Suspicious use of SetWindowsHookEx

Suspicious behavior: AddClipboardFormatListener

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-09-12 18:23

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-09-12 18:23

Reported

2024-09-12 18:25

Platform

win10v2004-20240802-en

Max time kernel

66s

Max time network

68s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://wetransfer.com/downloads/9be1e0d748ecdb65fd7cd24652d997e620240912181016/ff05de

Signatures

Chaos

ransomware chaos

Chaos Ransomware

Description Indicator Process Target
N/A N/A N/A N/A

Downloads MZ/PE file

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133706390394159656" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4544 wrote to memory of 3352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 3184 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 4940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 4940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4544 wrote to memory of 432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://wetransfer.com/downloads/9be1e0d748ecdb65fd7cd24652d997e620240912181016/ff05de

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff969c2cc40,0x7ff969c2cc4c,0x7ff969c2cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1864,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1848 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2144,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2156 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2268,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2476 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3108,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3188 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4632,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4660 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4704,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4804 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4ec 0x470

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4928,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4912 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5092,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5080 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5240,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5272 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5420,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5264 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5428,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5560 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5404,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5252 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5708,i,1168279347932240452,9360679999175867969,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5308 /prefetch:8

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\oldprojectsarchive.m4a"

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\oldprojectsarchive.m4a"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 wetransfer.com udp
GB 18.244.140.44:443 wetransfer.com tcp
US 8.8.8.8:53 cdn.wetransfer.com udp
GB 18.244.140.44:443 cdn.wetransfer.com udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 44.140.244.18.in-addr.arpa udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 tagging.wetransfer.com udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
GB 18.244.114.73:443 tagging.wetransfer.com tcp
US 8.8.8.8:53 public.profitwell.com udp
US 8.8.8.8:53 ekstrom.wetransfer.net udp
GB 18.245.143.47:443 public.profitwell.com tcp
GB 18.244.140.112:443 cdn.wetransfer.com udp
IE 54.220.3.30:443 ekstrom.wetransfer.net tcp
IE 54.220.3.30:443 ekstrom.wetransfer.net tcp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 73.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 auth-session-caching.wetransfer.net udp
IE 54.220.3.30:443 auth-session-caching.wetransfer.net tcp
US 8.8.8.8:53 privacy.wetransfer.com udp
GB 18.165.227.96:443 privacy.wetransfer.com tcp
US 8.8.8.8:53 experiments.wetransfer.com udp
GB 13.224.222.61:443 experiments.wetransfer.com tcp
US 8.8.8.8:53 112.140.244.18.in-addr.arpa udp
US 8.8.8.8:53 47.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 30.3.220.54.in-addr.arpa udp
US 8.8.8.8:53 96.227.165.18.in-addr.arpa udp
GB 18.165.227.96:443 privacy.wetransfer.com tcp
US 8.8.8.8:53 snowplow.wetransfer.com udp
IE 52.18.56.135:443 snowplow.wetransfer.com tcp
IE 52.18.56.135:443 snowplow.wetransfer.com tcp
US 8.8.8.8:53 api.pico.bendingspoonsapps.com udp
US 34.102.204.67:443 api.pico.bendingspoonsapps.com tcp
US 8.8.8.8:53 analytics-v2.wetransfer.com udp
GB 99.84.9.45:443 analytics-v2.wetransfer.com tcp
US 8.8.8.8:53 135.56.18.52.in-addr.arpa udp
US 8.8.8.8:53 61.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 67.204.102.34.in-addr.arpa udp
US 34.102.204.67:443 api.pico.bendingspoonsapps.com udp
US 8.8.8.8:53 45.9.84.99.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.redditstatic.com udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 s.pinimg.com udp
US 8.8.8.8:53 js.adsrvr.org udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
PL 57.144.110.128:443 connect.facebook.net tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 di.rlcdn.com udp
GB 142.250.178.4:443 www.google.com tcp
US 150.171.27.10:443 bat.bing.com tcp
US 151.101.129.140:443 www.redditstatic.com tcp
GB 99.86.116.119:443 js.adsrvr.org tcp
GB 184.26.132.239:443 s.pinimg.com tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 35.244.174.68:443 di.rlcdn.com tcp
US 151.101.129.140:443 www.redditstatic.com tcp
US 8.8.8.8:53 pixel-config.reddit.com udp
US 8.8.8.8:53 alb.reddit.com udp
US 8.8.8.8:53 insight.adsrvr.org udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
GB 184.26.132.239:443 s.pinimg.com udp
US 8.8.8.8:53 e-10220.adzerk.net udp
US 151.101.65.140:443 alb.reddit.com tcp
US 151.101.1.140:443 alb.reddit.com tcp
US 15.197.193.217:443 insight.adsrvr.org tcp
GB 142.250.200.34:443 googleads.g.doubleclick.net tcp
GB 142.250.200.34:443 googleads.g.doubleclick.net tcp
US 52.204.68.65:443 e-10220.adzerk.net tcp
US 8.8.8.8:53 ct.pinterest.com udp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 151.101.192.84:443 ct.pinterest.com tcp
US 151.101.192.84:443 ct.pinterest.com tcp
US 151.101.192.84:443 ct.pinterest.com tcp
US 8.8.8.8:53 w3-reporting-nel.reddit.com udp
PL 57.144.110.128:443 connect.facebook.net udp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 151.101.192.84:443 ct.pinterest.com udp
US 151.101.192.84:443 ct.pinterest.com tcp
GB 99.86.116.119:443 js.adsrvr.org tcp
US 8.8.8.8:53 www.facebook.com udp
PL 57.144.110.1:443 www.facebook.com tcp
PL 57.144.110.1:443 www.facebook.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 nolan.wetransfer.net udp
DE 37.252.173.215:443 ib.adnxs.com tcp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
GB 142.250.178.2:443 cm.g.doubleclick.net tcp
US 104.18.36.155:443 dsum-sec.casalemedia.com tcp
GB 18.245.162.113:443 nolan.wetransfer.net tcp
US 104.18.36.155:443 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 140.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 119.116.86.99.in-addr.arpa udp
US 8.8.8.8:53 128.110.144.57.in-addr.arpa udp
US 8.8.8.8:53 239.132.26.184.in-addr.arpa udp
US 8.8.8.8:53 9.223.224.13.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 104.155.46.52.in-addr.arpa udp
US 8.8.8.8:53 140.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 140.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 217.193.197.15.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 65.68.204.52.in-addr.arpa udp
US 8.8.8.8:53 84.192.101.151.in-addr.arpa udp
US 8.8.8.8:53 1.110.144.57.in-addr.arpa udp
US 8.8.8.8:53 lebowski.wetransfer.com udp
US 8.8.8.8:53 cdn.brandmetrics.com udp
IE 52.30.159.85:443 lebowski.wetransfer.com tcp
US 104.26.1.90:443 cdn.brandmetrics.com tcp
IE 52.30.159.85:443 lebowski.wetransfer.com tcp
US 8.8.8.8:53 collector.brandmetrics.com udp
GB 20.90.134.35:443 collector.brandmetrics.com tcp
GB 18.245.162.113:443 nolan.wetransfer.net tcp
US 8.8.8.8:53 215.173.252.37.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 90.1.26.104.in-addr.arpa udp
US 8.8.8.8:53 113.162.245.18.in-addr.arpa udp
US 8.8.8.8:53 85.159.30.52.in-addr.arpa udp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
GB 18.172.148.233:443 www.datadoghq-browser-agent.com tcp
US 8.8.8.8:53 backgrounds.wetransfer.net udp
GB 18.245.143.127:443 backgrounds.wetransfer.net tcp
US 8.8.8.8:53 z.moatads.com udp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
US 8.8.8.8:53 cdn.lamp.avct.cloud udp
GB 20.90.134.35:443 collector.brandmetrics.com tcp
US 8.8.8.8:53 donny.wetransfer.com udp
PL 57.144.110.1:443 www.facebook.com udp
IE 52.48.134.213:443 donny.wetransfer.com tcp
IE 52.215.47.234:443 pixel.adsafeprotected.com tcp
GB 18.245.218.63:443 cdn.lamp.avct.cloud tcp
GB 2.18.109.123:443 z.moatads.com tcp
US 8.8.8.8:53 download.wetransfer.com udp
US 8.8.8.8:53 measure.lamp.avct.cloud udp
US 8.8.8.8:53 35.134.90.20.in-addr.arpa udp
US 8.8.8.8:53 233.148.172.18.in-addr.arpa udp
US 8.8.8.8:53 127.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 213.134.48.52.in-addr.arpa udp
US 8.8.8.8:53 230.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.47.215.52.in-addr.arpa udp
US 8.8.8.8:53 63.218.245.18.in-addr.arpa udp
US 8.8.8.8:53 123.109.18.2.in-addr.arpa udp
GB 108.156.39.16:443 download.wetransfer.com tcp
GB 108.156.39.16:443 download.wetransfer.com tcp
IE 79.125.41.255:443 measure.lamp.avct.cloud tcp
US 8.8.8.8:53 static.adsafeprotected.com udp
GB 52.84.90.96:443 static.adsafeprotected.com tcp
US 8.8.8.8:53 px.moatads.com udp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 18.205.210.38:443 dt.adsafeprotected.com tcp
US 18.205.210.38:443 dt.adsafeprotected.com tcp
US 18.205.210.38:443 dt.adsafeprotected.com tcp
US 18.205.210.38:443 dt.adsafeprotected.com tcp
US 18.205.210.38:443 dt.adsafeprotected.com tcp
US 18.205.210.38:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 16.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 96.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 255.41.125.79.in-addr.arpa udp
US 8.8.8.8:53 38.210.205.18.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp

Files

\??\pipe\crashpad_4544_FGCJDENYALLXCTRB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 8f2e70d93f7af21da77a75424328fb00
SHA1 3e11a354cfc77d01665e5fdd5d2f67b222c2582d
SHA256 888f292e7207b59b90b8eb8c9ba338eda81d225672b822b7fa38d642dd4db28a
SHA512 79d0068a072015e82e1a397d7e01949e9cd6c8aeac6c157f8018af87045d6bd5f1fc9a94bbdaf7d875a8297d720d3a645e5300fc7bef2ba74851096a96a87ade

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d2fe4dbd70bc1bdead834c94c0292724
SHA1 85cb29239abdce297ee21c6be6e5f010f0c68999
SHA256 6ec2edb825e67d541dd5af5b63e5c12e8b41abccf0886e34d9e0a54a389ae22c
SHA512 4e5611da950a5844f10b8f1be22dbeb6d7c7d1153d1e5508b980440ee82dfb488365b6fc1e8cfa220af46fc48edd054ec094e423f48778d6c6406eb849b30a6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f87503cecfb67aade34ed57458c903d4
SHA1 94bdf409d087d29cad1b3c3705712f336af30690
SHA256 38efb5126b8e070170069cfce73231ced82c2468931adb860dbc0a25bf2efb11
SHA512 a3f4fd16c898d386cbc9633ce31e3c80ff7a72da5ec33e60e1f86b6b2cd15b48cdaafb47d65699c0acadb5a648bfd7c387c540d95a61f1b85f9d0075391e197c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ad9727f2199e4a7a514052834b96cce1
SHA1 b363e05834e3c3fccc11b31d49f3fab9d7efbcb2
SHA256 64dc57b8bf3842593eeba2e5867f87c88fe71c8c83ed9e1439c174a01174e64b
SHA512 4ee8241b84bb47f76cdd62b94a319c0f075f6815eb0aa5bd0ba236254ba7dbc9c7845639e9bc9a3fcdee07c470bbec64e977564cb7c13bd34932e759239f7932

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef908cf801398b7fb42921a152c9f9d9
SHA1 fb055a934fc5473073740a2b389f3893ff77ebcf
SHA256 44a29e677defc94d098f853be410e261a5a541cb7ad7b441d6935c5de7c7235f
SHA512 87f43324c487715a2cd1e210084ef239c018fb503f8dde31f991c4170f66ad428e57773c31913e201eb5e119671a687d4c7cc5b8ebb213260d85aa6f37d2e9ea

C:\Users\Admin\Downloads\oldprojectsarchive.m4a

MD5 fea1a65314bafdb1fd96225dc4f7fb7f
SHA1 06f754725acd0c584259d10d59c0923994579ce2
SHA256 3ce856e07d2907ce3c9e93a54848452d57227524d5a5e1bb67ed0146cbd19e3c
SHA512 8e6e2ba63fa93548a59931523fba41fc495fdccfd1af3ea0c5fd032c4a5283157e327dd2d4aa004aa77df2035dfadc4b34b63acb429e7c60442b8ede376b7a12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3b2f32d850044cbf9c79f44b6fe04130
SHA1 ffeb6cf8f6c11cd9e6c7218a5bed4bc8702f4966
SHA256 c47836c99a9f3a792cbcbd8bcc6514c800890df5f512c05349cf564273c92eb5
SHA512 8af67d75402b30a207231244d221c703f4e5c16cd80a8e7360a804ddcda9b18205c5d3b599ca898aee91a6d173e2d3146c7c69b880bf4c73d7ad76eb468047a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ebea90767b824ea58f4662393dd543ff
SHA1 3194d19fa7c83e74375b19aaf032457132aae0d9
SHA256 e6d91276110424ab9c8de26b639f5641e4f48233e4291f6cea22eb39e1d7ae55
SHA512 fde5e5c37f0edf81d55fbc02eba2034d095ae5e105a7e9082320a2cfba63aed5b9fc04148da0aadd842549d069b48a52f16a02669819021b4b7668b99ce3155d

memory/3524-249-0x00007FF7A0700000-0x00007FF7A07F8000-memory.dmp

memory/3524-250-0x00007FF958090000-0x00007FF9580C4000-memory.dmp

memory/3524-255-0x00007FF960820000-0x00007FF960837000-memory.dmp

memory/3524-251-0x00007FF9562E0000-0x00007FF956596000-memory.dmp

memory/3524-259-0x00007FF955DD0000-0x00007FF955FDB000-memory.dmp

memory/3524-258-0x00007FF9562A0000-0x00007FF9562B1000-memory.dmp

memory/3524-257-0x00007FF9562C0000-0x00007FF9562DD000-memory.dmp

memory/3524-256-0x00007FF957530000-0x00007FF957541000-memory.dmp

memory/3524-253-0x00007FF965DA0000-0x00007FF965DB7000-memory.dmp

memory/3524-254-0x00007FF960E60000-0x00007FF960E71000-memory.dmp

memory/3524-252-0x00007FF9691F0000-0x00007FF969208000-memory.dmp

memory/3524-267-0x00007FF953FC0000-0x00007FF953FD1000-memory.dmp

memory/3524-266-0x00007FF9547F0000-0x00007FF954801000-memory.dmp

memory/3524-265-0x00007FF954810000-0x00007FF954821000-memory.dmp

memory/3524-264-0x00007FF954830000-0x00007FF954841000-memory.dmp

memory/3524-263-0x00007FF954850000-0x00007FF954868000-memory.dmp

memory/3524-260-0x000002076B220000-0x000002076C2D0000-memory.dmp

memory/3524-262-0x00007FF954870000-0x00007FF954891000-memory.dmp

memory/3524-261-0x00007FF9548A0000-0x00007FF9548E1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ebfb6e14e74f146422f03b65dfad1ed2
SHA1 d6887ce0db607edfb7299d313f64740e94c8e0c0
SHA256 0b3dec4e0e166e14707fda92977daa5b14fba2e3afea544a64783ca15e311fc7
SHA512 12e3fa40390c36c53f6455b7bc4c1cacefe980e1bd1be35a5bd9ed487287b7c00c35f552e4b289af70f48c3701e779b1e991b9f78e2e9b7aefab604e979b88df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 74cb071da1e602b4410c9dddce4caf20
SHA1 61e4f0c70c552bb2b997f85cb3672b987b6b968d
SHA256 300e5891e2a620f5a4c89df9618cc3b81c89b3e6c3912087583d3c99ec27bebe
SHA512 5ab4a2c805b253ece0982ecd35607b4986ca5a7dad61ba4bc09f875821ad97149090ea3274c44204d52a7fa748a25f7a4595ca16745ea9d64077e953bb321a00

C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini

MD5 28e454f27c70953d7e569531de4ad4d2
SHA1 af1f8649a83e8ddad0011262fc7de56ea206edb4
SHA256 1c1b2f279140b2f0705eba3727a3178e1b479d3c9852ecf2ca3d418e638f4c39
SHA512 d6265cc62bb47fc619e8e496da0f6e2b56e459f83bcea611431fe5e8e819c73c01887ff58a2a3622b40a8263916c104ef722b672d8e7a6cfdb8dbab46388d76a

C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.lock

MD5 650e01010e58ce0bb0822c4da5d2ecd4
SHA1 7d16cebcf967c83bf135581ae3c98c2128aae3bd
SHA256 2b620689cdd2a810fd3f040cc44da38a5b7ef187de744633e800490ae18daeb0
SHA512 756c6c12d89f2a1062091674d6e8614ea1de4a67e67a8d0bcd5381082b3ff75b632615d0a92ec1c1f047f7727e6c8f053282268bd3563777a57f91135cf2bfe9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 087a9f06fe77b789a03467fb659df531
SHA1 0a9fe1f433ff89d4b247f4eb9f043f06ad42dc6c
SHA256 35f8fcfd5e3500cdfeba5755ee6f3444b4a335e21da8164c53879232668140f4
SHA512 30a6d1c4e473745b87ea0b019540982708d66b34d896277b8340b3a4b4ae5d84bd47493205f845cc80b134b61f53c9c02d1d7cd484749e264a56463c82f4fd7f

memory/3524-329-0x000002076B220000-0x000002076C2D0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c021d44c76b8da6f0eb3370b20e08454
SHA1 167b393d6048d1edc2ad346b22ea2dc8a2af9a05
SHA256 da4d0add9e05ea83b4dfb3d0305bd61ef4a37ecf6462e35488ba9d554693f582
SHA512 d0d32e6944e85879161edb127032088fdc68a51a920795b9fb219fbef40d12e8b9615f6c06b9cc9a31ff5e2e38dfba6b4152ef0f8e711c46e102a0d118634798

memory/3524-377-0x00007FF7A0700000-0x00007FF7A07F8000-memory.dmp

memory/3524-379-0x00007FF9562E0000-0x00007FF956596000-memory.dmp

memory/3524-378-0x00007FF958090000-0x00007FF9580C4000-memory.dmp

memory/3524-380-0x000002076B220000-0x000002076C2D0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8c28f4da6392532d618b8b2bc28686b6
SHA1 32b81240a77793e17679a571bc0781d8d823a433
SHA256 d2a6b490c6eff704fd7e23524e5ed151927ad18a75dd1c10e24eb2910b6d37bd
SHA512 88cf5545c8435bba6c6bf722463e750888a0046cd91014b092ff042fe38042c42a1285ed7a0ab780222c93105f6774ef58387a70caaa04cb9b974ef41e960e72

C:\Users\Admin\AppData\Roaming\vlc\vlcrc

MD5 ec3bdb41d903f7f7569e7480d02999e3
SHA1 57c13d86e04a69e840f22092f75e9255fc81dbdf
SHA256 13f9604d1134251dbe1a950cd34cbde0ebb98c5cce8d3c81115e2fdee9f1270f
SHA512 82c2922003a03c853f9426f23c364503610a35301fe56917a97c72295ef0f8c23765734d84ed8d4c3748e14d4d3a23381671717102c3d4067f3d2383f2fc0ded

C:\Users\Admin\AppData\Roaming\vlc\ml.xspf

MD5 781602441469750c3219c8c38b515ed4
SHA1 e885acd1cbd0b897ebcedbb145bef1c330f80595
SHA256 81970dbe581373d14fbd451ac4b3f96e5f69b79645f1ee1ca715cff3af0bf20d
SHA512 2b0a1717d96edb47bdf0ffeb250a5ec11f7d0638d3e0a62fbe48c064379b473ca88ffbececb32a72129d06c040b107834f1004ccda5f0f35b8c3588034786461

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini

MD5 7b8e4135bf5416133a0a8450dd0df361
SHA1 eeca958149de4d62e0f6a88e3352772723b85dbc
SHA256 c686c21bd61e12f66785bf51ad66cc2a6ae04c22305c9b80ef8049229bf07284
SHA512 8720f573d87a4d526c9c95405dd0ca194b1d5943859114fbe9b3fb20dd6c92fbd9811e319bcc58c961e8f222c95ef9fa46c07fea61f9f5eaf729267413747600

memory/2168-407-0x00007FF955DD0000-0x00007FF955FDB000-memory.dmp

memory/2168-417-0x00007FF9580A0000-0x00007FF9580D0000-memory.dmp

memory/2168-422-0x00007FF955730000-0x00007FF9558B0000-memory.dmp

memory/2168-421-0x00007FF965DA0000-0x00007FF965DB1000-memory.dmp

memory/2168-420-0x00007FF9691F0000-0x00007FF969201000-memory.dmp

memory/2168-419-0x00007FF9558B0000-0x00007FF95592C000-memory.dmp

memory/2168-418-0x00007FF955930000-0x00007FF955997000-memory.dmp

memory/2168-416-0x00007FF969410000-0x00007FF969428000-memory.dmp

memory/2168-415-0x00007FF969430000-0x00007FF969441000-memory.dmp

memory/2168-414-0x00007FF969450000-0x00007FF96946B000-memory.dmp

memory/2168-413-0x00007FF969470000-0x00007FF969481000-memory.dmp

memory/2168-412-0x00007FF969490000-0x00007FF9694A1000-memory.dmp

memory/2168-411-0x00007FF9694B0000-0x00007FF9694C1000-memory.dmp

memory/2168-410-0x00007FF9694D0000-0x00007FF9694E8000-memory.dmp

memory/2168-409-0x00007FF9694F0000-0x00007FF969511000-memory.dmp

memory/2168-408-0x00007FF969520000-0x00007FF969561000-memory.dmp

memory/2168-406-0x00007FF969570000-0x00007FF969581000-memory.dmp

memory/2168-403-0x00007FF9562E0000-0x00007FF956596000-memory.dmp

memory/2168-401-0x00007FF7A0700000-0x00007FF7A07F8000-memory.dmp

memory/2168-402-0x00007FF969FF0000-0x00007FF96A024000-memory.dmp

memory/2168-405-0x00007FF969590000-0x00007FF9695A7000-memory.dmp

memory/2168-404-0x00007FF9695B0000-0x00007FF9695C8000-memory.dmp