53484334deabccf03bebfe12d18d5f39f4ae910126991b8a39520a323514de10

Analysis

max time kernel
303s
max time network
315s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
13/10/2024, 09:23

Sharing

Copy URL Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

Neurozinex64.exe
Size

340KB
MD5

485167f2bacb16c2ec5b19fa92eec875
SHA1

245828ba7f84ce1ae7d02bc6b78054e997c2ab71
SHA256

784b9f17e4b1ea5962b217f205924363d0015c2a32f10762a96d7850841d9c4c
SHA512

614fb5c656f8e9dc19f10ac7431d80fa5f41cb94a91bbbb34fcf132dbe2213553c3726d0e61b48f34e7128e720b23e11e479ae2e05104d4c1f9bc6e4bd153eee
SSDEEP

6144:Rg5n6sZe+5IK3mjyv8tbY3akkwtmbwVSZLC5u5cF:Rps4+H3T8qqkkwcbySZLSZ

Score

6^/10

bootkit discovery persistence

Malware Config

Signatures

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	Neurozinex64.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133732851006332404"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
968	chrome.exe
968	chrome.exe
4552	chrome.exe
4552	chrome.exe
4552	chrome.exe
4552	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	2156	Neurozinex64.exe
Token: 33	1292	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1292	AUDIODG.EXE
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe
Token: SeCreatePagefilePrivilege	968	chrome.exe
Token: SeShutdownPrivilege	968	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe
968	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 968 wrote to memory of 4660	968	chrome.exe	83
PID 968 wrote to memory of 4660	968	chrome.exe	83
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 1216	968	chrome.exe	84
PID 968 wrote to memory of 2024	968	chrome.exe	85
PID 968 wrote to memory of 2024	968	chrome.exe	85
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86
PID 968 wrote to memory of 2200	968	chrome.exe	86

C:\Users\Admin\AppData\Local\Temp\Neurozinex64.exe
"C:\Users\Admin\AppData\Local\Temp\Neurozinex64.exe"
1⤵
- Writes to the Master Boot Record (MBR)
- Suspicious use of AdjustPrivilegeToken
PID:2156

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x00000000000004CC
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1292

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea01ecc40,0x7ffea01ecc4c,0x7ffea01ecc58
  2⤵
  PID:4660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1948,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1944 /prefetch:2
  2⤵
  PID:1216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1652,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1980 /prefetch:3
  2⤵
  PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2148,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2328 /prefetch:8
  2⤵
  PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2920,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3100 /prefetch:1
  2⤵
  PID:1808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3052,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3128 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4396,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3540 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4544,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4552 /prefetch:8
  2⤵
  PID:1996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4540,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4516 /prefetch:8
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4792,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4528 /prefetch:8
  2⤵
  PID:456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4532,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4820 /prefetch:8
  2⤵
  PID:3792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4680,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4564 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1112,i,6546388494118593621,12709787446118144869,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4352 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4552

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1448

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4884

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
01d94753fc1fffc95b0b6050d7a8dc6b

SHA1
abb4d09cd94827be3888b4152a46b939ab2710d2

SHA256
fc744e13ca3a095dface2b30209f8f99f45204f6bbcb031cf2edf8bee0185658

SHA512
58ec51f32c1014630d04b37fff2c028b3e400559d3dd0bfd64e8bcef17243c0577062b7c252ae9bf492b7017c5d624369ceb68e2151c66a617aee3d581665927

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
696B

MD5
12e1c9c6dec98b3b1076e084069e49b7

SHA1
505ed3a69dfc4fb9d03a616a97d8beeed35446ec

SHA256
ecdd116e03460be7742d17cab3644fcec2c5ad8186773cbfa6ed5a248eb20c21

SHA512
32e452d2074fb677510440e3787a9e36b51697e9ef61652d18adaf093576409a9ef1529589b7d99cd910218db04b23a3a33f208d491f21ebb1ef7942f5529c6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
e51a3f87c9a7f045cf12f86eb0199b68

SHA1
97d305944b51e24125471287a20843586c1d9a17

SHA256
2005653075fda79a2e14fea1f20dbcc0e83549eed4a3008f320b0bda754a6e9f

SHA512
b53e425cea85e0920f6c3b152264bd12696fbcb09c52abab19b765076ce054a7d2d8b7b30a3cf1fb8a556be4edbd92ee914d1f702e03e5af54f818a8afccab8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
848a59033b6943c87cf3ddc873a5e381

SHA1
d617fa6d5660e0843ac3536f81c3bf44a13294ac

SHA256
5c1222f14f4bed9a40476a04ec65f6903d30717b4a544913d7e8603ce39cd296

SHA512
860ed687df4ce7326b0240436c3046fd0cc3dc5ce3d1296d6183b97013c1161e13cfa4087fe73ec3ee1c56100f82f21c35b6e3b4037cfae8a2abea787dc163c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
db82d526c87b079ebd9693b03239bf57

SHA1
aa623449d5024b876ef4d48e6d9153b326f159e6

SHA256
7c650aed9cc0d868cb1513586a37db135343b7e5112e80b9df8e381a03ac7e8e

SHA512
038bbe92d1ac648592a64c2d8d0f168353050ed6797369c2d00aa6f9e0ffee3b369e5f9d36fcbf41bd861ef1147efd75bdefa7a6d2b8804341cae74693020232

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
995a0f629b789b25a850c9211ba97a1b

SHA1
654626c1ceda1bf59e0c9ef03a42abbea25354d1

SHA256
39da78756acfe26f8696cd9f3a94f5f0c9d0850ad2aa51c2734f1695f0642c99

SHA512
270200dd34044471ed3d4ce653b4388ebbe7c7ef6251f873bef99e60357ec670e1ed62c7bfb0f0e04a122b36aea654f1ced46ca08cb6ea6151b7ee492630c449

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
ef72f934d15c69a0aed3e31cc4e49413

SHA1
3b4d51788621f4a7864554e682abf2e3b41bbb1e

SHA256
cd74e65df77e0ac7c6a9929cbdd2087a15f79eff0009549757f8598b04223641

SHA512
91e83360538b96db2b2581b4a100ebe60369a538633cafd69d149278fe76de1ed178c436540b406cb26c2cbfea147fde88e32ff4725aeccb4b6910b7f489c742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
ad1d9a8300d1a5cb0f9cb7a647eac205

SHA1
704066c7f2efce173dee60452693d235c389d120

SHA256
f7e1bc59b92d8eb6d9e81bdcee940e029730a8b558b0dd10caf42e432d696044

SHA512
3145dcbbb8a77ab4749753f30caa9ba0cac2a9fbcb4ea1a2b693ae531809aabd174ebde687bd95070ad8761fdb02a8c2ae14c7fd527343e0e1abe7c92fc9353e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
37f8f388fe679bc35275de1c1ed9591f

SHA1
9e9af7c6520795b9b57b38b339ba5acd429d7616

SHA256
4d8825cec541f7decc8e01ddbea873198c7ad2baa3ffbb50f11cbabe6c018243

SHA512
0cfa47fa392574fef6edcdc1ed8675a568b5ee8e09e4a4b9243f26058f7187708e51fa96da67b38f6e3377b86cf3b504acebb03d3182db3757d694a09caf151b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
18f33fb1e08567b0af41bf89fe04ea61

SHA1
eb0479bce707a57fce9de2715e7702140880e2ad

SHA256
ecb0f99ba30a45e33803b342006ddf35b604c461b765ed204c5aacd11613288b

SHA512
2d439f6b3bd7c034cfffddf994e539e300f58806fdf86a5dc5e8fec3cb5bae1de7a1ce2f7d6086b82687c29a9845e8081615b145ddfaf5e4e2b685e50c66f16b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
49fd5b401d3650523b186cef2b5a1d5c

SHA1
fc1faaa0a9290204524b49902608a4718189bc10

SHA256
2ace01ceb266257b0d02883ae2d394ae0de2c4a27986ff8b40612cd88b2bf2d0

SHA512
2d23ef25e470df0a78b6c375a5e5744744e637862622186df2bf1353bb0976b70bb1833bcb0511c9f7838dc8f97925919382e84077f2a30f27b02b7bd37e829a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
aad7237118ff68b27760a29a90dfead8

SHA1
956e6a5620a93e6e0a7ab8ae18e95d01442461f1

SHA256
9692b0352d75f4d1041e647e372fd90bedaa9f4ec4df81f12e5d897bc7afb36f

SHA512
909cae3b9e0c010951e50d6b7bf36cf1b786c139fbd25784925541f1b03095a2eabaf44c953c21b7a9c10c61e0f4165464d5750869f618e0a9a70c34b573d434

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
7ae03fc1027fc6e0413c53d9672d15df

SHA1
c622830638674ff523c40991c586a3a2794766fe

SHA256
d8e336f7829444ae3e8ae6857adacd4be79cb2fbe1660f8b59fedf2c2e6d5d97

SHA512
633a097009200fec5d2f6b7fddda8304b3fbd1b68acc305cd30e9bc13a2827bac3b66a3f451e779b70c5b3b9f6ed4f3b6289148776807c7f9c542d740b2414b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
789e0649da58849933d76fb89cc18f51

SHA1
5fe493a036dd4c4899c16708b0629dca5f77efc7

SHA256
934589cad57de66bbd8933be5a8a06fa46b5b1cd3cd00a9c6230d44613eb1e9b

SHA512
e4850e4d69171abae6cae6f0f4d4c29537727c2572de497893a2219b3c1d66a76b1cd792cbb50766195300f9f6ffd24c6440e7e0f74c9195f8e571c5304efdd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
38d2960709f48004c5943826daee26d1

SHA1
c04579c9c2414f32cb72db6220994094819bd637

SHA256
d309687dbb74065175846c71fc9e688db6801d13affcc499ee8a599ce7283fef

SHA512
b686afb958ab10289c431fc9d2928ed072899bac000fd3cb454ea1893a0bc2180e4e6ad65143eadbd99fc1117358fe3c41c4a704a798f83d8b78346fb3e97bcc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f4cec6c4c4be7fe3760628b6da0b9283

SHA1
edf0363736163f70d87ba4467dc7fcf913a228ab

SHA256
4f5ff314ac8fbd5710131a0beeb2911a7cc4536e78e13b1922bd4e345d5b997e

SHA512
7bb28f61a698f3df0cffdac2575206e081302bdae9bc01ac64f826fcc8d431b9bd4ee52706dde47f24a457f25210759322e8ee31719cfaf2f07a8ab74b997b4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2d456eedab43319a12dd2356a8f0d1a5

SHA1
ea497302ab11128156e524072b4f2a3e49e33ddb

SHA256
b59238c7e46840f356b6445714f97ed587a4e8e2f16911f51825b37f695d082a

SHA512
057938ad89b3496f2fe7442f95cc0f12804f5aecf367da03e3752ac2c950542ac7a789a2a33072d499affe3e37c06da7c5eabc6fba395953a9f36c77fccefb2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b869ebcd5903a08388b348bebc5e9d2e

SHA1
aba79d3cd57cb9b7f7035c0b242ac1c566d7fd09

SHA256
1c70838e38c9b963e2ca7deca3e37c19eda9b13d9be8b8f6fc6523817e13b784

SHA512
dc1af85ae338ff2976a10d2b03f0d1a560da8197b0773bd7ba0dad217f51c34bf5f29ffdb5559f857f6a72608a5e29e075fc443a088c11c7c0be2b2c44343fe7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ef83ef0ed3dab46dd496f9b25489db76

SHA1
29148f9026de6ebc59701b75969b62d0841081f2

SHA256
1d60a8f09f0daaa2a29e48e670ce874c78080e569c74f2d338dd32349fd9c264

SHA512
7b8f59d4dad67e8a561c19744251d1d8e905b6c4cef620242dba25f420adcf11c29495f708605f869bbff73d3bb867b325c2ddfdc2103635f38e718ea0afda18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7c700ea8e08de18a08709e095f0651e4

SHA1
28b1dfcb12e94cd42a9bb5a232c48a9123e96150

SHA256
b36f76877dd8b96159ac17f08a1a24103c8ddc5a21f67cf457f60fbd692ce869

SHA512
3941d5b6bfca5707fc3046ca2767243b850fc72e0f989416c5333b24653e78396cf1ab0f0f454d4896e70d0a640853ad44eac75e5638e47a7c44c31e6cba2e1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
148c12aaad9896cadf337556ce50c251

SHA1
ac34b5e9513a2e1af8839c48a6ce6d086f608684

SHA256
0e52f5b74baf267494536a6273697b1239b0c5987d356d872c07eceb32b82d06

SHA512
015e4c0a4869af29162dc62bf4bdc81cc785756c386b04cd89ae7a6fa5bc0fbf84226dcea7885275573bb588d34d1aae751f6d6cc862fde00982c12a49558e0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7ac321607a9ad53787313a5380960148

SHA1
3bc091bb7690f49de856d1df80bb63eb9ea58f90

SHA256
e467d5fa10cc8b4b3d389c3505b72e86408f5fdf32f4386c82fba281b0671e3c

SHA512
8df16e799ee370f84270e96d998d519cd7d3e1ea8b46fed3379170c5f07d316457bc811fc8af5e43d29fd008dd32aca314b2f0d8148f6ce7100f38db20ec9e3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1d53aad8d071fa37abe5c6325927c144

SHA1
185c8df95c1cc2294c4bed31e5d0a400e3b07c47

SHA256
330d4736458bbff241e2baaad279e24455d33f9ae34d7ebfde776039f6519ff4

SHA512
d4820878963cd0affbed2be5134ae508315d1dafd737cf8697ee601fb662cd77397cbfd1ad0063ff336c5f52f358114a1b1bee88f29029cf0ec21c518b838344

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
76c334905884fd24edde6079eb98c9b2

SHA1
954367d497e52a3ddc349d306b8e7ac5dbe891b5

SHA256
2f3fb4b483a20a3fee9308059b27b56a43861f5bf555797a20354673c2b1640f

SHA512
d098fbdec8813ae280d6e23601e5807c4521add84c961a8291e33a1c42c54539f123035f0344648914dae358818aa02ac64caa905ae21047b5d31ce1160f3cdb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
14f792469e20fc997a1035ea4115ac89

SHA1
5576e3b16515ea8a407661682ac9d088548eb6f6

SHA256
a9a60c52390a5ed8ba300b216ae61f025420af467f352fd9e4aa2da60e337aee

SHA512
f8fca048aeb17fb8298310854758c362c3f471f54008d9eff82ba985691254cd04bb8c8468a395d59e45cf081124de64d88aee3d0409208f2d23c125672a9966

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
e1f4ad0effb1bdb18178a53a79c3fddd

SHA1
c5b02e3d00e107e2f90cb30988612f47fea5a29f

SHA256
bf041eb76fa02499532107b3d29fff6ad7bbf54d0c2ff025a2ea0200647c2006

SHA512
bbf5625aabf89f9e0c260f81fce91ae602bff2544ed1498cdab85ae550485950ee5d64e3350df0dd512d3cb16981fd18e494b87f033daf3c8c54fadd6e8dbe9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
69b9d820b6d67c631057e8024e51fa4f

SHA1
208d20909735027dccaa4e7fec5cb2a977f07fdb

SHA256
64a0e3fea887f4284a3c38703435b8e23ca1965af7d94077112032087f57f328

SHA512
6e8818c1bdbfb15a8b07d7e6a58fb95d3ccee5468aeb4603eeb713194ee2edda6f218fac1bb53db070a8442eaf814aa70d28403066a01051f8b6e92232081e6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
d856c9b10abc8d8d038e54e958c42ded

SHA1
df52d3f383d389ce9bb8d8c47e6f0586be297374

SHA256
051289644a277a9b104d9aaac0d17f0b28588a54005d49b973e3a2e34a4c8287

SHA512
906e835d308b086b12773519f74b13a75abce573a18eb38fca723c44dde9a99e0227f597f796801a45db2dc743237e4698e1ff47ab7a67fabb8f30a6cf659120

Download Submit

Analysis

Sharing

Errors

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads