4d3284aa833c482ec2bbcb0028d8a42c7a3f47149e93c2d0ae96922e2f326862

Resubmissions

26/09/2024, 11:47

240926-nx2jyaydpf 10

26/09/2024, 11:32

240926-nnp5jsxhqf 10

Analysis

max time kernel
419s
max time network
500s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
26/09/2024, 11:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

FF GOLD.exe
Size

7.4MB
MD5

b1051d78ee9ce097984d89a14dbe6b25
SHA1

1202ed95096058b4f508cddf8cedb83ebe312173
SHA256

4d3284aa833c482ec2bbcb0028d8a42c7a3f47149e93c2d0ae96922e2f326862
SHA512

43b8d710cd1ad959775f3df6ac92ad2bc3222f69e1f2878a887f737bacbb15e669e96eaf07e10e10dbafb9f9cf7cd932d7ff041ee88cc602caad04735579e091
SSDEEP

196608:onYS6vbTOshoKMuIkhVastRL5Di3uP1D7g:uYSeHOshouIkPftRL54qRg

Score

7^/10

discovery upx

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2884	FF GOLD.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 8 IoCs

Web Service

T1102

flow	ioc
67	raw.githubusercontent.com
68	raw.githubusercontent.com
70	raw.githubusercontent.com
71	raw.githubusercontent.com
62	raw.githubusercontent.com
63	raw.githubusercontent.com
64	raw.githubusercontent.com
65	raw.githubusercontent.com

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x000500000001937b-21.dat	upx
behavioral1/memory/2392-1101-0x000007FEF2E60000-0x000007FEF3449000-memory.dmp	upx

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2764	chrome.exe
2764	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe
Token: SeShutdownPrivilege	2764	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3044 wrote to memory of 2884	3044	FF GOLD.exe	30
PID 3044 wrote to memory of 2884	3044	FF GOLD.exe	30
PID 3044 wrote to memory of 2884	3044	FF GOLD.exe	30
PID 2764 wrote to memory of 2784	2764	chrome.exe	32
PID 2764 wrote to memory of 2784	2764	chrome.exe	32
PID 2764 wrote to memory of 2784	2764	chrome.exe	32
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 2644	2764	chrome.exe	34
PID 2764 wrote to memory of 1716	2764	chrome.exe	35
PID 2764 wrote to memory of 1716	2764	chrome.exe	35
PID 2764 wrote to memory of 1716	2764	chrome.exe	35
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36
PID 2764 wrote to memory of 1564	2764	chrome.exe	36

C:\Users\Admin\AppData\Local\Temp\FF GOLD.exe
"C:\Users\Admin\AppData\Local\Temp\FF GOLD.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3044
- C:\Users\Admin\AppData\Local\Temp\FF GOLD.exe
  "C:\Users\Admin\AppData\Local\Temp\FF GOLD.exe"
  2⤵
  - Loads dropped DLL
  PID:2884

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef72b9758,0x7fef72b9768,0x7fef72b9778
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:2
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1380 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:8
  2⤵
  PID:1716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1572 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:8
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2316 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2324 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:1
  2⤵
  PID:2464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1588 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:2
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1584 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:1
  2⤵
  PID:1336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3436 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:8
  2⤵
  PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3552 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:8
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3524 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:8
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3544 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:8
  2⤵
  PID:1796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3452 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:8
  2⤵
  PID:684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3472 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3644 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:8
  2⤵
  PID:1812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1428 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3780 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3812 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:8
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1960 --field-trial-handle=1464,i,5225344555994394531,6393312919066590766,131072 /prefetch:1
  2⤵
  PID:1536

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2216

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef72b9758,0x7fef72b9768,0x7fef72b9778
  2⤵
  PID:1456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1180 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:2
  2⤵
  PID:1304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:8
  2⤵
  PID:860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1632 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:8
  2⤵
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1624 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:1
  2⤵
  PID:348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2348 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:1
  2⤵
  PID:1744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1436 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:2
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3188 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:8
  2⤵
  PID:2616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3324 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:1
  2⤵
  PID:2064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3312 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:8
  2⤵
  PID:320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3572 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:1
  2⤵
  PID:2708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3184 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:8
  2⤵
  PID:740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3252 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:8
  2⤵
  PID:1296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3868 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:8
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3548 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:1
  2⤵
  PID:2752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:8
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3880 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:8
  2⤵
  PID:2428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3808 --field-trial-handle=1248,i,2312314158193698773,2769079214893106449,131072 /prefetch:8
  2⤵
  PID:1684

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1276

C:\Users\Admin\Desktop\khalil-main\FF GOLD.exe
"C:\Users\Admin\Desktop\khalil-main\FF GOLD.exe"
1⤵
PID:2108
- C:\Users\Admin\Desktop\khalil-main\FF GOLD.exe
  "C:\Users\Admin\Desktop\khalil-main\FF GOLD.exe"
  2⤵
  PID:2392

C:\Users\Admin\Desktop\khalil-main\FF GOLD.exe
"C:\Users\Admin\Desktop\khalil-main\FF GOLD.exe"
1⤵
PID:1140
- C:\Users\Admin\Desktop\khalil-main\FF GOLD.exe
  "C:\Users\Admin\Desktop\khalil-main\FF GOLD.exe"
  2⤵
  PID:2148

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
373817ad38090cf0c8062b623846338b

SHA1
2b5df2d6c1929bd068ef30e5e0766de8889e3f4f

SHA256
ae1b012baa4cd7e0bcd85ca37b2a3f141ba2a036c77c7730528704f4648a4b95

SHA512
591f3cb3dca3117d2b694ba2cb525faa91e2961872e166dc21fc7967fce6092dbeb44c99226650ac3e7f2bb8e96664a6204eebe8ba5b1a90a1bb11d39a975257

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
462a14c31d87068e2f7bebf578bf9a9c

SHA1
84a8671d535a8f8b090f8d2e5788c37d7d22699f

SHA256
e4a54ec07eb9ca53a9a97afbe041a40dcd935de53f351ad81a218e959cfd1f75

SHA512
3bcf41f0f8735035f684b65002c31aa7fcf956c115cc0b81c9d13db44b173bc8fae662b24b3df3cd56a19cfc2f2eb7bfcd0551c8103c53490024819af01c2388

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8cc2d3903e1f1131214d5ff7c4d50e56

SHA1
1f6cd488d75e3da2bcf29daf464367954324cd65

SHA256
8abe0e6007e785908a7f62ca55226228651cc716b1f9b60edd35f00dc0b2c53d

SHA512
a8e1ad978a0dbd1930b560d7c96b2e84595158f841c97dfc17a24ed24b686ed39c8be3f0e97cb7d3fce5684d4729df542a8e0dae8dfb2108e697846242c66fd7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\282ace5c-a49b-4e8e-8411-fc74684b7791.tmp

Filesize
327KB

MD5
077248120a456afc20bcd068f85644d0

SHA1
2207418303e421e60d1ce96aa34b6156c284c378

SHA256
cf46031a6cc3c4e5f8518ae4834d8e14d88d58891c630c657ff56322ebcbc823

SHA512
6db634c01edee63b4f0debb0a40f767835446376c4d4d9b2ba0a010789aa1f8720b0014c3bfa72c61f79c02deae05eaded3a754db5f78edb1bc8129a277e45f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
6440e5b4ea3156744e4a29d42c8a2bd7

SHA1
da7b625fdca100cadf355ded3e112a57f8d25866

SHA256
c06f6986514f9e2a2853949c3809aa06a2d39594470ed4ffc77b5a9552565fb7

SHA512
960de88d405bccc917ad98c1cc04b9a3cb2daddd7a53ab5934e27e3bb2b1638dfa81688239db0910b53af711521a998a788ffabcdcaecf36caa0df2a31582d7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
01d2e9ee78b56702771090026a180f5b

SHA1
d82956f57d7d664fa77ce3d54e9fc62fd1c7da69

SHA256
85fb8231d5cf163dd11fd56fae7d7a5f7ca575f7dc19913d3749fd5caf09211f

SHA512
03f5a05735b6721aa5d16a377b12c79cdff0954d2519023898456d47a2239c0a6f4701c4c6b91af9ba389ceac2aa0c1499969f05523736272350ed283d5f0531

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
b3ee6feac158ea3f58cdf35c2970205c

SHA1
9a217c51d881fde38ef9fc7debe5b1829b99d68d

SHA256
af716cd2f19ace93f5a4b1c7e36654fb08f8cea1fd99b8951dc3157267e483f7

SHA512
e3a521222813e80776e88c0be15e616708f6677d78bd0babe809752a1b2abf16f9cbf3e86d37fb3f8bed25746494990fa6843fd05208f50a416444af29d7a6d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
936bb192335766ff64f80827fdbb0c9b

SHA1
5995d825b8e84b33371200d56e1cbff0a4f9012a

SHA256
609a54de38fa0c24c736f5ec8f5b7407340685a5834ac3537708687af2f2eb72

SHA512
c61482c178db0af6190a576fba3823bf539f83ef726d29ffae797245a562a8f15386b2da7e67e6d8e6a7ec071da9e712f16716ac54efa2b8ba8e412516ae48ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
baa3c41894836ab7497a9f16d570f4ef

SHA1
4970518c183067f0cfc0a44a11d88b0f2c714f1e

SHA256
c9520be1cc79c0f02e61737fe89bc869014ee875c6768681b28cc813c45fc5f7

SHA512
8f7bdbf476819636cc1552faff70d4047bc2539f9c25ebd880b5cef4ce4c40e557762c5311c29c5cada0426977c3c2665fd34e2125ceca5d0cc1128c037f4217

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
7d1227e11ddf0d58391f5817e47241bc

SHA1
1bb48335f241153abe9916561e0b44750c19d9a1

SHA256
49bd8e79a806957d6e947efdbaf1ba2cef4755959060ec6b6eb01f6cfbf45619

SHA512
8c2360d0fc8c3ed65011f275a11a70daa3060f8bbe2e5f0bf4ef01749992d70b8b125c33f8451812681f1579cce7ac34783c8841d2ce49e76f01f41b80378ea6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
0b81f4f3cc39ed4c67a9c3e5ba25149f

SHA1
6ea45d6d0773a281a35812ac63ed28af12f2759b

SHA256
fad18506815ffe1dded52b5585861e345e4f61f863e87365eda129aab4e701cb

SHA512
7c4b703d0c5032708897408d8121778b3b837f764accd15c0c5e0f71d59063b9142aab2eb2c5406db3139271140ede1797cdd0fdca0c89ff48761352a7058704

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
8153bdf07d2f0e43f555f6aa612e7a95

SHA1
786ea34b1baa460bb867e3fcfa6391384714b827

SHA256
53e0e20ea9d4ca9e0fc7d8a89a66d0d658482721827c688e61835f2d4eb166ad

SHA512
25b5844f3b3860946487762bc54afae21e2c1d1f9731fd9bf92c3a804a5632c70093df1056ab26be4b76d0b9e2eddc5f833ce01d493e43862ca772bdb1322b10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
1ec3239e3dfcd02be08037dad8898ccc

SHA1
9e675411767a8399c2143eb1c0f5e625d5c2d2da

SHA256
56d4e3469e4e2cb0975d61bd02a88b4b08246c6c98f157ae429bd6b28a266c52

SHA512
b4daea78031ebdc3914eb94881fcb5c47631664834738db31f06a73ad2eccb181ecef83dd6e92da65c6668bbeac6de25afee70b0bc570824446f0252ba6fae3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000007.log

Filesize
25KB

MD5
4deef58548658eee09d5f5db946d8195

SHA1
bad73d4619d571a6a9565ca3ba53b69ea07181c4

SHA256
4e139b08f41acc7083c4b0dfc7869cc5c5ab9e8ef7c1c49b86ecaf3da95365c6

SHA512
ee2cb485926c80f434636b41de80666207233c04ec47ac42d0ae3edf0f1c5df78087966d48ce7aa9b111a0703d2fe9c83a864d316db40e0ceea05b145375cb68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
b1dc246de6eb515520318ddb9286cbd3

SHA1
003aec1ae2b88472d82f56728368d7cf77890fda

SHA256
76f3fe094193d0f006c03140d541711b4cef6f5afa161743a71098622db0ec79

SHA512
f09706708c1ce625f83859d597b955e5b46a36172b8bc8d1f1a06b99bc2646044723ad2e13c6a93e07197fc9b7e0b78e306a0976f887e2111492c4739144e6a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

Filesize
50B

MD5
78c55e45e9d1dc2e44283cf45c66728a

SHA1
88e234d9f7a513c4806845ce5c07e0016cf13352

SHA256
7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec

SHA512
f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
425ce0835d68fb4a9cc3633eb08ee6ba

SHA1
9340d9d935cfd527193856e21db175be216b236c

SHA256
975614027b23eea11a9119da3a1dad6f4900b19b9a2e6f9b97ebe33fe46b4f7d

SHA512
ed7245f5e58bd74ced9d09c73a615dad5104a215ba606b2164f3ad86db0b6a437567db0b1b395d229ed69fa43e64d2a477363cd9faa8e5b57c4e2c19ebd649f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
853B

MD5
88b2eca470dd1b7df98665226be6318c

SHA1
b803f5815985fe7e2dd611bb0fb444852b937eaa

SHA256
2755c7f86a8dcf08a31b47d8d76c71e1c4bac7057ba59d79a001691c87cf7596

SHA512
20eca431e75d252ac81d39f5212b7294a551a57836b6db81e52360c1017a89cbabdeb12fa494c751ebcf683098473e063074bbb2c941a4782423db522f3f764a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
853B

MD5
3642eecfdc9c9deb550a444a5161333e

SHA1
55d4ad9ce306f9089668c530b57dd4a862c787a1

SHA256
66eac459aac656ecf09fe6965dc417754de1e821df341f296ba67ad7b605905b

SHA512
36450e88a157cfb588bf00e2e99b0167febbaa28f777c5b211986f228f0f699ee67858f9cad91d93d14c49aea2df5efe7c422a2f3dbe64e3f7375429b9ebe91c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
921601c9b79fcaa73aecb3236c32c0f5

SHA1
8ed875c9f125cda55906632dbb6b9b6b2d4ecc4d

SHA256
04f5446ec634ae7f7d819aedcaf964d4828218cd3383f4489131c596a6938165

SHA512
e075c66cbc49cbfc4b6f8f6c9ae4bb3eb7dd2bded4d58e96db1970e4a85aa181fe7dc9b1748795f20d87f6b48d756522b9bda9ebebd487efe3f7933db57746bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1009B

MD5
d7dcdcd7a168e93d051803f42638daa6

SHA1
aa2e47ca447f71cc35db7901e66047ca5c27a69a

SHA256
39febe78ac1692e098d957bda35f647fc3f87cc8bc1f940c8de4ba3cc7900661

SHA512
7088f670ffebfd52cf22fa8b1151cd51b4f79b2866c6f455a336c6b372eab33c5db0903fd1f389e77baf56d1e49e5676bdfdc0456af8eee9a5c501d5183a95b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
853B

MD5
d6ade10546d73f213f8801dcb6672eb2

SHA1
7e93ea111c2cda4883a2c4f38853e359cf69b2f6

SHA256
cc1e9f411e113f2e56210ef5ece9a3fa27e9ca0b7dd8bb521fee045b34120296

SHA512
7da3eff9abac670c6058dd50b26bd4aec0ab6c2745ee9786381e4450e8ec1976b8b37b5090696e18bd0710fec34c997d38a7976ea476c0478124fe939594d86c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
6a4e0488c8c780f55675a0791862746a

SHA1
0b47ea13f6630f8c6e326bca59b1586b5156974d

SHA256
44aa2eb56487dffac0e9433feb18186febdf036939dc5b7e316193eb46b38dfe

SHA512
02be9f6b880f21331894376c29f4000c8f1441a4056227a646ea0171b21c02c5d078a5236e5e33099b325ed607c963bbaa023fe03793b20a75501a5c1c201008

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d4954ea486d2283087a011a8c260759a

SHA1
bd7c5568ee6f97bacbbffc445aa3ef5c5f2cf4aa

SHA256
e2cb29c041b304ba479314c6c2039f8912982ac3922c1bffa0aa90c3bb6320ed

SHA512
8f46eed05688988eadfb5278f33f775fc3ee77c9fe0fc22d92409bcd497d74fc0a223e25f6b30eae05f3220bcd78beeedaca3949ac4bbc56735a7969fad091f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
a5a497f672042c946fb72003efc3bb85

SHA1
1b035742bd407a7ece045796dfc794ba7a97c2ac

SHA256
b5892183eae7c85228e915ee3155cf32d2ddd614500ee6edd6d4ad65dfc62cad

SHA512
137cc8c909041dae3a89f61730df58c1a0e9c31b05be42c77304707a707adac1233a026f4041ccb17cf85167f099f774d3e78f36cf1a74642171d2207e83e54c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
ba625d21c0e0f24683f985d63a052836

SHA1
e1f9a1c2ed7d4119a79a5330308c514d8817f8d4

SHA256
a86240905b712b867460eceb45da5968eee4b2ce598d1065fdd4caf06ed72712

SHA512
5238c90eb5e9087b1e7afa2cbbae8bd28a3d00fcc10e0cbf61a8f95b6eeb02cc846ca0bd3a6a396da2c4a240b128562ec8331ca37718618dc8660c080c4aac4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
17a5b7cf1c6b7e5fc67b9cd7d54f3b37

SHA1
d47ccdc37e4964b388b4199a774aed27df022597

SHA256
11712a0176fd9e96b3cc5b451c1e8ab3a57d961622956ed96a245402b54ce641

SHA512
0fe5b7138013682e6f42e9a381429f5ace111a6a06b78c8a556df95c14ed1ed903200ea663cefa2b6599593d1c972dae742b7746af3a32e9f183b6a4f9caf918

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFf7d2137.TMP

Filesize
4KB

MD5
91c5a2a633fce367925bae1ac34758d6

SHA1
629152e46a576742c82fd67eab25e2da3d7b7b91

SHA256
a2f1e42623994f234b9b664e920b370b9208bcd3bd692c36414cc5f5d4d6229d

SHA512
2af983b9a5fc2c4b60ca86f58f063d40fc82ff82ad8e3dccb9c64c19d245c57bb2cecdcbe52a7e05075b567921cecd7f04f03efa92acac8ca58147718c55c76a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000009.log

Filesize
606B

MD5
2bb533ac6f3f35bf0bec5668b42717fb

SHA1
03fdd5281af884f26ccfaa35fb3525ad39b15e10

SHA256
b2086ee3123e2192b193cef7923708e27d8f453a39a99f4c0d7ca77fa1123de5

SHA512
df1c95bde839ed90a241ba67a938e329425bc693a2e1cae679c09d12b460e4f92e1aaadfdabc8a6ef4cef49366101f3bb310dd98c8b6e30a88ab55d7389c3117

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
4c80c4919ec2ac19fabc66f0cfee3ac6

SHA1
6d83e5b6a024888498a6ca1a51a9518c45963abd

SHA256
71708136d9c93f737f7c6345489e13fd0104a8a01e25ed53a20b1026d73f244d

SHA512
070f49590a1a71d4a4e79c2672c8842577ee97c2d47c44fea79f262f11a9dfe95fb09bd9ef5043b930824ea5cbbc851974d051c86f0a5aee24d8abf9945595ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007

Filesize
90B

MD5
b6d5d86412551e2d21c97af6f00d20c3

SHA1
543302ae0c758954e222399987bb5e364be89029

SHA256
e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191

SHA512
5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13371824697791400

Filesize
8KB

MD5
8f83f7ae3776423b93945b04c12f5aef

SHA1
cb9a77ed0d094bde39d787bc61b171440103c1de

SHA256
c365ed007e9c6ede6cd2eff763b53f7f18e5469033b5b3d19e3970b402bbad8d

SHA512
6d4f7b64506573aba72645a452c9c30cf6f99389322bddb0d169a6218f93325943b31c36796000b5e39aba348943ca3bcb0fad221bae1375ce4993eb74c59c91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000008.log

Filesize
132B

MD5
4a7e1124093c3d85b4c55a7a7ca4f994

SHA1
4615067afa7dc5e90ac8eacb0e7eedcd1c6dd1a8

SHA256
b86e3572f62137ea24d3c43f87eb996e02954130fbf05686bc654cea90c462e9

SHA512
bcc23269f88b2cb2ec048a7f232dbbd6fcdad41587f89c30f2bd7a54b11ebce5836d90ce470a16ddc44f4011d3bad9c3f41c98f66d500addfb6b86b493c3525e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000009.dbtmp

Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
5a36f88b2f49f7700650914c7fae87cb

SHA1
c722d749779671d1cafc4f2f05e39d845a006bda

SHA256
27307c52f1d0e1a757bca055f13e6c331636c1883ef73943c88a82ce2212c00f

SHA512
dbc3c0ec3b391e64b97af6783fb8cf91fad8a18417a8131c9eaa97fbbc1e933a4214f0be220a0ca881b52f01b86bf5a16cc3c9ff563bf3529799219343e72840

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

Filesize
107B

MD5
22b937965712bdbc90f3c4e5cd2a8950

SHA1
25a5df32156e12134996410c5f7d9e59b1d6c155

SHA256
cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb

SHA512
931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
136B

MD5
d851e6ac4319665393847774a6407c01

SHA1
f93fec4f187eac81c195782011cf47810b98492b

SHA256
6d7a0532eb2fbd5cdb9022f16d18d7c856bcf01d1df297a1d254951641044e82

SHA512
32b81c02343a432f673dd1d1f98da430aa6e42273a6a69702cbddb2785ba2b3a286bb8f5c0b7374fa3d1c9fb4de7a65f5c584cea7da9e61af6ff61164cf56cb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
117B

MD5
2ac0494b5c4c6d605281ee87339a0cc7

SHA1
6ea0fd5480bd086ed4110d0622388574f0222666

SHA256
53161ecf97484ce07e22fbed3f642f3c1daec51a22b84be407522e5d38d2afbd

SHA512
77c6a0422b17b90dcc84094e184020613bfc7f71f07bb6fe15a68f48330e7b374c5228d65606341248983e3ec17c9b30a61e31ebdfac73f7e6abeb9d2b5f8f7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
d84dff128e2536b29732f819dff66207

SHA1
d47b76ab7693286045b4df9fff2d5d483e8adfbb

SHA256
3c8d677185cd2994eb771ad0a517b64d3b1f15d556c840ad0267bbb3ff1097fd

SHA512
9ea1ef23af933e6c86ce5a4e94d246c1949f74c7bba93ac92d7f61221a86c6e0791f85dfbee0cbbfa2f533ff55e52a7c70cf1905c3c52ebd36c8b8a8f982f638

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ed5bae69-efe3-424c-8bb1-0289d70f6c12.tmp

Filesize
5KB

MD5
aa4b6d70059fcfa86d587a06b1aba38b

SHA1
73aa3c10c5b27647ed521a9efbf170f43a21cceb

SHA256
ce1ae05e45e67804842327d703aa76e32cee33777a3c5d2d211d6500994b4aea

SHA512
506143a324e67eb27da770ad782cd850a5c3cf4cc871ee5cd2ab275b0ae415de1a9717f0107c6061f4633beb0370633914d3f834f09c022f5916c8902fdc1231

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000010.dbtmp

Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
34B

MD5
fe62c64b5b3d092170445d5f5230524e

SHA1
0e27b930da78fce26933c18129430816827b66d3

SHA256
1e1a9ca70503efd8c607f9bc7131f08aba0476d75f2586dadb4da5485a5315d4

SHA512
924daccfbfb0c0464b4c5fd769e01a8f2e96fe28b635aa27ab4cd91766b05b03bbf941af14c017436107673f01bad815ce1fac2a649e745c76b3c736994b4fd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
d0636a17eb20e70c8d14b6c29fe15187

SHA1
83db44f679969adef8dd42a56f6b86db6ac50c9d

SHA256
093bd5b5bc673bfc60e437bdcfa17dc0bcded97cb7f9d4c1db09008f81741665

SHA512
1004104bb284808e080ebbc8cb5716a729ff3325868624d215e97211bdce45b4d828170849effabc8eeeb8d32b749a26a4a95931f52846f6a40d3dbc0ef3bbfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
118B

MD5
9d96901602fe3cb26404f53a5d31f77d

SHA1
4e180fbdffdba1428be94677fb972c4366d92509

SHA256
95e611d152cc28312233f960ea5e942e0b257f13a61eab15c2aafb9fb4fabe1b

SHA512
c587d8d12d00f9d22c7ed1ea7b863f66149de221e8c65a3a7c49523f61150d60b3851a9410c89689b2ac67eb9190d6b3d4a2611a4f3313b5b5ca57dc0055e323

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
327KB

MD5
cfd88fb1d8a77d0a0011d27b26bb85fa

SHA1
074e0a81f8fdc1b89407ce771d946393893ac2a0

SHA256
1bc60491742dc6417477a65344fbffeeb1866377e26c29f56e4b40dbbd9bfa68

SHA512
473d79e85d1527cccd00f4d39554189852f0f4996a383f6f3f777e458861df63f6925af41aa99f70333bbc3e3285d586d6876b7d53a4a7b7992e194493e7929e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
74KB

MD5
cb2f422bcae4c1906afaa542460951fc

SHA1
a72d54341643e4fbf96586b65f63b2485b6a684e

SHA256
4c267d4f260c1503a11128ca831d4cd2eb67a5516fdc6bf2f7a5a7437f1ec613

SHA512
7d672c4f8e51ee28cb432500842dc25ee9023a83c823201cb55170ff4ae4d66abcc0a8ac6ad4280cb0a842de8c17b9658b25f4f327e8829484f3bbdc07218116

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
92a7f8a7787df35697ffee5c4d7eb3b1

SHA1
61160b670e7884d73da4cd0202d9250602486bae

SHA256
6157678762d3e3a65d17db1726373edc0c203e9856ea577675305a13291572f7

SHA512
e61f2220192e44612f60ba2ff00e2a4f6a36128541c96e3b5ae45afa236d45c35ff16d32c27b828daf1c541b4b84d4878a72617c5dc22b7478926d87fe29768e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabF672.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarF684.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30442\python311.dll

Filesize
1.6MB

MD5
5f6fd64ec2d7d73ae49c34dd12cedb23

SHA1
c6e0385a868f3153a6e8879527749db52dce4125

SHA256
ff9f102264d1944fbfae2ba70e7a71435f51a3e8c677fd970b621c4c9ea71967

SHA512
c4be2d042c6e4d22e46eacfd550f61b8f55814bfe41d216a4df48382247df70bc63151068513855aa78f9b3d2f10ba6a824312948324c92de6dd0f6af414e8ab

Download Submit
C:\Users\Admin\Downloads\khalil-main.zip.crdownload

Filesize
7.2MB

MD5
7342efb1ff08f393550dfdea56f0528d

SHA1
73698adbd626c067a21d5f919e9d36fc4ad7e7c4

SHA256
9ff43270218fea700764ac96cde132fe89be52c1e00b2ee456ef87996efe5a92

SHA512
d78257b00262634dd498651efd9f0a126d78bc7e7ea79129dfe262868e54974d9e08af103c82ef1bf4c0ebcfd481edec69347dc70ccae5141ea54ad0a38723c7

Download Submit
memory/2392-1101-0x000007FEF2E60000-0x000007FEF3449000-memory.dmp

Filesize
5.9MB

Download
memory/2884-23-0x000007FEF5A20000-0x000007FEF6009000-memory.dmp

Filesize
5.9MB

Download