931a4d913de14ff877f38ab1b21d8d395fe16ec403f1d60bb2c41a5b90549f6c

Analysis

max time kernel
228s
max time network
231s
platform
windows10-2004_x64
resource
win10v2004-20240802-fr
resource tags

arch:x64arch:x86image:win10v2004-20240802-frlocale:fr-fros:windows10-2004-x64systemwindows
submitted
03-10-2024 16:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

745c7c.html
Size

10KB
MD5

8ec9fea4f4da7b9ada4c106555143b6f
SHA1

7f654ea96fc520d4be4f6d8dd50d7d070a05f417
SHA256

931a4d913de14ff877f38ab1b21d8d395fe16ec403f1d60bb2c41a5b90549f6c
SHA512

a62daeb9462f0231b589b25e6f986534f8de303659ae9738dc6528ff7f8d5752ec81f041451d196f08c4ed13b1ab9a1dcbd6f8560e42f0320f958246ada47bc0
SSDEEP

192:rWuG+KWdSLzLNq7qLeLErLgTLeLGLHLfL5LzLtLCYQoFnwzhVfUV/ELSAypHU7Ax:rWuG+KWdSfBKSkTKKLbt/ROYtncVfUVN

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
1932	svchost.exe

Loads dropped DLL 2 IoCs

pid	Process
1932	svchost.exe
1932	svchost.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\INF\display.PNF	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	svchost.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133724460861576535"	chrome.exe

Modifies registry class 14 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\dat_auto_file\shell\edit	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\dat_auto_file\shell	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\dat_auto_file\shell\open	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\dat_auto_file\shell\open\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\dat_auto_file	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\.dat\ = "dat_auto_file"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\dat_auto_file\shell\edit\command	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\dat_auto_file\shell\edit\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\dat_auto_file\shell\open\command	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\.dat	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings	OpenWith.exe

Opens file in notepad (likely ransom note) 2 IoCs

ransomware

pid	Process
4092	NOTEPAD.EXE
5964	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3456	chrome.exe
3456	chrome.exe
2168	chrome.exe
2168	chrome.exe
2168	chrome.exe
2168	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 3 IoCs

pid	Process
5668	OpenWith.exe
5292	OpenWith.exe
1152	OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe
Token: SeShutdownPrivilege	3456	chrome.exe
Token: SeCreatePagefilePrivilege	3456	chrome.exe

Suspicious use of FindShellTrayWindow 53 IoCs

pid	Process
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe
3456	chrome.exe

Suspicious use of SetWindowsHookEx 44 IoCs

pid	Process
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5668	OpenWith.exe
5292	OpenWith.exe
5292	OpenWith.exe
5292	OpenWith.exe
5292	OpenWith.exe
5292	OpenWith.exe
5292	OpenWith.exe
5292	OpenWith.exe
5292	OpenWith.exe
5292	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
1152	OpenWith.exe
4808	KaishGame.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3456 wrote to memory of 1028	3456	chrome.exe	82
PID 3456 wrote to memory of 1028	3456	chrome.exe	82
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 5736	3456	chrome.exe	83
PID 3456 wrote to memory of 4680	3456	chrome.exe	84
PID 3456 wrote to memory of 4680	3456	chrome.exe	84
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85
PID 3456 wrote to memory of 508	3456	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\745c7c.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcc458cc40,0x7ffcc458cc4c,0x7ffcc458cc58
  2⤵
  PID:1028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1936,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1932 /prefetch:2
  2⤵
  PID:5736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1968,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2024 /prefetch:3
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2200,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2268 /prefetch:8
  2⤵
  PID:508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3148,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:1032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4360,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3880 /prefetch:1
  2⤵
  PID:3428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4740,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4752 /prefetch:8
  2⤵
  PID:6116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3176,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3292,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4840 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5112,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5124 /prefetch:8
  2⤵
  PID:836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5304,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5260 /prefetch:8
  2⤵
  PID:1628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5300,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5428 /prefetch:8
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4420,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5584 /prefetch:8
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5416,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3364,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5612 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3260,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3232 /prefetch:8
  2⤵
  PID:4176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5808,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4556 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5812,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4456,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6052,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5820,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3452 /prefetch:1
  2⤵
  PID:5332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3284,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:5888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5716,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5924 /prefetch:8
  2⤵
  PID:1568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1012,i,5261029452150255129,14386898022657342225,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5384 /prefetch:8
  2⤵
  - Drops file in Windows directory
  - Suspicious behavior: EnumeratesProcesses
  PID:2168

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3164

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4916

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3c8 0x4ec
1⤵
PID:2496

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5944

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:5668
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\KaishGame\KaishGame_Data\il2cpp_data\Resources\mscorlib.dll-resources.dat
  2⤵
  - Opens file in notepad (likely ransom note)
  PID:4092

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:5292
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\KaishGame\KaishGame_Data\il2cpp_data\Metadata\global-metadata.dat
  2⤵
  PID:5944

C:\Users\Admin\Downloads\KaishGame\UnityCrashHandler64.exe
"C:\Users\Admin\Downloads\KaishGame\UnityCrashHandler64.exe"
1⤵
PID:5304

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1152
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\KaishGame\UnityPlayer.dll
  2⤵
  - Opens file in notepad (likely ransom note)
  PID:5964

C:\Users\Admin\Downloads\KaishGame\KaishGame.exe
"C:\Users\Admin\Downloads\KaishGame\KaishGame.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4808
- C:\Users\Admin\Downloads\KaishGame\UnityCrashHandler64.exe
  "C:\Users\Admin\Downloads\KaishGame\UnityCrashHandler64.exe" --attach 4808 2516967165952
  2⤵
  PID:2020
- C:\Users\Admin\AppData\Local\Temp\svchost.exe
  "C:\Users\Admin\AppData\Local\Temp\svchost.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:1932

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
4e558e3e6577fba91e740d43fad2c324

SHA1
bccbc5234da05f1b305d6a87971fc905c0a8fef7

SHA256
3e3a7b0a20e55e375e2f822e031785650cb7c1099ce0d0b946c793c2d3ee7329

SHA512
c0df8481961a8f352856a2638b5f240ef0a6438de4782a11bc7c8929abff38d10eb58dafbf8e8484d98134c7354d205d45ec3b3242edede0e80335ffe479da25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
43KB

MD5
f7335c5e29f6f8bea1a3b7c33d00a3a0

SHA1
2d80a524fc40d232690a4a6fec65c16f88a82131

SHA256
11b1d1823d39609db20873d6fc49fdd63f9fe077098be5478d276c218c5c905c

SHA512
1be419b63da8eea1de0aaead0cf5c0b483ab6b8693ae38ef6650db11e2386f886fc9a1b7648ce282fd65eb877e0531516ba24132e2be458498589ce7f69481dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
32KB

MD5
91b9e87c72464ba65ebdbf6101ec64e0

SHA1
3e37994e040abaf5f9eaf2498f48fce6a438d4a6

SHA256
59570717de39fb79ca3f77d5145615c15402e0b3b23db97f3ff2a02eb50ff8b2

SHA512
28ebc39586a5305199cad3e1cd4347f0d61b93d84d1a605bfb181b0d6cec768b74b62959c654f126e2c131822019e4a6cff1f7d68b072c4a7e3b08bf8b778169

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
39KB

MD5
88c6a8226ad99a44ebf2c489555bf610

SHA1
f88342c287cd310b724cdf14b71d882d7da24578

SHA256
a73bfd572ef6ad4fb6e2f24b9d5fabfc1e66c3279bb62b3d110eec8288a2ac0d

SHA512
a7a2510d415efd70d9c32cef090071400b0f092097b224f4b4857c8cc6c86cb94636e5d54af19bd2b1ff3f29a756a7b78e6a23a106fbf5b2f90bc37fbb7da1b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
20KB

MD5
8c38ec60adaab877745ccc4ec63b4930

SHA1
0ed7fba69c6d0d3d4f172c705f1a0e82622beaa5

SHA256
304325389e5dc3182b1ee1b8a8e6fb171f9b27471ffc8560f6484e47d98cf696

SHA512
5559b8ef29a3134b1ed9d668f67f77afa236db13922a0cf12a71ac4ca6221a87238cb2ab6cd25614df6b197cca843dcfaad82245e23f85ca6415814f37d7129c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
52KB

MD5
a3d5a870be9912b8f51c99f54f6f7709

SHA1
b66b3b7f060d2fc9610665b4e5e887943c15bbd2

SHA256
ec7c70afdc5295ef8fca53244c5d06a6f01d5e92fc29f333ebd2ad71305e6ddc

SHA512
3722fdadf50ec4167e0e34f7b24819707846011f209b458238f38f644bfb18f8d37286327de42f4c55a328791116d24614fe481bb425af80b2fc5ddf3a329d70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
23KB

MD5
7fc77cc58d9cf35b9ba70efced1d79fe

SHA1
726f35608f852290cd3331e0d4a1936f8a7b25fe

SHA256
c6ad19f6bd239205230b65414798695dabb52fc844c012dd71bcb567a751e9c3

SHA512
d94fc99149ee33cbec8666a1049facbe2f52428aaf41e5f97bc4d703c07fa5ce24f475a624346154033a2e49a63963684fa12d2e654469568ce1d1fda447c1c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

Filesize
26KB

MD5
e172e1c71da078158e4bc474497266ad

SHA1
5ac914d44082963b836fdf0ffc2e9866ccffdcd3

SHA256
9126eca77f2c402c2c27642a6950114a51240346c44a91144ac947ac3edaa9c0

SHA512
776e9295cd2249121083ea77a0d422023e04ac7418fdde30c424813b92cef3ba374311a9a5bd105806b6ef54a4eef6851a8338cab77ffd39424f2aef5e5d853f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
21KB

MD5
91ccce68b0902d2f9a730e64f3232470

SHA1
56b0d4d68120cadb66b43df18a38034403f19360

SHA256
cb19b9c36ace8041b33d1c7d48a9f391c395b2dd7ad6372b95390159f610f0f1

SHA512
8d504c92a5efe1963fd4b7b56557462ef53bb2f0beaeb7a21e94f0b3b593255176620f0b3b6f315a69ca9de7bfbdd826e365f8c2dab59d5f2f02d6d77a72f958

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

Filesize
22KB

MD5
0298f97140eb3c8dccf7149023500655

SHA1
823e54f02c2256362066b87f76fe1dcc2fbafeef

SHA256
44266ea02176723e3cc6d70c749251a0db5b56580af05730a6852683da53cfe8

SHA512
87172575a6bcc56d8060fddb4d0eaf18ea2bf814aec0e42ddccca721139724e8aa65f5755bc22de4fbba7a94d624a768307f738778a4f912fc44ac9db931f8a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

Filesize
24KB

MD5
90e8f68d0994d1d849daecd0d6175117

SHA1
487466478b4a9951cbf2ec6db42c6d253b872115

SHA256
71682f9cc9d71e9da9ed17cd2d57cb9464c4fecd4d6488bc3c7e4167af5a96b1

SHA512
a0a340ba842ad97f4376f716fa604b5d54d0519dd6e30b61a11e7ff010b47366c1dd7ff5a7639d2aa255e653e2bf687139c9e5ae77184516c03f0991b7b27936

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

Filesize
120KB

MD5
d673018f159aa782c74f25f422935771

SHA1
3f69fe8577032bc52460c9914a6aa8379cbc90cf

SHA256
deec88a0d4f2823e8deb212fc01ff94eb2a1c39c67693834a22089cb1c789983

SHA512
3a6747e799c2cdf87a1fa587be88b1fbdfa0754f5260c08fca1d6e7cc630824ac34434b401a1ed71318f02c24bc400c80b77b035d327fb71dfec1ae3c7d898fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

Filesize
79KB

MD5
f14cb4b48255e5f686128dddfc492eea

SHA1
36356f5aa136a66d6aef662bf1d088cdb4e56550

SHA256
2d1338c44d1a6dba731267d4b3df8e7921bd9885cc03bae97725a2f845dd4ed0

SHA512
ac111983b91b4e422eebd6d9dde5d164dbabf9d11a3d3c6fc242532f436d9c7bdef0f3a6a0b16c4b40a89d5b5230f4ca1aed0a2ded004e1373328909417a89fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

Filesize
96KB

MD5
4e60de211c961321b7f3e3a685469863

SHA1
d2d0c43bc1ccfb42490a85adbef680fd5a0355ce

SHA256
e40404ffaf7c8b702d01873a2fd55687858f31b72ad01ede8ff0e379e4c15751

SHA512
403e95ab8940cda0f05234c2dc676ed745d8adfa797373f3125e967952f3ba1b8fd1f426ace7785d5e2144cfd9d039d720cbd78bf0eb849b0456e5dba528c999

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
64KB

MD5
8cfd625aaa4e6bb738cdac52b5d78bbf

SHA1
44ed50e2d0658ebc25d33ea52fb10533f49361ee

SHA256
7895063879fa210035c2c772e75d02ce062f5c7f2d79cfcb76ff37395e202dde

SHA512
29ff8e1713da647c52bf8f9ac8a4092b19898f35f4e094cc24a9e80732b2ee0086f485c69f5e6c3bec058ef8de6f686ff10e8b0feb172189675d95b639f9c3ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

Filesize
65KB

MD5
e1539b480b52439c4292e5b54e2111e1

SHA1
ef9c999304b79ca3d2551f01f7ef5ea22a46be8f

SHA256
a2f569d300f1e938170a3fc2c23042bc9b52ffccf2755cf910b28de434c7838c

SHA512
a60fdfb9e6afb2d5220fdb0fdce70a7d5861b6b3014fd8e5d2fef91594888f46ff26323b672155bd603272e41be34acd2ad8df3028a805eb79b01b2e313076bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

Filesize
105KB

MD5
804b05bca4a3665968e99969ad09f17c

SHA1
6300f77ecc7d71b26d98d01cb17de563efc14252

SHA256
6d8b38d38aa73ec7455a9661a9a95075414038e0f5cd1544dabffdba7d956856

SHA512
03b72c50cc43c3d086cdf87d027ad8838199561cafa53db10d5dd8c840042d682c720db6a70e4190dd16c5e37f2517bca68559ff65f792d29bc4817a2dfb3cee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

Filesize
194KB

MD5
bbb782f000023f7aed6ba9cd44032b39

SHA1
6958f8c1a910f71654d75a5798ab34e0abb16f7d

SHA256
679c57dc8a74c6d979dd1ddd6e59c27574f4eef41b42e65166e28696b6d70b0a

SHA512
cd957f90e1ecfafb3a8bbddf95e1f3a911f550aad3deb9b13cf4a5ee1fec6c1f64ca8fa5a1285c5e30940452bb3f0257fd5750a088793bdd7cd68195c2f0d312

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
228KB

MD5
662ce54c5c72bb9bbfb35223123ec18a

SHA1
de072b4952aaca7fa8a60c244ed6a2641bc3d7f1

SHA256
bb2e691cb312fea89e65fbafe04b9c90e0d0ec4ce73773900b98170c0ecc3f14

SHA512
d80b846e1cc3171fe975d55de4116191ec7985e596dc826478a066c54fe98ba4ad2bc97f82577be888258955c3d5f549182a70a3175f6d27abfada80ca2d7233

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

Filesize
42KB

MD5
1d760038d7dec436e1207795589c8a82

SHA1
1cdc4eafac961f9305b810513fbd34f1163b5c5e

SHA256
faa7b05ca8b52a72ad6484a55234f7535aaf43d40f1456beff0eec8bcbb31546

SHA512
1c6faff22c8dc3335743e0d6bdae6a3cca74f9d401f72c7900984444d03c0e0be12501d17466299d930238b91fd0704f7ab88718e0bf14ade9adac58ae6b1775

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

Filesize
28KB

MD5
9bcb62db96678cd67ec18d7b5c737429

SHA1
7a6b95e4de579fb3ad7bbfdc7f26a420d614ba52

SHA256
fa994e510cfddeef1294913b7c400cdc76a14ad06cc6110ad2d88705f400029e

SHA512
09501037f4d1061af175746312449c05be80a1b85f2fbc70713092372c65eea78759f84b3814236342b4df8b480191e0e66e145512e24bd9bdbaeb1bfeb30d71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031

Filesize
50KB

MD5
cdccacc584cdd7be7fa866966ec4e564

SHA1
7901ccfc6dc461e964ca2f9e562c5ae7caec9f66

SHA256
682e5a5e86e9c75dabbc760ae18c7aa8d35c56c6447c60426fcdb323ac04d533

SHA512
098578803833e48936ae5d441311fc8e81f5bcc5b07af5ca97c58faa7b6fbdef865bfab7c3f573a11e92968aa5de83adef3892c8e06d824894e7d85a4fb771e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

Filesize
81KB

MD5
ea4316854705237ad98c56d07416f415

SHA1
e421f187193f36f621cbbc16fd61882a1bd9ee3d

SHA256
8bec3a062ba790d1179d8f5d29d573016b0d94f0c42107596f1e4ca7c0556bd8

SHA512
beb1fb93d0a0c3e963aac341f982a4b2c9aef9e548139e8bea2a9b8cb3285a69bd569a4316a20c13abe7dbd0d38c6b00581924a457a304b31712b62e84605cff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042

Filesize
108KB

MD5
ff5f6eb22cad5bfbac357077bc963f07

SHA1
7926b4fc2d292ec4e007bfbfb08b6a1ca93cbdd3

SHA256
aeb909116881e83f54f709a0cdd20f8e70c9d035b76e1e65ffa6f80d739fc523

SHA512
f10efd05b45ef5baca758c2de80c31853b25268264dfddbb0f513d33cb96c91886be7abcf343fbb347318d7df5d437d538821e4bf0ce8d165c9fa7f15840b1a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044

Filesize
69KB

MD5
48a07ae0cc5700865eecbe5a5466b78b

SHA1
506e9936dffe374a13620771f157bb07623fe48a

SHA256
32052e510662fed0b6f6571af4a4fe05b5eecce07897a557cc992c28da40025d

SHA512
364a44a856a1664c6f8892197b3e64b8561e878d380f7a92882cf86906bb83657642d04cfcb7e35688c386de5986fd126aa199fcec2a22902035096336c839bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000047

Filesize
22KB

MD5
09a3592da235480a393d76421064ec46

SHA1
a7dc1faadda28bdcf810ce487538e9ef4bc53c9c

SHA256
d1a8ae779e1776f35d9f0f2262304d7cbbb47675ac21ec3bded5c3ba26e45e18

SHA512
cecf65e0e0b2214a5948ad6f93894e264de1c498ee14283d691a9ba30afa03429085bf35830ca08c3bfb8a412f6ccbd018c058307de26f8688a34bc0adc34d43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
a2fb5f72a24de4d09f6577f132a488db

SHA1
ee608379bee4c5c8d3c3b13b27964ae6b8ac9c4c

SHA256
f16bc4efc9117c5edc9aa74c62c27e731c3c3e8d29a0b76f430852fbfa7f847e

SHA512
56679a26c2cd8f29882eab0d28fe6ffcadf14e4a8a79aad268b086ca41f1b923db4fa33b5588ada2a8f999578c586953b7bbdd503118ce37de48cba6cdec3ea6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e8520595ddbe86b0c5f36951bfcd4023

SHA1
87caaab383c935ab8291f9ce152db4f1d11034c7

SHA256
2e67b9ee1efc2a5635521973ccdced06856ca0fd51c5755daf6dc4e548202c68

SHA512
1625219608466b1fa58240d4e650e67784271386ee42938dd6ea0a22b4e68c4c074303fb92987d961daf9059cc94a6bb345bb271b1bbb4c6ee81a86a64e3c0bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
35597813c8fa9b8fb8a61ee032e17e71

SHA1
0fe0f2aab808f1b200dcbd397304e0e961ec1f16

SHA256
1070dd7a7cdc27fbc0be198d85bb392cc5350758442131a73d06a3dd44e05fb1

SHA512
f9ec0699f0c011049c9c57b19800d5a0374febf534ac8924c45f2431e35556efab7e776c7b9f2fbfc491e560b77ea6a29eaceda8f9441b2b3f5c42ff4adca264

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
221dee716164d544a3037bc5adc60c96

SHA1
ae8459522895cc6985e6eeb7d002e540b00ce1dd

SHA256
d37a0e9b656fe2a7c333e8e1e99c1c4d3f9400009f9c1ba32e898861e23d66a3

SHA512
a1b2b924de1e08a3216c02be435376dbb9af1dfdf3caaf2837a0ac92ac07708be99ce7a2cd1cda7579db4f343afd469a185463fe2d88317a275633708c35be40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
872c328f4175ee8738b203b9b3bf78eb

SHA1
90eee39e0228c3d6ac0ca11bbb30ccce344c0363

SHA256
ff51736bbcb4ffc91aac56ba6de9fdd43f89399930c0cc040a4f65000577e789

SHA512
b82659170837c6c6d927d4005d8fca912364fafa2e388b338f48a4bb7ae686a6256b19e22158205934bda4c35b4255b05e57c937f107a8f9a6ae1d4f056f6888

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
e9d033249524b9f92146194886fd1ba7

SHA1
c2690d93f2ae429eb1c4d6928708e6f9d1066d87

SHA256
6f4f3706bb1671fab78a5be54b2098f18afac0182b56a60a4a089d978842bb04

SHA512
e3ab8840245277c4a6d6264a4c57735d10f20e05bda7de052cdab51ba3d250b2bdc3ccd2fa1f50954678b7c2a3f571c665436859a3bd4c2e3ee1f4cd77457ef5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1024B

MD5
cb781baf849dd512895a1f1196416b6d

SHA1
64c7228ce6ee62e826d9353d97942745f21cddc4

SHA256
e5e77acdc6c400ca2be65128502b502a07b35911a55f93559922fb7e2a7a47dc

SHA512
01abaeea07154bfff8c8696f9a464c91ea3dd4a959ed0bb3cfaa3ab833b825981b91eee2a374965aae080c8c020e85734803fa1f7630748f0d31319c4ec28ce6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
c465e857da8c1e896c3efef33cd23968

SHA1
3c0e08a8706815a71daded88b7db8620d4b61a8f

SHA256
8c0d67fce11bf9748b9375f0a7292039fa44447de75045f7022d4abc66672597

SHA512
11e043e95fbc1c79297820a30f27e2e4934b41b613738ac385d2ee21e439ff374ee0901016690ac93cc9d8bc7739ac754e96fd71748a54713f5d3cee57dd172c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1024B

MD5
6f686343e3d5b0e719675edfdc9f2284

SHA1
b01d3c411c2d2de03a3b445200549dd79815d87b

SHA256
bd3c83f97c148693b972ba538410295ab15a80dbc49a19fac5f76ca790c4d4d1

SHA512
52ae3784a9d54ee470f42cf27f33167cfcb9d5963ec90bacc2430b13a58abef789dc982054a9219b4709fed50614216d39a8b7f907777fb02b886a8c0494a69c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
5b84f01cd09d94168780fa3b7df27fac

SHA1
18873af6dba7792521de1a3ecbaeb863e143a770

SHA256
4880e43297d89a915488d67c3023baa85cb160c05816799a8fd64ac0a1cef46b

SHA512
4b199e318025cc98f7d5a48e2b03b0069b9dbd274987b0d5f44095e9abc9ee2621bc5bf13407ad57eec194762dc35b64ab19bd3997def827b139e802aa82b8e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
ee13542749587f545754f28cd59ad277

SHA1
aae54e7a77f869826980c049ccb990c1260b6936

SHA256
b13f114886598815ab468ddc52bb40f9cef6f34315e882a2cef3c509bae17802

SHA512
e2034a4b827714ce6d2adc763695cc09f9ad29de6acc6d56f34ca16de0e42e2b375f4878ae0210d34e837aad30abb694522898241f8cb2645853e1411279a580

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
1a98ee668b1c2fb0f5b5740cab01c425

SHA1
cf6495757bbb3206a338565c200d4ecaaf91d103

SHA256
e910c915532d95959e12e94c70c0c369989a8d08ac9eaa79759c29bdeea1c822

SHA512
44080fd097cbf9040c6453d8c52d106be17a060bee54466e829980fa9d4bd067821ec56eb3e8f6b64450489f1b1ef577f46206189b6c5918edc0126e71572ff5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
24178ea4bb7cb98dced17c4e08de29ad

SHA1
d412e1a3a3382cd397b9efe7271ccd2159e88aeb

SHA256
eba61d3069ea0173e96f9fcd50f600bceb50196b06d74561c0eb570496f6e933

SHA512
e9e0b30f2883142a3f6e4dcf38dad300d298f5f24dcd7acae7f2f63905561733949b3f1ce6abd8142ac7b98a548980da170800908e8744af9b24b4e381491b8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a73465a48725861bfc5b2f5c006c4be6

SHA1
61f11d4f958b2180fd6a55d670b11af393a18fff

SHA256
b6a78fc5edb57ce5a8fdb3c620a4950263f1996b1adebc55271793858b05e152

SHA512
2e6590b4e8206fea0717a0876ce67fb6464a8f3a09b260615fb3620e5637f9aa98e8347d055b001c61a1f409cfd95b500dbddd2dc67ce2db16757b1fc03d7596

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b97e71a757d2b749207afff843e51cde

SHA1
4e54d84ad38c94be7b9b3eb1316e9b1669986c74

SHA256
18e7307bdff00a3a4d9669b708aa045536f51130d8889c1985c0c9a377f4be8c

SHA512
9c9689d7afdbf60b1f0e6924f3f8f6a7cf3ee284088378cee5627ff9fcf8e5c39f38b52456ad5392bb4115dc283410f3ecd1bbed5c98cad272a72301d1ffb55e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9f6cf5740806925ff41ee3f950c443d1

SHA1
e27c65621425bc056f0001ebdf4e42b3997caa8d

SHA256
4d456fdeee451d59dc24e91118736dbf8fe557cf2b8b2332c5d055bacc974f42

SHA512
c0413db51dde21e9975e0598618ffefa19e9a1d9b98dc0953b73a05b86e1a32fed377691f4c0810b47e18eb5dc99acf93b7b7686f74c7a25e1dd7da5b64aa9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3fb0a20fa333ef28161dd816f4b264f7

SHA1
c3da832371761ab4739e4a4b5e27e93bf6a19ea5

SHA256
475c1ff614404d5ac1dc2e7649378b3ebb76e536d8bbe0fdfa01102afc2fd6aa

SHA512
ca77bb256f9dcc9e0a12cfc4c2ec76cf947e50faac136f79110ef56254813b0ad829d538fa721efd108c6acb9eb30a3b78a00b022cdaedc5f91a159658e25d47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
84644156c54221565b0b950f66cd8734

SHA1
631a5518b42723646210bc7fb60f86f5df963bb6

SHA256
4be2b6a01ae4b1b45bc0438b2863c37856badee393c825ddc7d3739646064922

SHA512
855867362a24babe17632ddfcad2bc6aaf28cf32c895714c7267c5a68238f3f3f0d3c416df02fd44e3c741a8f8e300bf36f06eaa8dd972ae7f8564577a6b8c58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c97c2139425772176cd4606299d6eb81

SHA1
f7ed9032551172b853eb417cd4abf77bb77acef9

SHA256
dd9501ea54f17f9feee92aaeb4f6e935fa8c8a5200466f21f348c5dcc188bb1a

SHA512
bbce4e9ab65320a74735881a1df1aca450c2d02d25a2c782561700f081427d23c8435175b1048048920c02f8875630b8a97fff6627e1181519828da60c81164a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3a5d8ffefa671c762774d73e251f4353

SHA1
3960bb4721f75a90ac2b3bb578ec020ef9c74518

SHA256
0ae18a34d3fc151205a613518f946dcd4dd121e7000330ccb7dd675308c0b969

SHA512
cc39cca77c0469a7efc55cbf64b27bf3a0e76ae55c8a4e5957ad6eb045f14d4d837147955abc7ef6258e70d9feb232f6ef95b8a229ad2fb93f2e6ac3ec8be1c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
266fe7f5dae3c3cab871ee840f2b9837

SHA1
e6e7fc5f5814b4c0b2da9e8e70064005c4fdfb04

SHA256
d902739adfcc5059df0319dcb323d8db2127de0743b03c0425a7745c701c4411

SHA512
2727de909b8307be1fbb2009a4770db1a327b5e0f15e8a9344521f49059a02d33df00ffcd6226bcb0cff529da17cdaab532facd458d62a88f6592140f35ab109

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c9789a7cd9c479ded20ae16791da2e4c

SHA1
5a2b934089d1af1b4c7d4c23a3910a09807dd92f

SHA256
06efe262da8ad2c952eca876e50c9db2342de3cc1ebd2a6b2fa6328c30c05cd4

SHA512
a92fac13c1a2456429102ffa5232f829f3b382eef787da1add2b25eeb7f53f25c05ea7fb00c039ca1b107c04100b3d7cee1e1b0d25486b0ce84c7433a60dc24a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
202e85948bf2371f159dc8c33d28be62

SHA1
0a961f7cde1b22612d32ff52815ce64740afbc4b

SHA256
89ded840c846280fb09f298e1bf22c971efa54cbad863add015d7dd49cad7f6a

SHA512
9a5f191975bd82fd3f197947bece52798845b9ad47441a328d6a15e069f60024fb93f2a66a09d1b0322261bd5a14c9ed2594d4fa64c0f6ac36290a85255b7501

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a893bd4a8774987358a7fc8a8e3f2fc4

SHA1
35f06a600d8e037a71963bb66787e795c8894311

SHA256
8fd02491d5dcd9e392cd9527c45025574e3866a158d768cdbc86259339422f2b

SHA512
fd5d5bcb73f800f8db966dec7c8adc2565dcdd9b1c04b039a13d0b174870a9ae15ac64db8f00a6789ae8e816c4bb8a78fefc61e7c211cf8d8121646aaaefbbc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
38812fafc828c682ff88d4708bc84923

SHA1
19aa136adaf15bbe39d076d6e543d2cc254109c6

SHA256
9fa770bdb48ab577b0341f096cc3809e715c14f2b5d9477a04f7a923542e4b96

SHA512
b74c9ffdb3f0bbfffd364d19f1f11c6c1f3a4cf784cb4c56e7159c59ea80a0a706b0b7daf12e17766d1642d053a1b23702ca2f2e1e576a1ba5372e3687727a17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
657c0e0d1e6b2652080ca648cbd62970

SHA1
a72bbc986538a6fa2270d427b11a8a4f7cdfac95

SHA256
b86392efd72591eb6119aa60c19ff9d0d2e336c72e44ebdfb772d2b56237658e

SHA512
c3ee05681bbf45b59acc5b0fabf992bcac3b5da0dd1ea5ac27f85562010179d7ad2b2672e37ba854bce901205a3ab1d481ffea4abbddca0e6208b722e3f2829a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
35408f0434fbb378f0c04f1a32116a83

SHA1
045b4f563f93bac33598a6f78eea86cc613ba969

SHA256
09a93246f596170d6d22bee21d742ca031869b0211b863358051518b5bb53520

SHA512
eb4b69b78b76d53d84b3ae553ec1251fd6e1b8060b5d333787fa7e72057046c2f68e7a19452dc0c8adaecde7c2be88a0f5fa9ddfd24d3d6243a47b23c6a4a466

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\LOG.old

Filesize
370B

MD5
922780f257b0dc3e9b50af956393006f

SHA1
038b288e2eaaa865bec12775fb06319e94493231

SHA256
28f43c7e087fb6154fa3ec9789486592160a3d74f4a89d81766195880a3bc3ab

SHA512
38aa0f379066094eb6ff7a486a36575d1985ae782e1552500ee7018782bab2680c1fa609abcf598fdec1621e14bd9c0c2f651be8213c35c4c660a1cbc0d229f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\LOG.old~RFe5af946.TMP

Filesize
329B

MD5
ccfd1950e488f506323615a3e0b90c35

SHA1
e1b222e850d1b3ebab2eb2cb28baa400a4b48057

SHA256
4a7cd851ce59f39096a86041530d4cd6aff2975fb5ed16579c18e0fe62027199

SHA512
c931bf2ecb4755f6d8811b3eb21051f4d94d84d6d328a8ee2e8e0c07abee757a7ab5e6e36f3cb06d00e9c0335522a2d6716e2bc6687ed5c303e32ca35aa8b891

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
cc93de0711872742f89da3627e4d888e

SHA1
86b1e865c5f4426ab456759c18b041f1dc8436fc

SHA256
678925b713b2ff690e093b048a22a56bdf842a25c611b105c2a9dee4d7d01387

SHA512
8c1c6bf84c2f2ad2b8363cf80708854257e65e75e4b4771840f31a3395908438c467257347fff4c160210f263b973e49a5002d7dc3f40e9e973dc5e66cb5e3d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
b90f2d7e2cccbb47d2da34b115463be6

SHA1
d4be97a5cc516862a2c811509f4a7ef6c3fa345a

SHA256
4d30b9395870e50edc008af0fa4166043196bdea5c952060829be1fc2b006bf0

SHA512
72f2cf1505500b4de3ad8160b2d92d868d2cf5faba293a1aba416beaa036c15fcf235678e4498b8bfab97403d8612e1ef4f0758bbc154c647e2ab4b662af9f74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
36af558ff4025420919aa84b0440b9f9

SHA1
3ae1e18ac69d38131e3b70f5b12198fa4e11b0d5

SHA256
ac95126810db6f54ab878207000141b57fdfe44044af6b73d0ddea481ed7addb

SHA512
8d6d04ddc951bdd6311752a9fac90f55e6f180aa464f74632977b0920fb1ccabe8f5de4773836a68f0adc0a114158fec3f9166060c1b4c0a6dbb00bcc2bed62f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsj14CE.tmp\System.dll

Filesize
12KB

MD5
0d7ad4f45dc6f5aa87f606d0331c6901

SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457

SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsj14CE.tmp\nsis7z.dll

Filesize
424KB

MD5
80e44ce4895304c6a3a831310fbf8cd0

SHA1
36bd49ae21c460be5753a904b4501f1abca53508

SHA256
b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

SHA512
c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

Download Submit
C:\Users\Admin\Downloads\KaishGame.zip

Filesize
25.8MB

MD5
726e92ed24fa6797d42ebea179f9f416

SHA1
739976276de6541d4d9c8540d6934db6e29fe0f9

SHA256
add6613d95aa5d30d39b993fac7a333d35d58f4ec9a9f23cca126553a037a283

SHA512
3abd8430ad849c8c83cf185e597d82d681a254508bb8ddcdcff62acf4f43f06003f52e102a88250eb84eb6974bec9be820aabb92494e867e66ecec39be95d51d

Download Submit