hxxp://superyp[.]com

Analysis

max time kernel
299s
max time network
289s
platform
windows10-2004_x64
resource
win10v2004-20240910-en
resource tags

arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
submitted
29/09/2024, 06:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://superyp.com

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133720644072572013"	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe
Token: SeShutdownPrivilege	4628	chrome.exe
Token: SeCreatePagefilePrivilege	4628	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe
4628	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4628 wrote to memory of 4552	4628	chrome.exe	86
PID 4628 wrote to memory of 4552	4628	chrome.exe	86
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 3972	4628	chrome.exe	87
PID 4628 wrote to memory of 1952	4628	chrome.exe	88
PID 4628 wrote to memory of 1952	4628	chrome.exe	88
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89
PID 4628 wrote to memory of 1896	4628	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://superyp.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fffc84ecc40,0x7fffc84ecc4c,0x7fffc84ecc58
  2⤵
  PID:4552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2116,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:3972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1880,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=2168 /prefetch:3
  2⤵
  PID:1952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2268,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=2372 /prefetch:8
  2⤵
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3040,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:3508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3044,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3676,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=3644 /prefetch:1
  2⤵
  PID:2436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3144,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4644,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4796 /prefetch:8
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4452,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:2692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4520,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=3424 /prefetch:1
  2⤵
  PID:2280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4572,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4588 /prefetch:1
  2⤵
  PID:4416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4036,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=3360 /prefetch:1
  2⤵
  PID:2972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4808,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4348 /prefetch:1
  2⤵
  PID:3208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3348,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4932 /prefetch:1
  2⤵
  PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4552,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4404 /prefetch:1
  2⤵
  PID:2692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3208,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4348 /prefetch:1
  2⤵
  PID:4904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4576,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4916 /prefetch:8
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3352,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4584 /prefetch:8
  2⤵
  PID:2596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4360,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=3796 /prefetch:1
  2⤵
  PID:4160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4432,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4380 /prefetch:1
  2⤵
  PID:1084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4660,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4856 /prefetch:1
  2⤵
  PID:556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4956,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=4044 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4524,i,814805649264346850,12214271905890785727,262144 --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=3148 /prefetch:1
  2⤵
  PID:4904

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3124

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4472

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
5cebb985eae9068bfed74c5f70d0f38b

SHA1
1b55c770cbcafd2cc60c5e1fe4bc63099428da3e

SHA256
160cf4186d055b99e07f38c80648d484564b1b8d2cb11033d3a51d10a722df7e

SHA512
9864eccbc1389ede38b5cb17d29d3c100408047adfc95b84f847032087038396644d2a0d7ce4eadd7b35dad6275bf1ab0f545994ac0f044c07af049acf716ee8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
c566d94e40348ec7ccf878806f11f627

SHA1
4f526ba8e9d53313921d884f44440aa14a99510f

SHA256
6e23b009dd2a5f81fa4e1d3f0300198380c91d26267982f84d1d6735184ac1a0

SHA512
234d0d0f5d6dc5919c11be50cf4f8ddc1092fefe2bc9fa8e4c3333b5321ecd13c08fbfb717c72b0017109f151e3532d5415ebe47f184054b635e8e212fce651b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4ccf60bcd13f86001168ce21d1c4bda8

SHA1
16a4075f5e5cacafff76628813979accbbac7a2f

SHA256
efe0182f88b4b0ffd5a701958f8fdb9cc6350912b7cc918aec9b3d7bca89096f

SHA512
211b02a142d0e33ea338db73295f53e8d8971ecd791087d3d8a959afb291d27fafa034ce1267d87687d9fb93c1e4b00dc8635f31ec2431bc20fbd666b0e7c1cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
321fb39affd489854437c7cfb8c942cc

SHA1
fe568c8ae4e4f52f82f49638e9021a9f130bb6e8

SHA256
703181074da00e8233e889d2a8c4db87a063fdc7c81ab6b220fe7b5c33e778e3

SHA512
edca409d929166dd0a29f0eee1cca6d31d2d9fb047472c4b4d06d922cacf8885feac0100d9a04719380157d9b3e7f81571853e6ebdcf53cf002ce077fd713f99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
af585d49d2382f1614621f8589d2cb35

SHA1
5ef3a4b7e05ba2268bdf5aae0600d021427dde55

SHA256
7175864f5605fca2de1293d2aacc80c4900ecd96e427b4c5019fccb29d11f27f

SHA512
d4942cd8f5441d5a63f7616e435441fc35733b8dd0f1d6758bf2ae93e1f7fa59ebd757bd09c82fd6ab10a36133b82c7595e3442c55a6665e6bcc62f84720b564

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c9e4e24dd9bb88057ff462d156526af9

SHA1
82a53888dda3ee08a08405624795d833ed515eaa

SHA256
1c8f7edd762b907cdd39a80d77b3ef27decfe339ab848b2ea83d0e70afb5a15f

SHA512
40d2c024c95a778f4edd1021cbd2a5e7a4b3615a01f33d61a1d9b80cae67200d5dfeb1b196c3a64316ea4011a2c8cef7fc65ef6c0e3fec3477dab007f2058f2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
727c34c1c5f3ba0d9c3c4eca0377eaef

SHA1
4dca922e7de0c7d6e184f85ac7bf8c74793e86b5

SHA256
dd39566ba8c1966a3c3e93a3d098bf33dfb25b5174e86c852669c982931848e5

SHA512
daac245a379ad0f0790fbe7fa67f2be19902ad095d5f537ce276b9359070e33fced84d15243c87f41b18de7d05cbda74f0d8af6cf28da2ab56dc6fc19df908c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
10e2f8a6efe021dca426d4e69710b6f2

SHA1
2965c8e58d327771aee8cca4c2710abd78a39274

SHA256
ab988bf2685c5b7474f12f57cc42ca1b31114a6e877862d4b5a7c635bb4cb997

SHA512
ab08199ba709f33ef95e4f90cf1940022f61ec2ab164bef04684db2eae4487c2cd699a33ca15b04e15394bcb7d4f07e0b93e54c118d452d43964ae2bb43d7333

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
40a955e651e6e76fc84bc95c3c3ee5ba

SHA1
5ee6f06401dc15d6d80110d52408c965f303de53

SHA256
6d9007aab11799e961fa4b3690db91826ba00e373546c389a978ff23dae2e940

SHA512
c80cc78a62db24c27066436afd2cb5c1f9d8d8e7378d26061a206607cf92c654a38fd0330ebcb64d891d839448809c65bbfb06629c3e769c028462890d307cb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c1f58825e3bcb1907bcd951314696094

SHA1
624756a9fb94f50aaa349415143c0a187c2fbd84

SHA256
dddfbfa2477f6db07b8322f060f108cb4557a9df1f8890fc0f11b024f749a7e2

SHA512
dea684dceafe0f0bedf13c4764a16781619c17ead26fb6557149f1e2c3fccc4628a0942285bc438a3687567bb5ed1cfcef4da332d540f29833b5980c2f22e9b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ef341edb8b2443bd13af19070f34ef70

SHA1
621a9bd559e9fa3aa263c2591ced17aea74d1bbc

SHA256
554952a6f4e6e6fbeeac9ba9cde71363780ccee9b64d61f62d2247dc5ab62279

SHA512
c86c967424e9e8d59cf86f3fa74ad0cf83b403be2aae1560df512489dc27e52cbe7c70ceb1232e52100825a16d2b36f7ffee90c2d0409d83dcdd05a837f452fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d94833f7cad0d31a717ff41458cfa1b0

SHA1
70e803d219211441d521dd88a25a0ab96e3750cf

SHA256
2c13c4b706f52fca944fbfd9d2670d4bc1cd1651cc198d2b793a9e24c050701d

SHA512
fbf8909fa084d7165cb6e9b146b752a2e93d5aaed8ae4ac50d2c242e7cd33d120d6808135fd27f7ab7d2e8a49e9619427eef9619a5f8c75968fe601f7f62b6f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
45ebb23337a48c0bd18f75a0ea78a0fa

SHA1
033c6260f9f4bfa5420410193cf484ab23907b8d

SHA256
5fd8973c1f4484d9060662384a2288ad5a74092e9e5c9b3aa8711c003743d1ab

SHA512
1162b3ef98ae3661fd311319da2f9303594f418170df83dc58cae26097a9c7026e775b302ba5daefcf6e80e289ad4fe4e1996fc93194547a6b328d4a9c4d603b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a2e37f34bd8b097a32ae4ce6e05db4d4

SHA1
4198a7d4790eb5d5403e900a7c9e89c45b1884fd

SHA256
a7bb10a697e0029859da25a8a8cbb8d486dbbd9352edc0acbcf8bd92a4b58368

SHA512
9fdf61ab1971a0b4e057a6c93c2714ae467af08d3a476b2dbb94bf4e95a8b31e81c31ad60f718a64764af678053bdb0b4a70f2223adc16e4bfcc0710dcf6e7e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
30c7bb50e6819bbe6c5f60a727b58b7d

SHA1
17b04210e8d23ea589ce466df704f85df86fc22b

SHA256
8657575b04fc90f81199e6a1fdded09994ad90617bae642aab97c2c34be558ac

SHA512
c933616a670840cd80ba5f91aeeaaea957849b2b0e4413462fd55368313baf7170d1e0781d26963ac7e763c03b6bb7cc05f4d6079907e4ce6a34f9294f8a4a16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8ab2f423ec446ce1ac2514875c0d13fb

SHA1
e8e261cbf290e97335b52a347e41255d387469c2

SHA256
89a20f946863fd23fb5b9835f3b854d14d5cc41dd48472fff51a65d4d4ed48c1

SHA512
ae55200788ee146750049bd35be1ca0fe9475483eb81e4411004b809844bc6980529cabd360b4d32f6fc4d4279b152f5773da6da3d8b5e0e0b1b001f6701dc9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
113KB

MD5
2bfb7a1ca455383f218bff7624b60020

SHA1
0688a7d12bb12faf63a8a196a4e0dcc4b23ac68a

SHA256
86a92f89fd3d965538b370a73a8280c4d03dae1c7208e1026c50e731736605ae

SHA512
7749cb3bad3343d06bdba2ac203d95c5aabe3e0aa0abfd9f933221aa8eb6db0b186abd9afedf9195f593b37ccc9b4f6af1094b6249d3fc6581eb8d853db9902d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
112KB

MD5
e75ef0db110d7473bec38b52f88afc00

SHA1
c605d8e9475452186caa33a4c268bcdc447adabc

SHA256
558e0b7d549aef31f04fc113600a303a2e8ff893cda4dba849ba98af8159af1c

SHA512
3b26a07c0007a0c92c1e46db7b8a2059792f06b9f57d6a9a32ac46f5e52242c5e8af32778be58c9c00b739a0363e46fd7bbe728c40b6b53261d29c59dfde3200

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
113KB

MD5
d0b9603d76c45f0ec21ef93ec4dd0772

SHA1
b58c59565b24471e79837dd442443d693f61228d

SHA256
5e66d1ba14b1ae3e14176a19fda7a89d8725379f2bb9479224b02868c042feb6

SHA512
0c75c150e1f5f3cddd71745a0f2519894006c396bdc2099f6be166e774775ca18f575dc856a8d8a370e1e4e26d83ad46c206af4fa9683dd3d9ac0c00034e3c86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
141KB

MD5
020f772021141a4979e7b47aad0b265d

SHA1
6b81d23dcd9336a37d4dca036dd67d2d76c6878a

SHA256
a26ad2801d6c38f16e621eac089946cf7bd835c69e2c54fde8a57b6baac3d58c

SHA512
5a7d01042496badcf73257a3498b4140ddb2afced5dbcb1150641474288717bf0c6493fd4128bb28ab190e32933fdb3da59468b81f0bef47a54ec7f5bf328089

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
112KB

MD5
cfd1152a4d011cccffd078c0d91e622a

SHA1
129852e818b54f8b8b6a7286e870a954546400a6

SHA256
53ef4f9a94068471dca54d8c5ed663785a0b0cc6787d143bdff374602bc73b82

SHA512
7db8d4eff78f354ce6db3cff53ee8c4801836c67536a94ffd29539186a9eb04ea106ad8d3ba1a7c90c5454989000aa8eb2f8ba1932403c02a3033798b9deb663

Download Submit