hxxps://github[.]com/Gunsv1/GIFs-Tool-For-Load-screens-Botnets-C2

Analysis

max time kernel
317s
max time network
305s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19/09/2024, 07:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Gunsv1/GIFs-Tool-For-Load-screens-Botnets-C2

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133712049404003412"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
5040	chrome.exe
5040	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe
Token: SeShutdownPrivilege	5040	chrome.exe
Token: SeCreatePagefilePrivilege	5040	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe
5040	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5040 wrote to memory of 2776	5040	chrome.exe	81
PID 5040 wrote to memory of 2776	5040	chrome.exe	81
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 4928	5040	chrome.exe	82
PID 5040 wrote to memory of 64	5040	chrome.exe	83
PID 5040 wrote to memory of 64	5040	chrome.exe	83
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84
PID 5040 wrote to memory of 2584	5040	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Gunsv1/GIFs-Tool-For-Load-screens-Botnets-C2
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffab967cc40,0x7ffab967cc4c,0x7ffab967cc58
  2⤵
  PID:2776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1904,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1900 /prefetch:2
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2160,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  PID:64
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2540 /prefetch:8
  2⤵
  PID:2584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:1212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4540,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4652 /prefetch:8
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4860,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5012 /prefetch:8
  2⤵
  PID:3572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4848,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4864 /prefetch:1
  2⤵
  PID:824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5008,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5380 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4836,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:3172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3316,i,12394235434293497335,4263121324355163706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4764 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2960

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:848

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4660

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3892

C:\Users\Admin\Downloads\GIFs-Tool-For-Load-screens-Botnets-C2-main\GIFs-Tool-For-Load-screens-Botnets-C2-main\Design_Studio_STDH3X\design-studio\designstudio.exe
"C:\Users\Admin\Downloads\GIFs-Tool-For-Load-screens-Botnets-C2-main\GIFs-Tool-For-Load-screens-Botnets-C2-main\Design_Studio_STDH3X\design-studio\designstudio.exe"
1⤵
PID:2404

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
212KB

MD5
08ec57068db9971e917b9046f90d0e49

SHA1
28b80d73a861f88735d89e301fa98f2ae502e94b

SHA256
7a68efe41e5d8408eed6e9d91a7b7b965a3062e4e28eeffeefb8cdba6391f4d1

SHA512
b154142173145122bc49ddd7f9530149100f6f3c5fd2f2e7503b13f7b160147b8b876344f6faae5e8616208c51311633df4c578802ac5d34c005bb154e9057cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
96453addeb23f7647d2d95e6d5872076

SHA1
feadd3238c7dd850699e6d37b4786b7d56de6487

SHA256
cc5ae67277a3d8fcccaf99f95c47f17c794eec782d6080a0ee04adca3d1364e0

SHA512
2b7e707541c29fd9c12d1897d410687178ea5105ad29bfcb6059d31d162e03af17c7a900f926dfddd4720b1453eec02fdb3a49f010b6e5db9f6406ea706b17cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
8c6102e194a1373984ac4640ac68928b

SHA1
02228f9bae49e9764d2c7ef3874b0eac57222cd3

SHA256
1803dfaed8b794856c70876411168d97e0dfbbfca2f0a5721ecef447bb93daca

SHA512
077d3fc853399b0a512fb77e6f556f5fe1a7869c120120a4cffaeff414a2673ca6f172866771bb95b84c6edcaa141df25c999a94e9bbee171996a11f9f914445

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
a01afaaf8dc9f3d84eafb51692e49adb

SHA1
38495aeec274ecce8ac6e17e2053c9ca9609be72

SHA256
7f0c20a705e2c01aa0e86c7824b044a20a4eddfb5d06db2574e20953539a62b4

SHA512
16e9696db1f3eb14608aff22c8c2c171859c36e414b7925df49d2b669050f3820d67a6232810744fee623bd38f63113226107477def071954e59ad19ba5e50a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
5d77585527452d9d556780080d2903ab

SHA1
f71910fac7cf3cbf339768db0922c29709c08fdf

SHA256
e87ae8195497789c905ae78f75245c34eeaf5f45719b8bceda660fb742115911

SHA512
7b2b211c63430bf479c230f83d68579b4e691ddba9e0111c7aee04c5625933d4bb0c820c4de13aac54d5a34be7c8e96721d476257bf6927c7968c0128729c741

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
3ec0625dc79820e3ec24ec475d609639

SHA1
1f4fa2a337d706d3ce998f434761b789f0419ee1

SHA256
ea0adb5679f86a13a23e30cdff4da9c3fdfd33d67070b3d5a0c4f8151ed37fab

SHA512
6dadc7b3f2b004d2d7eade9a5063b429e9242a075ca95d10437f552ae81e71963142a11acc749aeff88295921a822633591dc66e4ea7c209baf56e1f46b08dea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
dc03f3f0ef3df0abec9a1605bdbaf1bf

SHA1
2c18adbb5270e9aa43c24b3b0359778cef30efde

SHA256
afef90ee3209fa35a401afbb0c4a60c591de214a2e9e79c29853bf109164fe6f

SHA512
1ed65d0823dca933f6ac339f894ccb1c82b98d7108b2e8e4698589286fb669e321e68a2d0b68ca04a95a4dd0327ef03b3dc6c9f76e0b6fb2ebe428f5f97a361c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d223203332c1a623df0e0409e7f9cf2d

SHA1
cfe866a6c4617abf17ac5e33b93cc9a8c849b09f

SHA256
fc7e4019426e8c29f1af868b4f44734594fc3b39f95d5dcca21ba24bb5d816b7

SHA512
948ff11ab15acefe2aa8f79e3397bd024360380d0681937c11fd9b7c1a11fd8c8d9d15ea5713313f4da135576172ff0c28a3675faa18ca9e3129e8c40e8367f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5c3ef56b4f38885da4a19672dc500a35

SHA1
2a66a2f9b8132fb4812d91f1fe1f2f6d8b69030a

SHA256
2bf9836192a141b98cfc3c2ab34332287b7b7bf132865bebbfc6eb6913579bd3

SHA512
d93770ce1a5262abbbf5d05f95d7996d4c52c143d46bbaca45dab84e42c87b1a1e35975c0d36722eb35b8a0dc55dd10b824d0150cd114e365479fd80b062d54d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dc9c325765787cefd6f65613d335400f

SHA1
b5e1527b86cd2d4066e76967a2cff3184116b07d

SHA256
1bfdcdaeca40e5a83c845bcf09637d38182d5db403a80e73220043a126cee552

SHA512
b9b0e506848c64f7cad662dbb2d573dcd62e8eaf7cf9a2d991be1b4c90dde8f841127a81a8f71abfb5a0138c84ea5b63b81ec023efd0512d92b53471eafebd45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b143da0f1ed19149094968011e06ac48

SHA1
9b81fa6f176521f4d3c1440df3bb90bf77c05ea6

SHA256
caba88f6fd717bd90b2c7383723b1b3f6f2c1fcfc58c9027fc8c5b1973939f48

SHA512
d05d221f7870ea1a153b93f54a3115932a4a8a81de3e43026cff0fc4296e928f509df16f60fe2b26bdf79a27d09028e88029d55c4e3c8bd579d7e58a22252abd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1692b81e2aeb4ce059c1847e2a1004f5

SHA1
5efc52e3ed5fb5924de218b395f18694b55aaade

SHA256
84b46366aa0a03075ee921837f2b9fb11c846909b73634fa7adc34f5a82b352b

SHA512
d5623ca1d591ac64c2ec18866b7d9911509947585739d34cd714a205eb601c19303f6c7c34ae00930e44c11727283b44b05dd9ee2854b657c4afec1695b19c72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dcc74a372ae94d3c364306ee23bfa955

SHA1
fdea0242ffabb5e53ce8cf03f9698a0419b2a466

SHA256
966daa09c60b319a52db547b316260d34e304b7f5213bcdc5c0d2e1629284061

SHA512
5ede99a44d476ad35a1addc8c4bd94b58f2033bea32441d4b1dbe0c836f79a9c0c178a50f39a61621194731fe0667b844a19b9111c1f707159bb9414a6b8e35f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a72d42ecdc009fdf09576c19b7e0eba0

SHA1
5bdc09f230d3bfa7e0cf87aee5c04e3af1e077ca

SHA256
8a93b20af101680029eee2761d4b032226486f89323b8209d9ed01f013b6b5c3

SHA512
813c8a733be36839d26edc55a9591ef1b7a3dde4d496e235d419e4fb011857ef01a4f80ed3a8adedf6c49c76d2650ff8f71ae9c537e755856b54020da4f38636

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d9c619590fc1a723a1ce922356d9b6ec

SHA1
e67028146acf02313d40af597439f2cf3c5ba22f

SHA256
90b5ca626b5f341708dadf19dd01902b775d78f6acf44af1c58a23f5052ef7ab

SHA512
ff85a4fdbbb04ed26d61036b6b6df5d6fcfdc430dba969bca92e36d56b83886a6f98c836293a52d751143066dfe82cdd5b00ef1bd59563be321833efdf2cfa88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
97f3f257fcb2675b8b6c5ac5e3cc2fe1

SHA1
2b759f61d101cb56116993e50ff1f28a5eb955ca

SHA256
0b8711ed581472b92e4e3e3b2e93d2c48252e05af34827053043d0b2c0d97bee

SHA512
932396fe827adcb4b83649ab24813d37c8c30fa64d8d234919917b98ccb1bdbb4ad22e6791739e5774dc4d036ec573a7ef672ed60f94d275ed42643b58f60b6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
33657ec993566ca8c539742b76958f42

SHA1
c3a87a1430bdd6382c40f6f29ce40a59a9f9f1eb

SHA256
21a098e274b3d95dd489375c8012df62a28eb7747ad4e6b1a64234270a3aa54e

SHA512
2ab6666b6c8e22154e98bf1925e9cdeb1e4666021a4439271c4c28118959e90a303dc3d0a14b4a07c80ccf3ee77efbd1c711907c0b0ae1586c5f3709c06f0373

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4a965d6dfbe8cfdce7d5008361e88520

SHA1
d658df730ff447b547bde8d8c1b2a97d4315a09d

SHA256
9d8abd58a1c1338cd1b31bcc1140b7baba16a0bf207ff1cac36150567063a568

SHA512
2b9d9d1ca8b3f4b9dedcf2f86e2ae434aaa7ae11ae338a1fc59dba5c5a6f61f6a83ce5f3eaa00bb9a196dec317aa6388932f50fc8c7414242790d5ec1570cdd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f812c1a31cb7d6337cd0d83c96917fa2

SHA1
86d06b957b6775c20ba8035383445047a51b8968

SHA256
d41f32b37c4453d75045d381d34a7eae61fc11f8d1017b0c0c4216c2a7edfa2c

SHA512
5a7de66f68dd4977e035f5a871dd390b6745777f0af997eebf820d27bb66d0770a8bfc52d3e739647336c87b346958bc5f3b3502466ad3c4eecd789525087e2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
acb3e89231540fed2ad886475e2a9d84

SHA1
ae88c8618b1c4f4652a17d7d431b353b0ff7103f

SHA256
16216fd4c174ce38618ae054b99e58e5ae3d01f6f745df9b49a19321e9660ac1

SHA512
54e8291ceef39c61ca8cc7484479063dc2289448f0e3ead32c88c1bc117d8c0693a18b4539cf12eb6ca369858b2c610450001c49c2401f89c1754e9cca1fd763

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8b1959c228d1f8662d96ee78e6400a0b

SHA1
07c45bc98755295f44d4bdccc632a9c3dc9b45e2

SHA256
8d87125fc7cf0d5acaa2a348b65328eab4f24f6589f67220a729f3fdb1c91101

SHA512
4128bccb64074839d88626fc993df5de2d26c655db37d4e42b5251c4e5e653d4600bd794652c5c26424087038c91f4762348e2f69bb39d9f57f074d63d094ab4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
280f339064cdb910897763380cd203e0

SHA1
c383e6ca4423375a8f7cf08e47dba9c4e240affb

SHA256
1dffe41ee287c319a5d099c189320578e75bbe75503f9b727fcd587b1b76fcc9

SHA512
4a128a4adf663d513e78c936624019185a288c6e1d4f65a9e040d6b9836c3d5a2e16ef1525b60aee95833472a6321534daf4274abe0b95cac792053859fa13fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a71c6feb79f26937d29b315d26448989

SHA1
6216e7727f46eeb35ca10ab73c94745d24424056

SHA256
b89ce998dee11ad9182a2762333b1a4d3f5d327edf48ea22e5e2420a3b28abe0

SHA512
efcf9cd9c023578d2fabc6ee9b49f64cdd7c5197e8689b12b9b7f50cb81b3e34ac36c0d33238c988be359ba6ed65f72b0d48bbec0f57a4a4462cc2a7e0199df4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6278be648bc00490778b44482c3cb093

SHA1
3e972810182df0942b5f41068136e05b5e357a15

SHA256
17010e1dc9c17d941fcd668dbae12d8b68c1ce7c1a334f244ef9b96fb311eacd

SHA512
0baab18e41e303077336286a196b312fda10d2dd218688f1c1dd3b2eb9c40f0734207f9fc9012d425a7b2c8e3772dedc8babd6c6c988dc4d6f93e943d56a13e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c6fb6b4cfe7282cde045d57eb78a2339

SHA1
addf2e24d350d7fa0ecae4eff40f48fb8dac35b9

SHA256
ab1b4e0c8b028d9ebd3ed1c6e6cd1852806cd8b0aae7adae0021cdbb32be3d84

SHA512
2b95d6df8bbb550639cf65c0308eb7ba1d03b9d10fc6726dfcdd649226d9bf2344064f1bc0ff2cfb36180cdf1d975413d7957ccd3f1d787fe2a7ed913516551a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a2c2bf7ed65d6782ac2f7167a2a5002a

SHA1
daded0a424ceb9730b30287506ad99ff79a339d6

SHA256
f9c8c7c1ce665ba00476f08dbcf65bf8c6ce137faa60b8c8d4acd9829121fa6b

SHA512
9dc5dc881039f07f649939fe0ed20c6057cc48699da5e159a731dacc30a33c78c4149754d603651548ff45ed9d1a7111a9f2535506d7b999468301e71679a4a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
544e9bd731f72e5142371112ceb8aa82

SHA1
0f1bf2f9225f0a82299ef0f44641dbd5594c49e4

SHA256
46c5ea8777ccde40b634f6da6e28d47440c9487b4a4e3a2fc4d1fd299825ff90

SHA512
80f071af12aae26d58e3f2f086e8915f53cd5130425a69af2447979946f06f6f4e34d960c5a65cf64e0fb3a8a3b5022d98b8a0d564ed88b073cbe5e6fe56ae4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f4eb8d2b-eaa4-4b77-bd27-6c8b2493f572.tmp

Filesize
649B

MD5
7818e32ff22f4d747563eafd08f00806

SHA1
5625d22e7081d684939e8d44b2b122b11a12eebc

SHA256
d71c346cbb9774805d39c8c146329fb7b53a9ce5d7cbb782bc9b4bf15febccbf

SHA512
d70a9984fa3d84bd3a881c2be1c6a8b1e9dffdd0c17003c545aea4a9c8d1104a0e6a204d7f85fed219967fe4c34857de803d543a7966eb6ee93588a1145abba3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
13f9891ffd1e7b12d34da726341b0902

SHA1
05f5f88a2e8a28d2de37d3cb5a69a3579549de0a

SHA256
3d181c1621f52fc3e41e4f76fd8f54c5e0901c03916c9b80ac83a8dba32bb49f

SHA512
e40b22f8d8aeb4bd735387b5482f396073c05b22f2451fed0c1940ddf186716f1489383679b04470be79c6f153a5823d263c9b0d5007e26c53d280686ca1e7ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
3fbaa18cf7c861928cc2d934e57dc597

SHA1
14ffac56b2c4407b4b21cd06fb84db50c54cdfe7

SHA256
586cce152d261a4f82019d0dc1ea9022bf53c048c302ccf9f88bc78c1ac3b391

SHA512
864f05725a2721c2d58ed22e62e98c4bb8a8e1fec938366736719ae96b9289c74a551088eceb3212b790c22edce4fbb4254a33b0b4a4df912347dc14ee822c6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
94d0fd92398c6261f320faeaa5cd6cda

SHA1
ebe5ff44a2e23da311311e055d7c4e1524b7dd4c

SHA256
f258603c360e9b84673318e5fd1969004d09959c578b7fe47a250b6001b9a6ab

SHA512
46f9a4c6dd28501e2585ea228e59467dd12d47d4fb63460224545dc7f6665fbb3b2d09b2fd4fe1cdb6641d43ce2340ebf2018a4e85c41e2e388ead4fb6226abe

Download Submit
C:\Users\Admin\Downloads\GIFs-Tool-For-Load-screens-Botnets-C2-main.zip.crdownload

Filesize
2.3MB

MD5
4b91088b5b49c2f2e64a4a7db0f46edd

SHA1
be12bc77cce856757c67e60b6317a8ab757c7a1f

SHA256
c6d0d55100df909df959c2ef3c1311c0ed35aa8441e5aba0f806172d5436b221

SHA512
56ebf0be0abce8b8a2b7ff14e2b052f0d1bfdb73fa6382d816e15444dcb4148cf3f22f4681234f5b1773443fa745c79aa8d865251657f800cb0cd62223f400cd

Download Submit