Resubmissions

12-10-2024 03:26

241012-dzpm2sverl 10

12-10-2024 03:25

241012-dyxx2avenj 10

Analysis

  • max time kernel
    247s
  • max time network
    249s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    12-10-2024 03:26

Errors

Reason
Machine shutdown

General

  • Target

    2024-10-12_32e07a3341526d4cff050aea5eba9a78_wannacry.exe

  • Size

    2.2MB

  • MD5

    32e07a3341526d4cff050aea5eba9a78

  • SHA1

    2ddd07ebc652ac25ec3a86396472755d27e1429c

  • SHA256

    1cc42b475bc72755b6b556ff46ddbcae7defa597c53f7b3b20949331e3788438

  • SHA512

    711ca956e464a2f2a6e0130506d9f82585b4d1aa9e07cf62a07cecf231bd0a28eee9bb44f9177b0c823093575d4274024bae7e84a4e08384e31eb391272433c8

  • SSDEEP

    49152:QnnMSPbc41INRx+TSqTdX1HkQo6SAARdhnvn:QnPo41aRxcSUDk36SAEdhvn

Malware Config

Signatures

  • Wannacry

    WannaCry is a ransomware cryptoworm.

  • Contacts a large (5727) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Executes dropped EXE 1 IoCs
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Drops file in System32 directory 4 IoCs
  • Drops file in Windows directory 2 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 32 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-10-12_32e07a3341526d4cff050aea5eba9a78_wannacry.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-10-12_32e07a3341526d4cff050aea5eba9a78_wannacry.exe"
    1⤵
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:4916
    • C:\WINDOWS\tasksche.exe
      C:\WINDOWS\tasksche.exe /i
      2⤵
      • Executes dropped EXE
      PID:1396
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1396 -s 8
        3⤵
        • Program crash
        PID:244
  • C:\Users\Admin\AppData\Local\Temp\2024-10-12_32e07a3341526d4cff050aea5eba9a78_wannacry.exe
    C:\Users\Admin\AppData\Local\Temp\2024-10-12_32e07a3341526d4cff050aea5eba9a78_wannacry.exe -m security
    1⤵
    • Drops file in System32 directory
    • System Location Discovery: System Language Discovery
    • Modifies data under HKEY_USERS
    PID:4444
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 1396 -ip 1396
    1⤵
      PID:3200
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Drops file in Windows directory
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:5036
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdf771cc40,0x7ffdf771cc4c,0x7ffdf771cc58
        2⤵
          PID:4248
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1828,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1824 /prefetch:2
          2⤵
            PID:1252
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2124,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2128 /prefetch:3
            2⤵
              PID:1296
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2192,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2208 /prefetch:8
              2⤵
                PID:1548
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3268 /prefetch:1
                2⤵
                  PID:3840
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3316 /prefetch:1
                  2⤵
                    PID:2624
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4484,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4472 /prefetch:1
                    2⤵
                      PID:3604
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4660,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4628 /prefetch:8
                      2⤵
                        PID:1104
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4688,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4524 /prefetch:8
                        2⤵
                          PID:4292
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4656,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4680 /prefetch:8
                          2⤵
                            PID:580
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4784,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4680 /prefetch:8
                            2⤵
                              PID:4540
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4508,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4652 /prefetch:1
                              2⤵
                                PID:1588
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4692,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4988 /prefetch:1
                                2⤵
                                  PID:696
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4904,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3476 /prefetch:1
                                  2⤵
                                    PID:4548
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5124,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5140 /prefetch:8
                                    2⤵
                                      PID:3372
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5152,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5280 /prefetch:8
                                      2⤵
                                        PID:3628
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3456,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5400 /prefetch:8
                                        2⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:3852
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5264,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4824 /prefetch:1
                                        2⤵
                                          PID:3704
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4788,i,1825331085249214655,1746982349390545759,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3832 /prefetch:1
                                          2⤵
                                            PID:2248
                                        • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                          "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                          1⤵
                                            PID:4780
                                          • C:\Windows\system32\svchost.exe
                                            C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                            1⤵
                                              PID:2248
                                            • C:\Windows\system32\LogonUI.exe
                                              "LogonUI.exe" /flags:0x4 /state0:0xa3a1d055 /state1:0x41c64e6d
                                              1⤵
                                              • Modifies data under HKEY_USERS
                                              • Suspicious use of SetWindowsHookEx
                                              PID:2236

                                            Network

                                            MITRE ATT&CK Enterprise v15

                                            Replay Monitor

                                            Loading Replay Monitor...

                                            Downloads

                                            • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                                              Filesize

                                              64KB

                                              MD5

                                              b5ad5caaaee00cb8cf445427975ae66c

                                              SHA1

                                              dcde6527290a326e048f9c3a85280d3fa71e1e22

                                              SHA256

                                              b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

                                              SHA512

                                              92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

                                            • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                                              Filesize

                                              4B

                                              MD5

                                              f49655f856acb8884cc0ace29216f511

                                              SHA1

                                              cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

                                              SHA256

                                              7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

                                              SHA512

                                              599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

                                            • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                                              Filesize

                                              1008B

                                              MD5

                                              d222b77a61527f2c177b0869e7babc24

                                              SHA1

                                              3f23acb984307a4aeba41ebbb70439c97ad1f268

                                              SHA256

                                              80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

                                              SHA512

                                              d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\58f769b8-02e7-4d96-a08d-f5ff271c0e6b.tmp

                                              Filesize

                                              8KB

                                              MD5

                                              b1a2876bb9cb0ec4e30f7a6995f74899

                                              SHA1

                                              3eaf39adce444cf2a0d73555fd520ab2b72ec4fe

                                              SHA256

                                              3fab267563da51b37050fd0dd71bcbc5d3d142d9c5d0d7df5fc8bbdf9b1aacab

                                              SHA512

                                              25baa4e7eb0f3e7d4e4f0e0c0838e242e698fa7ee3cb2978c0baf61eb485fe173cd8d0e50a99f8190af7c843ce2d5a6bac79a86b3402076df9dffed2642004f6

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

                                              Filesize

                                              72KB

                                              MD5

                                              2f6f1f80c4ed1fd57f214bf40a885a57

                                              SHA1

                                              0287e82d5044c01ea99f69ab02673fe8262bb9b4

                                              SHA256

                                              422596b36956a2800b4dbdc3c81acc6e960c73bbc373653a471d713ff7098d68

                                              SHA512

                                              06fc97aa33a16b411d601f61b308c5e34f984eeb10acb752dc909b591feac285c4ab313571c70e70d2a81441bac1fde4272fd4536fc2f13ffd683d8efcc90129

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

                                              Filesize

                                              421KB

                                              MD5

                                              655c63e0a348d498e1271407ac8ec9d6

                                              SHA1

                                              911f8b5c141cc4951332a8568172ff2dd4e9a496

                                              SHA256

                                              675ef871199243d0641fb6ad389b7b9263c3e6cd62599231c6401a9fb42a20a8

                                              SHA512

                                              fda4e472f369c29617c12f4b719e14fc88a2f07451707a4608a9b277ef7207bd6e733447009dbf0e1f988d11d8c640e1c14beec07448ea9c2b43bfc384cf8ebf

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

                                              Filesize

                                              18KB

                                              MD5

                                              b010b96dfbb4edfd3892ccbfbb96d036

                                              SHA1

                                              0e3358d473a0080855b945497fcbbb122b7b114e

                                              SHA256

                                              0613667f3e3da1e2decf1d1adde4aea6f1b25f967e5d0f9a66cb4cc1332f8350

                                              SHA512

                                              335315ead713f203f2432bcf11497aa7f356b6e7e055797a696ad86229cdf1bd0f11d11c2af838605afba204a1b96414b2f0bbb8dc8180603b053c3cc57d490a

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                              Filesize

                                              2KB

                                              MD5

                                              d8ecba1b2dcd23a08319c140d5effc38

                                              SHA1

                                              b5152d25578685fd6089b77857399b1d01913642

                                              SHA256

                                              a702bf98801c91ca8303975caa6e9a241823e494aec189faeacd0f7af33e7c2f

                                              SHA512

                                              59f24b4e1598e0f9142d2d3e18e905de366871f7de3a3f8204847a735eb2d2f4db92335eb81af75d54505a2d7a99f5f27849060d2a844642d8e11af1b169f17f

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                              Filesize

                                              576B

                                              MD5

                                              fdcce177901fb3e2ab63dcbf52bda46c

                                              SHA1

                                              f5fc0e75dd20d292847c11241ddf2282eb48312f

                                              SHA256

                                              e57198129e1470f35559daf2a673fe30ad6cc95de9c2e6051cd82d6f5ada8b38

                                              SHA512

                                              ce04f78fc6a78c48b30401e6f4a834fd6f2fdffc4ba684c0ce22c9088e1756da19a13c8e1488977088933ee97cd8ddfe62a9a27ccaa9152761607b35d1919e77

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                              Filesize

                                              648B

                                              MD5

                                              92a0c34c7b2e2f5a2b811d0833ffd9c7

                                              SHA1

                                              24ffef4cb9b25a1a5edc4b3ce51d2cf15254e66c

                                              SHA256

                                              7bec244f87c168c0a73fef090a47cecf0946165d815a365a863d0b1c73177b6b

                                              SHA512

                                              3be178e52d7065ae729d9aca7ac2788376a91c28455a24f86a8a3614bf4e397e09b7fee44beb47efecea216b79cd7ef0552098218dd4791014e2266d158a59e9

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                              Filesize

                                              4KB

                                              MD5

                                              b528cd502d36021f7e969a81d30516b3

                                              SHA1

                                              64d2b97fd6b6f0dc9b8eb40e16630b21ac4d6b3a

                                              SHA256

                                              6b523e483b8825aa4a4809b045f6b1e371a6047234e16a906f486f1928fbe667

                                              SHA512

                                              14a8c0e842e5fbdd0b6e92fa7051fa274273fbac01b062b72c159241c0f6b60ad0b88f70f9e33bc4a23a60e2f1b2f27224185414039ba3087fa4fadd8b9983a6

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                              Filesize

                                              5KB

                                              MD5

                                              468cf98116e748ca177da486bdeeb418

                                              SHA1

                                              061633e88e28b9098c6e749d5ace830d575f539f

                                              SHA256

                                              1c59926b3fa7a5ca79fcc8586fd6a155d22eda568760887f0d5af712d509f3ef

                                              SHA512

                                              06ca0d91f13527cabb7282aecc36cf9c24b7eb4225d82a1b637d51a3dd150a54934ccf5bbdabf0a7607b222002db3528c670f0153836e8801f7995fcd3570405

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                              Filesize

                                              6KB

                                              MD5

                                              e45cb9ecb5bd9a22658136c91e3b57c7

                                              SHA1

                                              745f3dfb04200bd4110906850d7f9ae07e17c060

                                              SHA256

                                              11fede47c2a6a4ad1f6ad77d51cd5831e0ecc1b3611a1fe0d7fad61dea9b4f35

                                              SHA512

                                              17c7f02785b243c3c769fc64ce6cff353dfcef179469f96789e8942cc90d750f975efc1d555db6d434f9acf751f5cbe631a3295cbe56f8a9ea6797af4199fe9d

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                              Filesize

                                              2B

                                              MD5

                                              d751713988987e9331980363e24189ce

                                              SHA1

                                              97d170e1550eee4afc0af065b78cda302a97674c

                                              SHA256

                                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                              SHA512

                                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                              Filesize

                                              356B

                                              MD5

                                              99ad9023cc187fd13b3ea1f923b33adf

                                              SHA1

                                              5e7e49deafa33011f4b65810f3915bbc3f3464b3

                                              SHA256

                                              aa0966913915319d200ce3ce885127525e6af2d6c88fa97c6aa27ff9fbad419a

                                              SHA512

                                              48219df1ef2129fd1c148fffac4de9947b9bf0caa4b53f3b2c1ba65e852300fa34db4a1b6dda2acf4e1e0da08a41e952fa46a7b50947a5b5603f5ebb79dde39c

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                              Filesize

                                              356B

                                              MD5

                                              3f735a87449f025f44eed544634d764c

                                              SHA1

                                              94a005b787144c155e94cfddd8b31556a60c31b1

                                              SHA256

                                              36e1f71f140d219aa51f9a792e557d7d9e8b9f01b7f6d7220cc34c8b8b5e7fff

                                              SHA512

                                              6269361a969cd4ed6e7c0704157394c72bf977319ef5cecff274190bc8db80360df5c21bf9f17e23d52832128ab01ede322b3003533299de1e108be19ad68b81

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                              Filesize

                                              356B

                                              MD5

                                              83cea54bf7967d1d41d74e1875e52670

                                              SHA1

                                              c38a999817131776b697ef600788a06ea7a59cd9

                                              SHA256

                                              b681920345f23d855fc2bd7781388d4f1263a601b5d05ec55d0bfafe71799441

                                              SHA512

                                              8bebaec96c575ad357012eb9b316ec7b4a70320ba818dfb0fbc0a4896a0b6c0364f100bd3e6d1993ebb11769fe53ca5bec8a847e011f2900bd8c5dc70696ed6c

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                              Filesize

                                              352B

                                              MD5

                                              80c652328933503ce6a622d702f28dc3

                                              SHA1

                                              d9599965ecf305f88843683119a2bf2a61a610a2

                                              SHA256

                                              ad835c0e9d16399a2d2e9ba8c6ec175398cffbd89dfc1e9cd720bd3853a3fef1

                                              SHA512

                                              0b6724c9a86ad669870196b06bd6e0423209d603583f7dd6df2337845192774c80abfc5633e8d631c1146cc57fe6c25efa5813b8950ec2526c01a78ddc1ed75e

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                              Filesize

                                              352B

                                              MD5

                                              b5f82fdbccc8d7e33b98900836d85d1a

                                              SHA1

                                              fd14225bf64ff04a5b62b321a30a20602c2570fc

                                              SHA256

                                              c7493b88ce23bee246d9dec97489418219247f6e344d25a5fc8ccb846cdc1df3

                                              SHA512

                                              8fc653ac7cdfde4d1134aaa6a89cd5d72c544250fac10627d41e137480fc303d596578a1c4c746e0af87f1a73acaf7ceaea6fbc210f5787a1742730363208e9d

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                              Filesize

                                              356B

                                              MD5

                                              7a77fe9d9d9fcc1403cb19a8a95bd240

                                              SHA1

                                              89b7ee92336479353a306bdd5539233b387575d6

                                              SHA256

                                              aca7d13b62439604c1c83695df552b823ea4a4f2400f1e1af8b0edf2078fa4cf

                                              SHA512

                                              621fd6e35e1b4663bb78a53e00644930317d542c987fe5ee02d9bf16de45249c7264b3b9fc1c335c5f6467a4e44a360bcbbd0ea357060a0d3d755ec433b51c7e

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                              Filesize

                                              1006B

                                              MD5

                                              280117993428b0bdf7f1f08f5bbdfe97

                                              SHA1

                                              52f6d61d934df2e0b5121763a9dab5f54421d018

                                              SHA256

                                              65f3be19087001c29c32bf7c5d35c8b240eb92695084e77e59de998ed67a8180

                                              SHA512

                                              2bd3b6754ef428b235d5b890bac82be09c0ded9958ae9e35b9761b66a0c8d306192b13a14f228b9854e251727c4ba32b4280aca28cddce7fda4409f055079850

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                              Filesize

                                              1014B

                                              MD5

                                              7740294fd1b75cb63fe450c0d90555dc

                                              SHA1

                                              e64b36b99bb438328bd783113b66b98b448a59d3

                                              SHA256

                                              466da2c47393191daca6ef6c6a52c0f4508f5cac8796e3963fe676cfbc180e27

                                              SHA512

                                              ed10fd4cb4c59913093401e17aa17b614df51e1d509140924d999a317aad6e1ee583ae59ab537b3a7a3b060fa9f0f7b2b01aaaa2c075b62e884aab3297fda072

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              50124e58cab570f636d4f789f730c693

                                              SHA1

                                              665d9c00b8ceb8d91d70809b3656388954ade8db

                                              SHA256

                                              90d94f04d568d89fab7e5339546fe0d28d7693881359000d7cf697fc862a4b02

                                              SHA512

                                              93a7e2734e6c707783c5ad3ec4c1f04c0a9c4625f6fcb7ee3a62d31cae11be19e5f452daf179bf69cebf06a525ea25cab23f75035115604babfab69e9fba448b

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              0d36fcd830f84cc79a28bb0886cdcfc0

                                              SHA1

                                              e010c37e943b9d5fb1a9fa46e0d66defd7cd6da5

                                              SHA256

                                              ee9fade70bcd79fa28a0db2c16543eb5324aaf68e523e265d45abfbfdb3a40ad

                                              SHA512

                                              793e0d1a38ac1f7ab1a0aa3e1c74b8b967789532ffd4f9e7f4ed3a345ab7765945cda226536753a8406adcd969b4ec1329bdde38fe431953bc72840db64e2a0c

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              10KB

                                              MD5

                                              94178cf4caf3a83c01b6fff123ce84bc

                                              SHA1

                                              82ed05eb9651e955850f7c6a600527937072173d

                                              SHA256

                                              1c9f0664867338d64b9ddaade988ee5afaa273cbdc830f6453ee8aa1a33e5df0

                                              SHA512

                                              1918258cffdbf7c99a2be92f08a8486ea251ea4e72c82c18a6f204eb482343bbb3bfd1457a2a2d31d4fa0d068c3abc4b2d0ed64decc05a1914128975d6aa213f

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              ecf6f2bb8c11f09ed113dd1c4d443840

                                              SHA1

                                              7f02444b141a1dd523f3db22c4df5cc0a54befc6

                                              SHA256

                                              535dc4250f3d07917a2e4541568703980405d04e754c755a69687457f61038fd

                                              SHA512

                                              c2e32a0820bd9a55f07316de7859bff360b71076973a5058465c7de4d11cabac67f078161adedfe253135aeba9b477b18ee95a949933bf2f6ac8f2f4c6f819af

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              c5e89e6fc7a66abdb2a42269087a3675

                                              SHA1

                                              b9da7647ed7a5cbacb0878904ed9d01c57ae1317

                                              SHA256

                                              f333bdc38ba9168ef63ec69e1f6efb314711324dc98d34603c6474a1ce2109f0

                                              SHA512

                                              6ec8ec3a9cb9be091bc36777cc015fd5b588b489c8fd406a41915eb73a3facf0c64e9a2d334ae382c8b77dcab2d4e7b51d552dffb391a211ecf04880ae8ad031

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              10KB

                                              MD5

                                              606c4e14416dbfdca256ab227ea5be3f

                                              SHA1

                                              65b66f323660d845cfd69710ce0c52d1afc49bfa

                                              SHA256

                                              f8c08e54b004de3f0e65227b3117f33f0ed0d7cffb8344fbda026fdbbe3ed281

                                              SHA512

                                              424ac685f0fc3c54f82f5b30c82a480bc6f3c35fd6895531df1140175b48a713b163f7d07edd9674ec529f0e15fe2898c059dc87c2b7b631a021128c1f4cf256

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              ef6a704bfb2ce390da2162ef7a540cbb

                                              SHA1

                                              3cf2649ffc3fd540d60548560c15bcaac68b2e3e

                                              SHA256

                                              ac5e4eabf020e68132c2ddc2e2146ce44c2d2022aa6ba10e214c063bafb3c12d

                                              SHA512

                                              b542a63463e7a716302c2c8a3840a88040e32506c088e34e3c39b9c8f4a1a64eda8b498518ed53de005f8bc6cd9b98c577403ba687407e4639554ab61b2ff4bf

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              38c6e51722c460790c2db0b729aebc6a

                                              SHA1

                                              192e06ee13c7489cf27f8fd0df7f19778f5ea112

                                              SHA256

                                              072cdc25424b18ad12bcabdee2e41d4b5dc00c2f7c79ae741b9ff95a0ede0714

                                              SHA512

                                              177dcee6f1de717d077e12296b08e1c74a6d40757838f5f2821921d3fe259157286093d0fbe9ae70c8dbd181842b5be6aa8e2a5c5e3363662435fe45419f4b2f

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              34b9ecbb9a08634059cc8a28aa8ad501

                                              SHA1

                                              0cc04cfebb4fee35f55579fe8a55cfa68ffabc64

                                              SHA256

                                              979c627c8a6a985de8e4098418968cc9077fa593ac2d2e40a534a016025fb752

                                              SHA512

                                              37f2f7536799bfe5538f720ca3d8581d3bf063ad0fdfe57b68d236193c0e8f72a27ef46399e15ac29c3840501b1c3b0c49058692598f44b9b457311c8d5fdcc3

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              fa829c0d727af601c169f96dc5aee314

                                              SHA1

                                              b74e3b9a76fa758597b31441b1bd5c30d5f492f7

                                              SHA256

                                              7af6dfef08600078de4ad9801cd189712783b54276f73fd64eca81184d2d2c49

                                              SHA512

                                              5d7184256953911d5959e339d5bc037eb02c53e58e7223c8bef2a46166a17a3777045daffc19a7ef73133c5d278e98fad1c60871113dbe338fccac9408a95f41

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              6ddd96309338747b484b280b4620a988

                                              SHA1

                                              5c29a8ccf05d95d6d9e6a51e5e9a495f82612f8a

                                              SHA256

                                              0d31eb1ec1f6f72eceff0159e67647b6ee9b233f190dd7637242a7c44b1085cc

                                              SHA512

                                              40383b9993675200af9115201cb5a853d4cb581be7adfd8d5fbe8043613a57f24056e399366586883407de1653ab13bbb9ca027ae8eb6ddf27ccaf76d182ea85

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              ce39b064a57b8518c0058ccee972bd0e

                                              SHA1

                                              19c081880e4d90f62694b74f8f3b7dfc58d58397

                                              SHA256

                                              9c5576cdcbdac54fea900634d3834ff934330b6f9e15cf1755a421901f0278c6

                                              SHA512

                                              32e0ced2a34c1305e0ea77be682bade3b20f16bd73597bc38c685ffecc24f0df063b674ba6928650d2d06af7c45e3b1626a6805d10c1808794c247b0e40577b3

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              10KB

                                              MD5

                                              0061f35a12da0b931d250823a935b5c2

                                              SHA1

                                              2cab3eee808a5d63c8c95edf1c6360821400e285

                                              SHA256

                                              6cbd35473a1d429051b8671e65d6ead33065e191e94fc4e17b27b8c98fd174a4

                                              SHA512

                                              ca66b5a184165bb68d83e038ab5a1f52a4f52102fa94a973c890ff68d3fa8f1ceeaf96cecd18e9c52257eb56d530349be95d0769417f523ab207b96d9ecbc7c0

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              10KB

                                              MD5

                                              82e88ee5fe675c6843e0135f8a137ef9

                                              SHA1

                                              bdefb504c5bb2768b5d757267fab503f6f76f8d5

                                              SHA256

                                              8ed85a0a09dc58c0ea22cfa2dcc95776ccf2d6c3ce6bac41c9bcc6cb7005c253

                                              SHA512

                                              eba2032c295e45be3e7cb59b4c13adc41c5783efab98791741fb5aa5ab5abc3419c115a40ef8aa6bd1139a56ecfabbce53a8a83edc70c2eedaf2dacf08777a6b

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              9e9bce2008b214a5ef14c73d616bb007

                                              SHA1

                                              8fa017ebfd7a5a31e4d8d783d4b6e73fad51a945

                                              SHA256

                                              e0e4b506e9aefc8fec4a314e7efaa5ac4dad3dd3ecb46b93c1e035b2f0d7aed3

                                              SHA512

                                              66647dbffc2e7b399249a2a038439dfd8c20931e0694cc78c1bcd3cc5139090030db1aea808142ffcffe71d4e2063644931a3740fd35a96c8c5f41835b872b3c

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              9KB

                                              MD5

                                              19b17a348b41ff5a460bb8168717ff21

                                              SHA1

                                              5b96b0c504d3e555c3ad3aadd7f94d03725ccdf2

                                              SHA256

                                              e9c9889e7434b149ec511adf2c8a97a1b20d069ee78cec1cf2d993bb384921ff

                                              SHA512

                                              9767423ba4c09d0d0e9e39e36d0813b8bd4d77141c66734cb70a11dcdc19b0679739f0ed514aa2a4215c7b90897ccc50ccdf59afe4c8efca568f381a9365fb5a

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                              Filesize

                                              15KB

                                              MD5

                                              328bbea5b13d6a8cb3d4a463f1f4eed6

                                              SHA1

                                              8852e01187c5a1ee68a7c14be0f05d4e7f8653b9

                                              SHA256

                                              214c3d33653229169f164213be0fa8f487c58857eecb89316ed8ac1fd0f93ed6

                                              SHA512

                                              908b008cb238f566c77afa916da1ea9f791448cb74151a64c887d6b31dce7003b822eb2be79224ff85682b915534302535a05adff14fa4c4fa2b9be87bfa39ae

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                              Filesize

                                              228KB

                                              MD5

                                              92d83984ce2f032da9c45422623b117c

                                              SHA1

                                              74dafa6fcfd7247a22a96a749e0a11be899893cf

                                              SHA256

                                              d31dfaec0f99eb438026a27aa93cf33b65af81421a4c4dafe05062906e745063

                                              SHA512

                                              9661f47a80a3dc56e91557d7df5b328bda89b3562df36c4dba483f3f3441791b538dc8392b6f7340868b3f03aa68dcd14e4aba554b1182f973676b1b3c3355c1

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                              Filesize

                                              228KB

                                              MD5

                                              8551bafb3e62db68e0f68d1c42d78a7d

                                              SHA1

                                              7f68c8464f2fbaeede7728c852b0664aca7f0d90

                                              SHA256

                                              826b50277de2b5573872fb7c764376bf831c3dde506403569e198ac710efe404

                                              SHA512

                                              847ba9318379b78d44243f2f2304eac5b4d7d49e58555158e84d34973ed3550561660c434ca02cdbde8f646dfc382d9352393d819b8c522f234c4df3b5ad7970

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                              Filesize

                                              228KB

                                              MD5

                                              d959d4be6a358cfedb91a6ed841e24a7

                                              SHA1

                                              546dadfbf96f408df2afcc7f2ecbebc4a96169be

                                              SHA256

                                              ac40acb9785af9bccf145754cc01cafbb65c21dc670eca37ec02ba344e05a897

                                              SHA512

                                              8a83553a680e0a42bc6f2ef1e3e4672e46a0620e6f12a849076f84f1ec7512390d6bc214671ab13ca2704094b85bb03fd6c1dfa7e3ca376b89418fa5d73d079b

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                              Filesize

                                              228KB

                                              MD5

                                              9321342a3402002b9f2d9e96c8fcc3d5

                                              SHA1

                                              b821dbfbfe02a3afa590575ea687472ffb578d29

                                              SHA256

                                              285010a18a03e9d2dfc2654b2de4477aed6234e6692c2f04b53af90eb231a7fd

                                              SHA512

                                              fb26b3c1380a80225b98445ff1c1e8a336168474b6b7ecef2b4fa894db6a5df43614d48502fdbc2a2940dccecb0ba881288982cb074cd884a82f0a6f425d3cb1

                                            • C:\Windows\tasksche.exe

                                              Filesize

                                              2.0MB

                                              MD5

                                              02c0fc4c7670597ba1f0ff404a908c35

                                              SHA1

                                              1e80e6e3ab8e8fd6a309b7b8e74a86abf92d72dd

                                              SHA256

                                              fcb9b6dfa01389bec7f5ea16a169c62d7163a5ab8f695490bf6e328720095e98

                                              SHA512

                                              5691ad33bda53e8a445626a3c0a0487695973b45e05367d7f9004ea8e4b1ac1a809b795bd7a87957807f90ed2a430c1ee6319d41fdaab0881feae52d44c4adb2