hxxps://github[.]com/JPaulMora/VirusSamples

Resubmissions

15-10-2024 10:33

241015-mlh3satcnm 10

15-10-2024 09:59

241015-lz98raxhna 10

15-10-2024 09:51

241015-lvq93sxflh 8

Analysis

max time kernel
416s
max time network
409s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
15-10-2024 09:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/JPaulMora/VirusSamples

Score

8^/10

bootkit defense_evasion discovery persistence

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 3 IoCs

pid	Process
1388	Dead Fish.exe
4336	Dead Fish.exe
1392	Dead Fish.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
2	raw.githubusercontent.com
21	raw.githubusercontent.com
22	raw.githubusercontent.com

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	Dead Fish.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs

When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

defense_evasion

SIP and Trust Provider Hijacking

T1553.003

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Dead Fish.exe:Zone.Identifier	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133734595422749799"	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings	OpenWith.exe

NTFS ADS 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Trojan.Linux.Xorddos.K.zip:Zone.Identifier	chrome.exe
File opened for modification	C:\Users\Admin\Downloads\Dead Fish.exe:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3568	chrome.exe
3568	chrome.exe
2600	chrome.exe
2600	chrome.exe
2600	chrome.exe
2600	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe

Suspicious use of SendNotifyMessage 28 IoCs

pid	Process
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3180	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3568 wrote to memory of 812	3568	chrome.exe	77
PID 3568 wrote to memory of 812	3568	chrome.exe	77
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 1800	3568	chrome.exe	78
PID 3568 wrote to memory of 5092	3568	chrome.exe	79
PID 3568 wrote to memory of 5092	3568	chrome.exe	79
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80
PID 3568 wrote to memory of 5964	3568	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/JPaulMora/VirusSamples
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc4a6ccc40,0x7ffc4a6ccc4c,0x7ffc4a6ccc58
  2⤵
  PID:812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1756,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1752 /prefetch:2
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2068,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2092 /prefetch:3
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2148,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2324 /prefetch:8
  2⤵
  PID:5964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:1
  2⤵
  PID:6024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3104,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:5572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4584,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4464 /prefetch:8
  2⤵
  PID:4940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5004,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4788 /prefetch:8
  2⤵
  - NTFS ADS
  PID:4640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4660,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=2656,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5228,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5208 /prefetch:1
  2⤵
  PID:5828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5020,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4408,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:8
  2⤵
  PID:3184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5984,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6024 /prefetch:8
  2⤵
  PID:4540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6020,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5812 /prefetch:8
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6132,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5660 /prefetch:8
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6140,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3308 /prefetch:8
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6008,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6100 /prefetch:8
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  PID:2288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5848,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:3528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6096,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5440 /prefetch:1
  2⤵
  PID:2468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6256,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6260 /prefetch:8
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5452,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6016 /prefetch:8
  2⤵
  PID:3224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5916,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6184 /prefetch:1
  2⤵
  PID:1348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5912,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6348 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5792,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5904 /prefetch:8
  2⤵
  PID:5168
- C:\Users\Admin\Downloads\Dead Fish.exe
  "C:\Users\Admin\Downloads\Dead Fish.exe"
  2⤵
  - Executes dropped EXE
  PID:1388
- C:\Users\Admin\Downloads\Dead Fish.exe
  "C:\Users\Admin\Downloads\Dead Fish.exe"
  2⤵
  - Executes dropped EXE
  PID:4336
- C:\Users\Admin\Downloads\Dead Fish.exe
  "C:\Users\Admin\Downloads\Dead Fish.exe"
  2⤵
  - Executes dropped EXE
  - Writes to the Master Boot Record (MBR)
  PID:1392

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4924

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4248

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4240

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3180

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x00000000000004D0
1⤵
PID:5480

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

T1542

Bootkit

T1542.003

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
cd796568dc68e24c7e090604fa7147a8

SHA1
eb40a9d11c1098ee6e89c214c3a41a7aaec38e5d

SHA256
e6d4fe9e879e147e9ca58b76da01422b0944a68d1a6f3a89204e7f892b2ef0db

SHA512
a7961ca453c799321469efcdf7e316b29e9e66d4bcfb2b94a329406b75047196bcc3bd2687ac46bc03d9585d9d0956506681380080ab1c851d9194a868561cd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
18KB

MD5
2e23d6e099f830cf0b14356b3c3443ce

SHA1
027db4ff48118566db039d6b5f574a8ac73002bc

SHA256
7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885

SHA512
165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
72KB

MD5
6ee91c368f2ccb27602daade4d6a0c6d

SHA1
07417fb3286163c5aa48364a5b07e1b4c170fe66

SHA256
9b9b540f18a899f45bc1261fdf85db06ac0524e47cad52edb27e1de5defcb1e9

SHA512
6263d93d37f93669a203152df119c59f59ed5bc48e6ca2b4b9b1941ddb3a1176c4bc76f6e02665a6563c6eff2b8683a88aa51aeeeb8aecfea343182f8a01bcc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
401KB

MD5
962ceb08caaeb3948f28e3706ed82699

SHA1
62c2f4970697ba95637d1e5defac391926eb03e5

SHA256
ca85e3f647dd0b48f161f27902e05a4f6024d6cd22c0de08a91c89ed1a519ee2

SHA512
a6318fb167f3156a95739f5afddf5e74f6d256012037e0a96961072881a8f43fc9e28f6e9deb636ffb8848b820097fcfcb5be05fed0bce9c484ed1002420e306

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
172KB

MD5
6a3fa48cac5c7550f11b03aac28d33d4

SHA1
92c5db9a7f6f6daea68710808bea66263aebe6f4

SHA256
ff9c1596eb2f59a6e50bc30db808069aeda2905435273fa72ae60dd4e249378f

SHA512
d8456f57d12c6c22e252c372568f456c7488e619e0701235d3242da3b4848b9e9e0e6f3d5761a72c28d093bd480e735fb63dfc08d2d0222833ae8b255ceb3e0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

Filesize
215KB

MD5
1585c4c0ffdb55b2a4fdc0b0f5c317be

SHA1
aac0e0f12332063c75c690458b2cfe5acb800d0a

SHA256
18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5

SHA512
7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\11448c48208acbcb_0

Filesize
280B

MD5
7ff842599dfd7b5daf2cc460d843f967

SHA1
cebeff7361d7fefc11a2d4c0417badf3644affc0

SHA256
cf24822365129dcb61dbe1e2d6153dd0c2a140935f093ed75c7f057826164de7

SHA512
c6849b41bb8e6685180e13eb03348b973b3aeb0068b90441bec92e7f07df79c1202119bf20fba7e030ab5f3f6e5c98d9d51189c3ce407fc2e0ff3bd1cb4e8cdd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\df132b9b643c5dec_0

Filesize
19KB

MD5
46390e2ea31cea866696f2a07ac71052

SHA1
231cdabe3e6ff4f303de8ef04723ebcc579a1d34

SHA256
c9fc85bdc0529ae2de5935cc032c76f3926b78593aeccf5191b0e6656a54c953

SHA512
91dcad8540207f4d8c5aca4fb03115dc6e2a6ed646aa9b36bc13088ad7b846410c6364ae9cd1903d549a563e92b6a9dc60d17059429f4735ac5ae6ea3c52f3c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
4KB

MD5
1675eea70b14c72e2d158353c3cc5721

SHA1
f129ff02f7563266b5fc72da2b244fd63a6c1107

SHA256
70fa9edd91705163c1bfc77871708039063b026d00718f71eb2868badbb36d9f

SHA512
f0e8e9199009c194d5a07d1ed0070c3989adbf0ecb1b62cd62c5d539de00d189a26ea215faeb83fc21a4a65fa30ba549423ab6ddfa44e8dd12fb622b02960b9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
4745e76b4669f863e8347d78c6eec872

SHA1
079d5fa4e5862b72e11eaefcc450c892ac9b676d

SHA256
0f9c2ea158a221ad886d42714e1cc15971f26c95ba1f3c8a67159d0e14ea86ae

SHA512
44c1da2fcdb53a8f898fd7cdd44c5320a0872e7a1ef78da744714113d7ea760fc18f83a8fb2abb679b288dc3cd3b6972b4ba41d22d1533630e84ca884e9db93f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
f953d40984bda8702cedfe173dc6b1ab

SHA1
95767b3c60ed64bb390769144d40c84aa3f6f102

SHA256
1ab7ca7067feafb30055d3ceb3af769b8f765648240f43de0820402f494c7eff

SHA512
0aca93f7560776a195baae61fc9460bb51ec9a0b768ef34ea455691245ac0d2ccd7b86d849e248e56b1b5e12c4a6bab5b96f108cd338fa36b0425afd1e11e64f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
c7c6322f4e21c3a816272a79c2bb0ce0

SHA1
5b5025603c2d6985079ecf6e5c0f89fa944ed8e2

SHA256
ce991c586ac804bbb35233afb9e0eae6bff62f9a1d0cd1e09f1e9b5d43c01475

SHA512
195fcc98ab1c5e9c31ad165e583b00889178c88495d07b844cb8c4fe3d6f7ce74e931e55399d9793ef3aff2215550c842984e46bc3a0eb7fc2371888cbd48794

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
f6fbb777cef0443ecc0fd9d99d8dabfd

SHA1
8d70661f0a9413ee8c8b9c8e4dcbce750cf1f404

SHA256
620435275adc1f34fd3ef3ebc686ced469f344fefdeda5dd1d972c9064bbe981

SHA512
dc378d92bde5c09ae9cfc36ac6e3068ce3a78fe78bf421c9b35ab4fb6204717a35f411f160f4619766894574f44ff819140c0917e6e88c9b20cc79118cfbddde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
a078ac3dbbddd9e72e27dcaef510a1d3

SHA1
666fd91ac9c1eae487e1d0f350b70652a54e98d2

SHA256
be50671ea65372a415be2a9f5b5e2ad4ced0f5f0b021f78fbede35b1d8caebe6

SHA512
29ee41a732cfdd5666a2c69ca2c1f79a808f885990b1ed20cfb5b141d50f7cdab2335c280da4a4e30fa671a951f6821788a0b610e19ea9a903ad0a2203b58a5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
2928fefca683259429dbe8fe4f6330c9

SHA1
bb583a1edfdcaa15af5384c56cfccdd46cffe850

SHA256
979f95824399899d5ee400f8dc5113c782de85dee10915d353f68eee1d0ef36b

SHA512
ce39fe69a78ff8e1330d59566955c3e5a427a0b4f0c45eb22b240a1ad120e9693a0c4f3d60729de0f8a8fd9619e4ef122337d1005b9bf6404fba1aef68b43e75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
ecdde06c6c35a4b96a6798f7313df212

SHA1
6052635793b9bb010a4d2b0efb678c395c54cd9c

SHA256
5c9ef1ea3d69fa0bb564d1d110e251d64299a6d8b5c348d04ae386e079dafda0

SHA512
95445302dd425284c1c2c53788ea7ea77a02ace74dbfeb38fc5e63987f310701fc63b5a8cc4dd81852f7b5ede3d9f7a67a43e6e0bcdda3def9ebf22e711b7fdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b4e67187493e606ca0f382e9de354cf5

SHA1
4a5a0d0aa2f6126a3fa53c0e12fb7c288bf48a74

SHA256
131ba8633fdfea4ba11e2a0f3c921e04d42bd7f9d441ff953c16e45586cdc112

SHA512
99cf9344286e726be30ea7e9bae6bcdeee8e3b41df641972d3452f3748d8a0fec9cd2fbf3228de7978fbf37b35b893e7ef11205cc75932fed9d6a908a6bd9ae3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ef7fe1b37aa9a325c0d8a39181fd400c

SHA1
681169a5e81950bcb7b20493b932a095d1779a2e

SHA256
3ddb1acce3f63c1793b5ec218377ebdf366c84c723673d302f48d9fc3be30559

SHA512
e88a011be5bacfa5068e67ae6a9a28c1f18babec93998f0789ed63823b83f86321ef27047704b33aeb1add96216b400c219914e373272a5bc758df8a829b03e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8c2efc61eefc83588b313e1fdaa7a3f0

SHA1
03e9d0cf251b1c42892dffc30f9a892cb5e32b59

SHA256
814c89ff75c4455723364098524f6eb7431c8f4b8f227f4332a2a29e5233947c

SHA512
e6b64a41b4b7ac356b2dd020cefd5fb83f94069391dab2464c86e803e27971a48e57b2cd9e07820b21fded7aeec272cc0bd2ef9a69399b25c4b7d1248f317ee6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
07d0f2983e3ea3d55ed98059a4eab130

SHA1
d41484542b7fbad7c05ec66bb7c4390ab7187a35

SHA256
85829c367f2958007bdcdca0496374a7521af3c160fc0f50245775d51b041160

SHA512
1ef48d4bf227530dfbdcde61dfd0ee268b2b9b87395f5f9e86af2b658ef48a18a9eb643757dadc02827c00ec1c842539122f22163b8a39eb5b6b9ffdd17baf52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
dec68f3879fd2242743a02096d491857

SHA1
a44977c77922a3476d0e1a3be7bedb2945ccf3de

SHA256
14153ab2c6f0a16b6ef174a919975435decfe0e5a4a5cfbb3f189246719fc20a

SHA512
3c0696fcdde549ccc39ce89d05e7bce01906eeddfdbe6bf829ee4f97392c53265d618f45c116460b5bc8c90b93a612825cdd58a268900d3c590168041d1da6e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
038e6a44bd66673ba816457550d55056

SHA1
89687a4414b75192fc1764f0180e9c8c21259b10

SHA256
d147a363318edd276af260cba255d6bbffc59c7026c72cf6aa01ad2e23efa2f9

SHA512
46d1e4cf579343349e573c0d64cbdc69d217db2cb6ddb69f88b63d9036347fe749f3e1a26291b5133f9955db04b40cdcd62a64786468cb589354a44c48a24f12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
24ff9852159867d088abafccdd1eb27d

SHA1
3e815d296da20814df77feb12d9a529911b51be8

SHA256
4eb44095280d95df5fa4565e2443a371ae5d5786addca38be8df2fd484136635

SHA512
dd3e4a54ef57c8b9b3c099001ebea2d1445d117cc3eeb10d3e926dcdb20095eb7ba743a95aaf3df6a534fe2f576947c6652ca63d3936493bb7764ad89e523c29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
32fdffe1509a09914f5fe3dd55b48cab

SHA1
1e464607c16dee6fafb089e43f876b3ef9e8a662

SHA256
3116c015ae286d6e95e659fee05116db303698e409dd7a0bb53ff84c46c24efb

SHA512
a6c3e48d28a20f2ee9930ea0a185ce55f3cdea70c6d8a4b620bf52ddc537342bcdaf8f27ed6dca22ae6610d4cdd0b8923a80ec4cfc7db331eef4bed7c4d8d251

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1dafa6bead59c4d5f5ae92c69173dca8

SHA1
cd0f6695a5053f90af31f267d104f8bf9c9f18f2

SHA256
8493419017bf6533facac9655dd0b575072a4c152427b446745b22658dc80498

SHA512
52ca8f6bb536bd4e96e80686250b5c7d95f83f24fd73a61f50eccf873041ff631e0c170b6093ac530debe97510d92411ee25152303c1337c1ca6eeadff4d67d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
824af66b0b9f73117753192653837542

SHA1
b1298f8a646709d1fdc8884590e59544c5c4ec86

SHA256
f12c7e7cd3dc53018bde411afdffa4a7903548ab3e29b968aca98513ff2ed165

SHA512
1a55b4ac22604e2036b7e9e8f5182f50a04641f8efd514ed0dcb68d008a9685e4d7b847d7410fcc019c504a073133d31a76cce87b36184c353b077d0b9bd0628

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
37fee1c37a61579efce6636a3c343e58

SHA1
4465a56f3d505408a8842fd2413b125dcd697120

SHA256
0c67d411df43c45956a7347d195dfb7d4e99012b69992df19ea0f2539b82b9c5

SHA512
159b389a5011f7c6acaba06bc07c01af32290313125d813f22389bd125ba42bffc3be2146b0b220fe2cb3b34e9121208230b20538a15b27a38bd18e0a820ef80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
20d90f28fed7738e0345b4e1aff7f108

SHA1
b870404e85c50073a2c45c0c4ff1fc47072f6374

SHA256
fef89206c2e44479aa404fdfaed0abab777f8189c1270a6fcd3e362607f4740b

SHA512
aa2d4b8f65cebe55ac1fa70c9c3330e1b74b286c37af89de589cc727d7f05ff6d400ac2d5a5651831946d7f3eb2c9250069ef551eb7d1c939eb3b7319326f1a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ba57238a351ac1bccf61d7982e04dcb2

SHA1
d3f592c3752d2c06228ce5ab837a896e39b2f19a

SHA256
5e4c6e1fba147d3d59894ecb2da7dab9a925d4fb2d450910c65b441333a2a8f1

SHA512
d781209c5b2d8b998a6a8f70c7a25e7aebcac0144ce15d6d7950741a2ed0fe39ab6113df0b1e6230e5f3f4630c40386df9f2c94635718f381daf8c40305a93ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c79d627536d27bc72d802b501e5d93a3

SHA1
7bf56dd3127e8b6a594194fee1a044af5568887f

SHA256
ed1af1cd867aec22143741115992f9a36bcce6d05632ba3c5ae27e7e6c207766

SHA512
2228f449f05e1f6a7eecc23fe8c7b95358b19fb114d307a9bd3e290207274537cc9af6555f5dde8b166a0cea0f00bcf3b3df04a46f20f80cf04dfcccfd98f8a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4e9434c4b7baed88293a5451b1644b58

SHA1
f5a517c316617e2f4eb241ac0dc56513a44d19f9

SHA256
50626eaa094a4e995e4ebc418237dcfc9cb7fcf93706976617b703669be8ee4f

SHA512
bcb6a4ef8e619591280f88504e099c19c0cd07c8885f1b8b35fdcb603e12e8dc3f71b06c3feee349addd9cbbd5c60be0c0a1b0ffdf20401f68317276655035a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e4a02995c64f60e45c9227ed9011d8ae

SHA1
40857eba7fe65e1a590aeb31f5205d87fe7dc1a2

SHA256
acf841d1b8dae3f064513727a4519ec08a3a325f8ba72cea6f132d32f78ad6a9

SHA512
1e8757c967a509409eb80012f297a9daadd0538c64959ed2b06db4233423727c3d94fc2b3afc9caa4468b24c19912499cec1e96f0387c8ef7e619dbae63c574b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
41e2a11e6a2eb5c88e54a44c6f931c54

SHA1
933c5da84ec1de5119dd3a34d5057aff53902a2f

SHA256
a43f870ff1de9809a356d91899cf180dd411be56656f92b22d4b70169910db9f

SHA512
4d1b5ffd47bcdb3256d055c7c53dc99ba33b92e9b8614bd68d90cebcc24c2c4668ac6be58d1a3d0e52a0ffc649cef14c902d09e34d7797f5e54df5c502ed5fef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b695115689d9e58a2eb43bde5bbd2fa4

SHA1
35ec9ebbcb78e08a79a1714f6d7d812ab8cbf4a1

SHA256
d019c6a2d417e7d01931d4293af3e204fd70bc54574ce1d8126df2d8fe5ae656

SHA512
29f602f911dbffab360993d8bc4f91d1fedaf9dfad08cdfa521037bae4e82cbd651bebacea2f5943df44dfe188c107388d3626e2b1e82da90030c4965686379c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7bb324627d83c3aec1a97f1ed89db652

SHA1
ffb27d919a8d0e7ebbc072b439a617dd999918f1

SHA256
aa49be126174dc71b5c103060ddbabe46ef6d29e12675559d7695ffc1350b261

SHA512
ad7b87d35d7417172bcdf1cb0414e3e485876dec9d4b551d5b48e6eeab7beb820027db21a9132e823590d97f545f27601bb6412911f5c453f2cc1b2d04655593

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d1a706c099c61c0b2abc22b76a8ac5b7

SHA1
9fb3d6f92626b74ac17f6a0606b161bc28cb4b0a

SHA256
f6c47de206f682f90ea423d2e4a2001f62041062ce5ccd308c9b1c3f3643396b

SHA512
6bb92d3ce26da9b71352b8525245b3c0d73fff54f7f550a22ab620f7e2061aa73685f7600974e1d81211f7d78d9619c702d03d9cc2f8f29b679cb20d4771e7f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7a41bc438c1abe79a97155d03aca862a

SHA1
5c9f5b3dc7f610aeddc82557b438f012f90b789c

SHA256
8df9348ccfc5268a9f0387ef0d775c9c351a7b5536b3d6d53de9559552d3c2d7

SHA512
c47888f4ac36c02cc8d92a96fc6192e8c04d2994926c83c23dbfd681a0fdcc3fbc0bca2c2e122e7f23cddb0b986326908f7ff099f4508ac73cae3af376b926f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
40d352a091e52dcf4068fa0572f01834

SHA1
a3ddd2145f6b53a812bf2c50dd7f8f176c3edd15

SHA256
33bc70257f3359a86fd464fb8090e86203f3ba99ebdf291b5f4b46ce635e7921

SHA512
4671beba821fc5e3bbcca073f8b94d6692a8c5344b55fdb2e916542bfc862e8ad5162817648a4a65a77c64abd71ee74f00a9462bcdcf8bc4c99e0532ce23ce43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
48995287f0c59244acdd6fa393360aa1

SHA1
f47d28e4034eeb638778fbd0c3d6348fca72acbf

SHA256
42083e5b42d1d761a478805bedc3bb55403fb35afa14447a2f2949dfee0416c9

SHA512
d2357c1c9e60d9d8bd8b8b86e53408399f77d70b670b84cad1af913dc85f8a343bc37aad0df32cfcfb1d32066f17dbbea010e2242e83a004c53a076a22b6e85c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c092058a73d05da25816eb99e2602b60

SHA1
65e03690b1bf39c2ebd5726e46e55c49965f8561

SHA256
113ea1f1f8d9237f65c6c1fcc4fc72648778b9d67bb23eb242d568acdf06489b

SHA512
428b188a3c4f074d917ca0cb502308c2c70658f0e995ed578280e59c2757ced4b1c694b134bb3c7cead727318c1cfec581fb4e914b3caaf8689e23c42eeebe49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2913625a6d4741938d5cd7882a328c71

SHA1
fd81f32447934933c3054a39a3808c0952e9a784

SHA256
6b02f35be1554293bf9aeec9fb605d1b54687ac9d952c1eb96dbea7d9f35d14d

SHA512
55612dd8cd46301c5488500f0d465d37450e80b564cf99ac0752ab20e0994b99a3559a065d871fd15177b25058c16a98a60bc06996d6b57c92d6670d2b137918

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
357a207df89e921a6dcf76546158e1c0

SHA1
03bf16471a14fdcaed73ebde889fc0592617c6be

SHA256
ce42ecac57ec84d530e5bf0563d9109674075a93008f8eb1c1f6ccb5eeeb2a2a

SHA512
f38fc8469182cd34f021534b4243fef97a477e4690747f3dc3ef296eb4e6447dbd47b23edf5010dd117c969088023bdedc422b6db98eb35eb36c9ad37fb3340b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ab80feeff2ce1acf556c5ad88db3ce05

SHA1
7acfffe6ced9da98e344cab5fcaccfec90dd447a

SHA256
5df270c1fe73defd2aa23b8030adfa537d9fde95b683024a0d0f5d49aeaf73f1

SHA512
020904bc8b667fcd08c6e5835e78d554b0ff3253a2a46deb0e22f3a62a55c911a340c4da51f4bda9f421586265de5dbd2113bfc7a617a44a6317b2fe6fb71c76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
4089fdbd21cb60aba16ffbec6446ff30

SHA1
c6c16f5d8fb3b0caf5d2478d256c8d4c77f661d3

SHA256
757e97a6230762edcf906e83e81eac1775e82397c5a699d6ddb991eecfd5995e

SHA512
31fa03c06d4a32b1a05cb3cdedf0704032a161527aac382d35c909c0e90c415681ae44ed9a5a2e14c8c13ede2ccfb5327e4a36d9b593460ed02ee905be6f60dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
017ee9a1a90c03a03c9c790e50038cd3

SHA1
fa41a4290a6f270fa06ee464dfae41378a83f6db

SHA256
0ac0c6606d8adaabc0f3ef1efd5e105de2556f715cfdc72b553dd9cd858ec36c

SHA512
3416cb277f3bff978f43025242fd5c47399c6c6ae7c402d04b1bae4dec3ee6da8e390ce1dccaafcd263d88e380d86050a85e34ab37ce8fcaa07277c2dd9bd64f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
625288ed6e1875d622ffc8e209ed9fbb

SHA1
f73f0f6db63165a2846a5a50937d80e74d5d8ea3

SHA256
7e936f4b8bada8f083a2d56daf908f3fbd10825a8a6cc9a3e7aa154790a8e10f

SHA512
6143bb6c925a425a32dae3ea01bd0092963eb36186f7e131de325f61caf246742413c928ab7833e502640be31ddeda0031594c7e929df94c24ff3c92dec58331

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
c42e67c4c917daa7f2d3fba10379016d

SHA1
69bb27e3bb104e56010a113d9e9af26d3c1d11ec

SHA256
20f5dd91db31ad0607e39644b3975e8fa43702a062101e63e3c7950099c04392

SHA512
fcb1be6640a589f2c0d73c298411e0616333687ca7adcd275de63882cc8caf90b43511ffc761adad16181e02eeb05a3b1e0bc3cd85f9f89ecfc0ba26a68db11f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
095657847403531427180bd9bc575748

SHA1
9f69a81ca03a2095de3ee999bd42218dc01120b1

SHA256
fc7b79c1e0d94148e806c5b0fdffa2359d1420197e0d8089da858947a68f41b7

SHA512
f604e66518292c6379a281cc703055cbbce13eefbce2f1329adfc8d4f76cba24edb67aadc58deedcbb20168a1a765d1ae74f50c628231f8db066bb08078a3ff9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
dcfa83f02ebdc9a57756307a97fa9b12

SHA1
0fdf18b0db4f18d4bb8361f9159f4ec2a5d78373

SHA256
07be036c3bf15eb6f302f585da6ffb0d840559373fbe50c1057f62113609d82b

SHA512
7a52916663b64e04d4a18dfd6509c56a0bcc564f53ff9f4cb2c5641f35f9978534ab124621c190bdc634700508fc541a177d4464080a16e1f49f841e49a38f07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
e1cbc4b702ee09d70306082985f2b501

SHA1
64077219d2a5a9d6dd1d5119bbba028f7a15c205

SHA256
a0a02808c4bd47b075a5d4e44ae3e139a01732e85545c1eb13c95cfe93385e7d

SHA512
658d1d11d31c264ea902a366d7e936bd82516fe59feacfef26caeff89a64a7791a55989fea5b241aa11275cfb770bec9d0764abdbc46aec86003724cfec8c175

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
b0db3381630c55b38805ef941f79b9b6

SHA1
e8a304853d7fabf45d85e02ce8e6936debae13d3

SHA256
16c871bebbc23aa4815c229e67c0dfe6f21c73dd748b4a1bbd48b40c62652107

SHA512
497524ea3e974ba2d11226e23c554be8509e64954278f4dfd49399306c61718f88926aa2b9f069c953b5508efc4e7abed5e05c0b89bf3e5b2269f4d35e02f05e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
561b87a3ff088cd8107b4c8829e6869b

SHA1
e9dd2e007f8441b302d2ae66631ce6355236d58d

SHA256
12e29a0a76cb1d7db57940369c9ec954c0377e5ccde19426bf9f23a75ab1d6b8

SHA512
44b13b953e353a0adfe7b80e6606c51a0bfa6325363e58a8976c19d744bd82413ed0b85bb99e0e1f9af1ced31b7ff350a294e684e305fdbd4f911c9507f3857b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
b9c3d04b9a748dac1139590f3628fbe9

SHA1
f47c9b3ca77c58729bfb49c7c7aad1f46f5740fc

SHA256
dc4eaeda33f2ed090a3f06f0d4eafe31e07e92d720dc09fa665494c15ffd97fd

SHA512
b874234e47325f0b676f9df15b29d8de9ff4fd8ec5d532cf4421c8d133e1b5dfab9f3960dc9a6324be9a1e42f0e12cc34a6e3aac6aebb3cce101e6638ef4337d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
6173d8b26941d292d5d4495641437484

SHA1
c3fe8cc92f2312b38b826fd14400c8b691e583ba

SHA256
89ebd4ee738533a7bf71b94913fde5c76e01e2e840901128e7550ddce4e2c8d1

SHA512
f593abb3f41a681b1b36493d5534ef54f31f41500988ccaa32bfca3283c565e2913c1a3d981e2d8f14d0308d08b7ae1544f69e9e51176c8d8d34a633c2ccbef0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
2444a227ad0a84ab66e51b60901caad7

SHA1
0f0a6536d0d5e4fb28c037328636dd11b0f9f8b5

SHA256
160388a6fc197dda57fb526cfeebb85a7349268cd1fca11868d70fb71560fee8

SHA512
7c50bd7302fe6851b9f3b7a0e00b4c1e52278ca8ed2a05ea80868d1dc0ff2d69bd1a131cba99ec04e3f9ce4b3fca679d6b76a0d273805417b187a1abc13267a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
204a88c9b12b81346921a4037b706fc0

SHA1
2b0c5a568334a424ffe9c7bb46d78e6498717d98

SHA256
27cd6d50463bf0abb37b129e9641fd33345e71a0b974d6482b5f650e93a55c54

SHA512
a2473dc7f47caa34dd9a1d5615848396008858fe50c4a3b0af94935a286a2be3565de65b2447cec41534c370d66dd2814c27f2542fc42705d1516812a253b1d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
849dc0b5332ad80f82a3ed3cb871f49c

SHA1
afe2c4090c614589895861f00ae52a9c27d02e1b

SHA256
ffe50865b11f669190531b84bb28c1039559a4f4981784d12d70ccb9fa7d1a9e

SHA512
df1676c328803fb05408b0510b3f8a375055c09b4f24393d34c02bc2b8aadcb85b8bb16174599604a0a42a47861fd9ef75257e30b22ee522492dcb86e2ba78f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
410433a00c0fb1cdd5eda905597bc5ab

SHA1
7f06e0921ff58c0271e3c42b4c5ac8d1c942b4d5

SHA256
0a0e30d79b68f5cf43b1576560e2e0d5fd8a3db5020c89fe2f4f78d38dd4d8ce

SHA512
e05366bb3989d9a0195489dadef286ee18b7da1b9b632765e7c685aaad674236fe71aaf81de8915ca333524ae11be830ad29eb7382749946b1fe8ecfd76573ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
e417919b7c9c3e220da2a0b5801ba969

SHA1
4e5e7145075af83fd4490ccded31cd5c8a969286

SHA256
ee55e78ab642a5e3f10c1db54561e71b63859b2b9ec649f747f664f8834b05c1

SHA512
0e495ada2c759c69e9669c93b1675dacb869190ca1cf01fa3c3ba24856ebc7809dfed285b1cd2950d496991966f011a6bd67700dd004e7e1141260f2d0b8b3ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
d29afa8b90f5eb08e50fd0e005328d66

SHA1
f1bf06716b850f0391555ad28c221b58489a2637

SHA256
3b578bfb718b468466176b21dd00fe20622ed60fafbc0497e8f7829c46ddd338

SHA512
2dc8f55e51001e1a6dd8aca72618043040fd9d3540bcf7bc6a00b79790221633d69a8d4c9a80cce052bf026b5aefb5c5600d8498441590f29179da9176fa94c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
c036f15b85a21b5152632f04c5175d0f

SHA1
0cc19fa0270952a13d7c3da2539bfcc3d6952633

SHA256
3f1e4e9a40ad49c1815c02d18ca79e9daf1d5c82778a11b645c03e81bb858c7e

SHA512
84f836f6f2ed7d6f210bd427be3707a9dd3efe9b55c8e207b9bff9a36ac344a4c5beb453322d84c6664b441a8036fa847c66ceaad59a5b9ab3cc977580162cf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
916f43ac697a43954ca815560b7a87c5

SHA1
e2f46fb2cb3d6048f3c2d9de699478b3a6afbd5a

SHA256
4e3b41ed5d95e7ca24b79af262e0008cf0ac1fad19773c6b50f2e51c5357b531

SHA512
929e48760759836069e2fa178b727314e961622cbd9e3ff966fe11d3d01e39fd6fd433d27156128522a89fe4f37356e5ad112e677b2d8b1c572693229f26b4b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
02f723ab69045074b40f214fb1cfff4c

SHA1
31c213370147537b691b56b6ffc00937e2c68071

SHA256
4144655c268da67acaa1455e00e49d590bf4522a907a0dd88dfb34f2a2cce915

SHA512
37cfff2790cf7c2774db2933ad29e39cf8c53f3d2e10bb49fcd9435748052048d6ef3f3d0e0f54f33a0351393d4ba3b587b60785d6fac5bb5f04e589dd9a3b70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
41ff573133962868d740fddfce7e584a

SHA1
1e007e97f8b8e21d54783e8f306e75283d97651a

SHA256
4fc20cc7c82f23618d9913d1d8af47a7d03415d9926874a074a5f4e51b9e0cb8

SHA512
06fad5f17b66adca57ba614846752c88fe5f9b2a1c02622f1451f52b4366799af200e3c1dcae62401dd443e9269455f9766bc410d0f70366e29604f8f958a8f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
2b1ffedd7d8946d52389d1109d24d0a2

SHA1
1b95121ae6b51ec331b10f17bba1e41d02b07f80

SHA256
1d035947323b48ac97030fbbd755e9cc412b52461b264a3e2dce5ef6061c45b9

SHA512
fca3eab85a48aae260ff96136eb4efdc5de2d84657576cb5f67e29f8099000d8f511f62f1461c67baefaf2488c0f3c26a0b9e1f505053ee535d4cb37a976655b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
8a131ff211fcd19612934c2ed7dfb616

SHA1
485de5b4d35ab45240c8c24f22c29cca90cac870

SHA256
28b00be41c356a4a6fed72799d8f6a99b71ae609ca147fcc5e024db516392a6b

SHA512
b272e66d4e7681acb93be30014d812fd81ed0c62f3d043c29a39e5d60743abaec8478c93a317c2d2423763a1e7dcdc8333a8f490b22653225b8aabff7f8be0d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Dead Fish.exe.log

Filesize
660B

MD5
284393596fdd49bebd7b861bf339b82d

SHA1
a36767dfc423b3c7fd3ff439b616862743a053c8

SHA256
0e692bcbba51ca4e766a427c9f28a7a4a9e326d2cf835493e57a9dc2121326b5

SHA512
8d3247ee0c3bf9a9fceea23eb5c646dbd8b3d954f4d62622f49070629e642d6a13bfb0d27949e2355c081d45f5a1101f05a9972782a0f0a478ed90f551d2efeb

Download Submit
C:\Users\Admin\Downloads\Dead Fish.exe:Zone.Identifier

Filesize
225B

MD5
03d45280b35d4eac32d87c78d1988425

SHA1
0bcefde0ed6b6c1066eec300dfa1fe075ced797f

SHA256
729bfd45a8ac48872e959503c31340acd05d98bfd6651f03f8254301404133c3

SHA512
c04fe8400d23bcc6c8e8b806e2358aca63a1c2d87ae66f0cd7331dec38374e83fa567b69db87eda8c6bee0674bec4353289e352d325c212b6ba4c57846b12e74

Download Submit
C:\Users\Admin\Downloads\Trojan.Linux.Xorddos.K.zip.crdownload

Filesize
388KB

MD5
b67b3c1f7ded886d104f4e39a147626c

SHA1
ef09e037192a0b49852fc0ddc4055e6e21dc08e2

SHA256
da5b980e96c6bcc67373b74c96d5f55ac9a8030fc6aaa56de9820daf88f99ca7

SHA512
da7a3441cc0a3f4a8ba68019b1850ae1e68da6494089f3ca27f16fa2242266e753748218e09e6e9a63c229457eae74dd8afcfa53c8f5ae4d0901e92e7a8f0c70

Download Submit
C:\Users\Admin\Downloads\Trojan.Linux.Xorddos.K.zip:Zone.Identifier

Filesize
257B

MD5
724256b4657299197e37d38296f00c7c

SHA1
1979480019c221b2aa79daac080e4d4c9100fefc

SHA256
715525f0ad953c7b0eeba91ee2ffbf32598c3d6be80779d89691fa916768e821

SHA512
2c463fd8fbbf09ab2b4eb34be1527c71194091da53d5e936b614f7b868aec279d5e5618b8df4903a716f6e47848a9aecc686465e332b7b8583cb2b6dce12db00

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 459229.crdownload

Filesize
128KB

MD5
aa98ce357dae9a8fea9d1ea301a2a510

SHA1
9280b6d646da4fefb5ac8f48c9c3a08fe33a9117

SHA256
fb9b15b7a19f15da480190040f9c71ff32fd2400b8474fc9c0c4fcbcabc8cecf

SHA512
e4e1539245fa4c47422314726a994d57ef24bdc3d9f84ef359ebacb4cd7edc8feb422ebdf8d8cffc8f5205340fd439ae05deb24ed48cfecc3778a4b5dd452aa8

Download Submit
memory/1388-1182-0x0000000000A40000-0x0000000000A66000-memory.dmp

Filesize
152KB

Download