Analysis Overview
Threat Level: Likely malicious
The file https://github.com/JPaulMora/VirusSamples was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Legitimate hosting services abused for malware hosting/C2
Writes to the Master Boot Record (MBR)
Drops file in Windows directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Browser Information Discovery
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies registry class
NTFS ADS
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-15 09:51
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-15 09:51
Reported
2024-10-15 09:59
Platform
win11-20241007-en
Max time kernel
416s
Max time network
409s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Dead Fish.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Dead Fish.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Dead Fish.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\Dead Fish.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Dead Fish.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133734595422749799" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Trojan.Linux.Xorddos.K.zip:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Dead Fish.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/JPaulMora/VirusSamples
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc4a6ccc40,0x7ffc4a6ccc4c,0x7ffc4a6ccc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1756,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1752 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2068,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2092 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2148,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2324 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3104,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3248 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4584,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4464 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5004,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4788 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4660,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=2656,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5228,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5020,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4408,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5984,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6024 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6020,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5812 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6132,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5660 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6140,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3308 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6008,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6100 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5848,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6096,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5440 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6256,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6260 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5452,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6016 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5916,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5912,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6348 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5792,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5904 /prefetch:8
C:\Users\Admin\Downloads\Dead Fish.exe
"C:\Users\Admin\Downloads\Dead Fish.exe"
C:\Users\Admin\Downloads\Dead Fish.exe
"C:\Users\Admin\Downloads\Dead Fish.exe"
C:\Users\Admin\Downloads\Dead Fish.exe
"C:\Users\Admin\Downloads\Dead Fish.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x00000000000004D0
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.179.234:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| GB | 142.250.179.234:443 | ogads-pa.googleapis.com | udp |
| GB | 216.58.201.110:443 | consent.google.com | udp |
| GB | 216.58.201.99:443 | ssl.gstatic.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.201.110:443 | consent.google.com | udp |
| GB | 142.250.179.234:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| DE | 136.243.127.251:443 | chessconnect.de | tcp |
| DE | 136.243.127.251:443 | chessconnect.de | tcp |
| DE | 136.243.127.251:443 | chessconnect.de | tcp |
| DE | 136.243.127.251:443 | chessconnect.de | tcp |
| US | 104.26.2.199:443 | img.buymeacoffee.com | tcp |
| US | 192.0.77.48:443 | s.w.org | tcp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.201.110:443 | consent.google.com | udp |
| GB | 142.250.179.234:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 172.217.169.74:443 | ogads-pa.googleapis.com | udp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 216.58.212.202:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.179.238:443 | apis.google.com | udp |
| GB | 216.58.212.202:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | consent.google.com | udp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| US | 216.239.38.21:443 | virustotal.com | tcp |
| US | 216.239.38.21:443 | virustotal.com | tcp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| GB | 142.250.187.195:443 | www.recaptcha.net | tcp |
| GB | 142.250.200.3:443 | recaptcha.net | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 142.250.200.3:443 | recaptcha.net | tcp |
| GB | 172.217.169.42:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| GB | 142.250.200.3:443 | recaptcha.net | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 172.217.169.14:443 | google.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
Files
\??\pipe\crashpad_3568_TNJLKJZBEGNJPVRA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | cd796568dc68e24c7e090604fa7147a8 |
| SHA1 | eb40a9d11c1098ee6e89c214c3a41a7aaec38e5d |
| SHA256 | e6d4fe9e879e147e9ca58b76da01422b0944a68d1a6f3a89204e7f892b2ef0db |
| SHA512 | a7961ca453c799321469efcdf7e316b29e9e66d4bcfb2b94a329406b75047196bcc3bd2687ac46bc03d9585d9d0956506681380080ab1c851d9194a868561cd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 02f723ab69045074b40f214fb1cfff4c |
| SHA1 | 31c213370147537b691b56b6ffc00937e2c68071 |
| SHA256 | 4144655c268da67acaa1455e00e49d590bf4522a907a0dd88dfb34f2a2cce915 |
| SHA512 | 37cfff2790cf7c2774db2933ad29e39cf8c53f3d2e10bb49fcd9435748052048d6ef3f3d0e0f54f33a0351393d4ba3b587b60785d6fac5bb5f04e589dd9a3b70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 41e2a11e6a2eb5c88e54a44c6f931c54 |
| SHA1 | 933c5da84ec1de5119dd3a34d5057aff53902a2f |
| SHA256 | a43f870ff1de9809a356d91899cf180dd411be56656f92b22d4b70169910db9f |
| SHA512 | 4d1b5ffd47bcdb3256d055c7c53dc99ba33b92e9b8614bd68d90cebcc24c2c4668ac6be58d1a3d0e52a0ffc649cef14c902d09e34d7797f5e54df5c502ed5fef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b4e67187493e606ca0f382e9de354cf5 |
| SHA1 | 4a5a0d0aa2f6126a3fa53c0e12fb7c288bf48a74 |
| SHA256 | 131ba8633fdfea4ba11e2a0f3c921e04d42bd7f9d441ff953c16e45586cdc112 |
| SHA512 | 99cf9344286e726be30ea7e9bae6bcdeee8e3b41df641972d3452f3748d8a0fec9cd2fbf3228de7978fbf37b35b893e7ef11205cc75932fed9d6a908a6bd9ae3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c7c6322f4e21c3a816272a79c2bb0ce0 |
| SHA1 | 5b5025603c2d6985079ecf6e5c0f89fa944ed8e2 |
| SHA256 | ce991c586ac804bbb35233afb9e0eae6bff62f9a1d0cd1e09f1e9b5d43c01475 |
| SHA512 | 195fcc98ab1c5e9c31ad165e583b00889178c88495d07b844cb8c4fe3d6f7ce74e931e55399d9793ef3aff2215550c842984e46bc3a0eb7fc2371888cbd48794 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e4a02995c64f60e45c9227ed9011d8ae |
| SHA1 | 40857eba7fe65e1a590aeb31f5205d87fe7dc1a2 |
| SHA256 | acf841d1b8dae3f064513727a4519ec08a3a325f8ba72cea6f132d32f78ad6a9 |
| SHA512 | 1e8757c967a509409eb80012f297a9daadd0538c64959ed2b06db4233423727c3d94fc2b3afc9caa4468b24c19912499cec1e96f0387c8ef7e619dbae63c574b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8c2efc61eefc83588b313e1fdaa7a3f0 |
| SHA1 | 03e9d0cf251b1c42892dffc30f9a892cb5e32b59 |
| SHA256 | 814c89ff75c4455723364098524f6eb7431c8f4b8f227f4332a2a29e5233947c |
| SHA512 | e6b64a41b4b7ac356b2dd020cefd5fb83f94069391dab2464c86e803e27971a48e57b2cd9e07820b21fded7aeec272cc0bd2ef9a69399b25c4b7d1248f317ee6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7bb324627d83c3aec1a97f1ed89db652 |
| SHA1 | ffb27d919a8d0e7ebbc072b439a617dd999918f1 |
| SHA256 | aa49be126174dc71b5c103060ddbabe46ef6d29e12675559d7695ffc1350b261 |
| SHA512 | ad7b87d35d7417172bcdf1cb0414e3e485876dec9d4b551d5b48e6eeab7beb820027db21a9132e823590d97f545f27601bb6412911f5c453f2cc1b2d04655593 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 916f43ac697a43954ca815560b7a87c5 |
| SHA1 | e2f46fb2cb3d6048f3c2d9de699478b3a6afbd5a |
| SHA256 | 4e3b41ed5d95e7ca24b79af262e0008cf0ac1fad19773c6b50f2e51c5357b531 |
| SHA512 | 929e48760759836069e2fa178b727314e961622cbd9e3ff966fe11d3d01e39fd6fd433d27156128522a89fe4f37356e5ad112e677b2d8b1c572693229f26b4b2 |
C:\Users\Admin\Downloads\Trojan.Linux.Xorddos.K.zip.crdownload
| MD5 | b67b3c1f7ded886d104f4e39a147626c |
| SHA1 | ef09e037192a0b49852fc0ddc4055e6e21dc08e2 |
| SHA256 | da5b980e96c6bcc67373b74c96d5f55ac9a8030fc6aaa56de9820daf88f99ca7 |
| SHA512 | da7a3441cc0a3f4a8ba68019b1850ae1e68da6494089f3ca27f16fa2242266e753748218e09e6e9a63c229457eae74dd8afcfa53c8f5ae4d0901e92e7a8f0c70 |
C:\Users\Admin\Downloads\Trojan.Linux.Xorddos.K.zip:Zone.Identifier
| MD5 | 724256b4657299197e37d38296f00c7c |
| SHA1 | 1979480019c221b2aa79daac080e4d4c9100fefc |
| SHA256 | 715525f0ad953c7b0eeba91ee2ffbf32598c3d6be80779d89691fa916768e821 |
| SHA512 | 2c463fd8fbbf09ab2b4eb34be1527c71194091da53d5e936b614f7b868aec279d5e5618b8df4903a716f6e47848a9aecc686465e332b7b8583cb2b6dce12db00 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f953d40984bda8702cedfe173dc6b1ab |
| SHA1 | 95767b3c60ed64bb390769144d40c84aa3f6f102 |
| SHA256 | 1ab7ca7067feafb30055d3ceb3af769b8f765648240f43de0820402f494c7eff |
| SHA512 | 0aca93f7560776a195baae61fc9460bb51ec9a0b768ef34ea455691245ac0d2ccd7b86d849e248e56b1b5e12c4a6bab5b96f108cd338fa36b0425afd1e11e64f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c79d627536d27bc72d802b501e5d93a3 |
| SHA1 | 7bf56dd3127e8b6a594194fee1a044af5568887f |
| SHA256 | ed1af1cd867aec22143741115992f9a36bcce6d05632ba3c5ae27e7e6c207766 |
| SHA512 | 2228f449f05e1f6a7eecc23fe8c7b95358b19fb114d307a9bd3e290207274537cc9af6555f5dde8b166a0cea0f00bcf3b3df04a46f20f80cf04dfcccfd98f8a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7a41bc438c1abe79a97155d03aca862a |
| SHA1 | 5c9f5b3dc7f610aeddc82557b438f012f90b789c |
| SHA256 | 8df9348ccfc5268a9f0387ef0d775c9c351a7b5536b3d6d53de9559552d3c2d7 |
| SHA512 | c47888f4ac36c02cc8d92a96fc6192e8c04d2994926c83c23dbfd681a0fdcc3fbc0bca2c2e122e7f23cddb0b986326908f7ff099f4508ac73cae3af376b926f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1a706c099c61c0b2abc22b76a8ac5b7 |
| SHA1 | 9fb3d6f92626b74ac17f6a0606b161bc28cb4b0a |
| SHA256 | f6c47de206f682f90ea423d2e4a2001f62041062ce5ccd308c9b1c3f3643396b |
| SHA512 | 6bb92d3ce26da9b71352b8525245b3c0d73fff54f7f550a22ab620f7e2061aa73685f7600974e1d81211f7d78d9619c702d03d9cc2f8f29b679cb20d4771e7f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 32fdffe1509a09914f5fe3dd55b48cab |
| SHA1 | 1e464607c16dee6fafb089e43f876b3ef9e8a662 |
| SHA256 | 3116c015ae286d6e95e659fee05116db303698e409dd7a0bb53ff84c46c24efb |
| SHA512 | a6c3e48d28a20f2ee9930ea0a185ce55f3cdea70c6d8a4b620bf52ddc537342bcdaf8f27ed6dca22ae6610d4cdd0b8923a80ec4cfc7db331eef4bed7c4d8d251 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 2928fefca683259429dbe8fe4f6330c9 |
| SHA1 | bb583a1edfdcaa15af5384c56cfccdd46cffe850 |
| SHA256 | 979f95824399899d5ee400f8dc5113c782de85dee10915d353f68eee1d0ef36b |
| SHA512 | ce39fe69a78ff8e1330d59566955c3e5a427a0b4f0c45eb22b240a1ad120e9693a0c4f3d60729de0f8a8fd9619e4ef122337d1005b9bf6404fba1aef68b43e75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 37fee1c37a61579efce6636a3c343e58 |
| SHA1 | 4465a56f3d505408a8842fd2413b125dcd697120 |
| SHA256 | 0c67d411df43c45956a7347d195dfb7d4e99012b69992df19ea0f2539b82b9c5 |
| SHA512 | 159b389a5011f7c6acaba06bc07c01af32290313125d813f22389bd125ba42bffc3be2146b0b220fe2cb3b34e9121208230b20538a15b27a38bd18e0a820ef80 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 40d352a091e52dcf4068fa0572f01834 |
| SHA1 | a3ddd2145f6b53a812bf2c50dd7f8f176c3edd15 |
| SHA256 | 33bc70257f3359a86fd464fb8090e86203f3ba99ebdf291b5f4b46ce635e7921 |
| SHA512 | 4671beba821fc5e3bbcca073f8b94d6692a8c5344b55fdb2e916542bfc862e8ad5162817648a4a65a77c64abd71ee74f00a9462bcdcf8bc4c99e0532ce23ce43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 095657847403531427180bd9bc575748 |
| SHA1 | 9f69a81ca03a2095de3ee999bd42218dc01120b1 |
| SHA256 | fc7b79c1e0d94148e806c5b0fdffa2359d1420197e0d8089da858947a68f41b7 |
| SHA512 | f604e66518292c6379a281cc703055cbbce13eefbce2f1329adfc8d4f76cba24edb67aadc58deedcbb20168a1a765d1ae74f50c628231f8db066bb08078a3ff9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48995287f0c59244acdd6fa393360aa1 |
| SHA1 | f47d28e4034eeb638778fbd0c3d6348fca72acbf |
| SHA256 | 42083e5b42d1d761a478805bedc3bb55403fb35afa14447a2f2949dfee0416c9 |
| SHA512 | d2357c1c9e60d9d8bd8b8b86e53408399f77d70b670b84cad1af913dc85f8a343bc37aad0df32cfcfb1d32066f17dbbea010e2242e83a004c53a076a22b6e85c |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b695115689d9e58a2eb43bde5bbd2fa4 |
| SHA1 | 35ec9ebbcb78e08a79a1714f6d7d812ab8cbf4a1 |
| SHA256 | d019c6a2d417e7d01931d4293af3e204fd70bc54574ce1d8126df2d8fe5ae656 |
| SHA512 | 29f602f911dbffab360993d8bc4f91d1fedaf9dfad08cdfa521037bae4e82cbd651bebacea2f5943df44dfe188c107388d3626e2b1e82da90030c4965686379c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 20d90f28fed7738e0345b4e1aff7f108 |
| SHA1 | b870404e85c50073a2c45c0c4ff1fc47072f6374 |
| SHA256 | fef89206c2e44479aa404fdfaed0abab777f8189c1270a6fcd3e362607f4740b |
| SHA512 | aa2d4b8f65cebe55ac1fa70c9c3330e1b74b286c37af89de589cc727d7f05ff6d400ac2d5a5651831946d7f3eb2c9250069ef551eb7d1c939eb3b7319326f1a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 849dc0b5332ad80f82a3ed3cb871f49c |
| SHA1 | afe2c4090c614589895861f00ae52a9c27d02e1b |
| SHA256 | ffe50865b11f669190531b84bb28c1039559a4f4981784d12d70ccb9fa7d1a9e |
| SHA512 | df1676c328803fb05408b0510b3f8a375055c09b4f24393d34c02bc2b8aadcb85b8bb16174599604a0a42a47861fd9ef75257e30b22ee522492dcb86e2ba78f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ef7fe1b37aa9a325c0d8a39181fd400c |
| SHA1 | 681169a5e81950bcb7b20493b932a095d1779a2e |
| SHA256 | 3ddb1acce3f63c1793b5ec218377ebdf366c84c723673d302f48d9fc3be30559 |
| SHA512 | e88a011be5bacfa5068e67ae6a9a28c1f18babec93998f0789ed63823b83f86321ef27047704b33aeb1add96216b400c219914e373272a5bc758df8a829b03e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c092058a73d05da25816eb99e2602b60 |
| SHA1 | 65e03690b1bf39c2ebd5726e46e55c49965f8561 |
| SHA256 | 113ea1f1f8d9237f65c6c1fcc4fc72648778b9d67bb23eb242d568acdf06489b |
| SHA512 | 428b188a3c4f074d917ca0cb502308c2c70658f0e995ed578280e59c2757ced4b1c694b134bb3c7cead727318c1cfec581fb4e914b3caaf8689e23c42eeebe49 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ba57238a351ac1bccf61d7982e04dcb2 |
| SHA1 | d3f592c3752d2c06228ce5ab837a896e39b2f19a |
| SHA256 | 5e4c6e1fba147d3d59894ecb2da7dab9a925d4fb2d450910c65b441333a2a8f1 |
| SHA512 | d781209c5b2d8b998a6a8f70c7a25e7aebcac0144ce15d6d7950741a2ed0fe39ab6113df0b1e6230e5f3f4630c40386df9f2c94635718f381daf8c40305a93ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4745e76b4669f863e8347d78c6eec872 |
| SHA1 | 079d5fa4e5862b72e11eaefcc450c892ac9b676d |
| SHA256 | 0f9c2ea158a221ad886d42714e1cc15971f26c95ba1f3c8a67159d0e14ea86ae |
| SHA512 | 44c1da2fcdb53a8f898fd7cdd44c5320a0872e7a1ef78da744714113d7ea760fc18f83a8fb2abb679b288dc3cd3b6972b4ba41d22d1533630e84ca884e9db93f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 410433a00c0fb1cdd5eda905597bc5ab |
| SHA1 | 7f06e0921ff58c0271e3c42b4c5ac8d1c942b4d5 |
| SHA256 | 0a0e30d79b68f5cf43b1576560e2e0d5fd8a3db5020c89fe2f4f78d38dd4d8ce |
| SHA512 | e05366bb3989d9a0195489dadef286ee18b7da1b9b632765e7c685aaad674236fe71aaf81de8915ca333524ae11be830ad29eb7382749946b1fe8ecfd76573ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
| MD5 | 6ee91c368f2ccb27602daade4d6a0c6d |
| SHA1 | 07417fb3286163c5aa48364a5b07e1b4c170fe66 |
| SHA256 | 9b9b540f18a899f45bc1261fdf85db06ac0524e47cad52edb27e1de5defcb1e9 |
| SHA512 | 6263d93d37f93669a203152df119c59f59ed5bc48e6ca2b4b9b1941ddb3a1176c4bc76f6e02665a6563c6eff2b8683a88aa51aeeeb8aecfea343182f8a01bcc3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2913625a6d4741938d5cd7882a328c71 |
| SHA1 | fd81f32447934933c3054a39a3808c0952e9a784 |
| SHA256 | 6b02f35be1554293bf9aeec9fb605d1b54687ac9d952c1eb96dbea7d9f35d14d |
| SHA512 | 55612dd8cd46301c5488500f0d465d37450e80b564cf99ac0752ab20e0994b99a3559a065d871fd15177b25058c16a98a60bc06996d6b57c92d6670d2b137918 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4e9434c4b7baed88293a5451b1644b58 |
| SHA1 | f5a517c316617e2f4eb241ac0dc56513a44d19f9 |
| SHA256 | 50626eaa094a4e995e4ebc418237dcfc9cb7fcf93706976617b703669be8ee4f |
| SHA512 | bcb6a4ef8e619591280f88504e099c19c0cd07c8885f1b8b35fdcb603e12e8dc3f71b06c3feee349addd9cbbd5c60be0c0a1b0ffdf20401f68317276655035a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 357a207df89e921a6dcf76546158e1c0 |
| SHA1 | 03bf16471a14fdcaed73ebde889fc0592617c6be |
| SHA256 | ce42ecac57ec84d530e5bf0563d9109674075a93008f8eb1c1f6ccb5eeeb2a2a |
| SHA512 | f38fc8469182cd34f021534b4243fef97a477e4690747f3dc3ef296eb4e6447dbd47b23edf5010dd117c969088023bdedc422b6db98eb35eb36c9ad37fb3340b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1dafa6bead59c4d5f5ae92c69173dca8 |
| SHA1 | cd0f6695a5053f90af31f267d104f8bf9c9f18f2 |
| SHA256 | 8493419017bf6533facac9655dd0b575072a4c152427b446745b22658dc80498 |
| SHA512 | 52ca8f6bb536bd4e96e80686250b5c7d95f83f24fd73a61f50eccf873041ff631e0c170b6093ac530debe97510d92411ee25152303c1337c1ca6eeadff4d67d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ecdde06c6c35a4b96a6798f7313df212 |
| SHA1 | 6052635793b9bb010a4d2b0efb678c395c54cd9c |
| SHA256 | 5c9ef1ea3d69fa0bb564d1d110e251d64299a6d8b5c348d04ae386e079dafda0 |
| SHA512 | 95445302dd425284c1c2c53788ea7ea77a02ace74dbfeb38fc5e63987f310701fc63b5a8cc4dd81852f7b5ede3d9f7a67a43e6e0bcdda3def9ebf22e711b7fdf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ab80feeff2ce1acf556c5ad88db3ce05 |
| SHA1 | 7acfffe6ced9da98e344cab5fcaccfec90dd447a |
| SHA256 | 5df270c1fe73defd2aa23b8030adfa537d9fde95b683024a0d0f5d49aeaf73f1 |
| SHA512 | 020904bc8b667fcd08c6e5835e78d554b0ff3253a2a46deb0e22f3a62a55c911a340c4da51f4bda9f421586265de5dbd2113bfc7a617a44a6317b2fe6fb71c76 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2b1ffedd7d8946d52389d1109d24d0a2 |
| SHA1 | 1b95121ae6b51ec331b10f17bba1e41d02b07f80 |
| SHA256 | 1d035947323b48ac97030fbbd755e9cc412b52461b264a3e2dce5ef6061c45b9 |
| SHA512 | fca3eab85a48aae260ff96136eb4efdc5de2d84657576cb5f67e29f8099000d8f511f62f1461c67baefaf2488c0f3c26a0b9e1f505053ee535d4cb37a976655b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4089fdbd21cb60aba16ffbec6446ff30 |
| SHA1 | c6c16f5d8fb3b0caf5d2478d256c8d4c77f661d3 |
| SHA256 | 757e97a6230762edcf906e83e81eac1775e82397c5a699d6ddb991eecfd5995e |
| SHA512 | 31fa03c06d4a32b1a05cb3cdedf0704032a161527aac382d35c909c0e90c415681ae44ed9a5a2e14c8c13ede2ccfb5327e4a36d9b593460ed02ee905be6f60dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 824af66b0b9f73117753192653837542 |
| SHA1 | b1298f8a646709d1fdc8884590e59544c5c4ec86 |
| SHA256 | f12c7e7cd3dc53018bde411afdffa4a7903548ab3e29b968aca98513ff2ed165 |
| SHA512 | 1a55b4ac22604e2036b7e9e8f5182f50a04641f8efd514ed0dcb68d008a9685e4d7b847d7410fcc019c504a073133d31a76cce87b36184c353b077d0b9bd0628 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
| MD5 | 962ceb08caaeb3948f28e3706ed82699 |
| SHA1 | 62c2f4970697ba95637d1e5defac391926eb03e5 |
| SHA256 | ca85e3f647dd0b48f161f27902e05a4f6024d6cd22c0de08a91c89ed1a519ee2 |
| SHA512 | a6318fb167f3156a95739f5afddf5e74f6d256012037e0a96961072881a8f43fc9e28f6e9deb636ffb8848b820097fcfcb5be05fed0bce9c484ed1002420e306 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 017ee9a1a90c03a03c9c790e50038cd3 |
| SHA1 | fa41a4290a6f270fa06ee464dfae41378a83f6db |
| SHA256 | 0ac0c6606d8adaabc0f3ef1efd5e105de2556f715cfdc72b553dd9cd858ec36c |
| SHA512 | 3416cb277f3bff978f43025242fd5c47399c6c6ae7c402d04b1bae4dec3ee6da8e390ce1dccaafcd263d88e380d86050a85e34ab37ce8fcaa07277c2dd9bd64f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e
| MD5 | 6a3fa48cac5c7550f11b03aac28d33d4 |
| SHA1 | 92c5db9a7f6f6daea68710808bea66263aebe6f4 |
| SHA256 | ff9c1596eb2f59a6e50bc30db808069aeda2905435273fa72ae60dd4e249378f |
| SHA512 | d8456f57d12c6c22e252c372568f456c7488e619e0701235d3242da3b4848b9e9e0e6f3d5761a72c28d093bd480e735fb63dfc08d2d0222833ae8b255ceb3e0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 41ff573133962868d740fddfce7e584a |
| SHA1 | 1e007e97f8b8e21d54783e8f306e75283d97651a |
| SHA256 | 4fc20cc7c82f23618d9913d1d8af47a7d03415d9926874a074a5f4e51b9e0cb8 |
| SHA512 | 06fad5f17b66adca57ba614846752c88fe5f9b2a1c02622f1451f52b4366799af200e3c1dcae62401dd443e9269455f9766bc410d0f70366e29604f8f958a8f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 07d0f2983e3ea3d55ed98059a4eab130 |
| SHA1 | d41484542b7fbad7c05ec66bb7c4390ab7187a35 |
| SHA256 | 85829c367f2958007bdcdca0496374a7521af3c160fc0f50245775d51b041160 |
| SHA512 | 1ef48d4bf227530dfbdcde61dfd0ee268b2b9b87395f5f9e86af2b658ef48a18a9eb643757dadc02827c00ec1c842539122f22163b8a39eb5b6b9ffdd17baf52 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b9c3d04b9a748dac1139590f3628fbe9 |
| SHA1 | f47c9b3ca77c58729bfb49c7c7aad1f46f5740fc |
| SHA256 | dc4eaeda33f2ed090a3f06f0d4eafe31e07e92d720dc09fa665494c15ffd97fd |
| SHA512 | b874234e47325f0b676f9df15b29d8de9ff4fd8ec5d532cf4421c8d133e1b5dfab9f3960dc9a6324be9a1e42f0e12cc34a6e3aac6aebb3cce101e6638ef4337d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\df132b9b643c5dec_0
| MD5 | 46390e2ea31cea866696f2a07ac71052 |
| SHA1 | 231cdabe3e6ff4f303de8ef04723ebcc579a1d34 |
| SHA256 | c9fc85bdc0529ae2de5935cc032c76f3926b78593aeccf5191b0e6656a54c953 |
| SHA512 | 91dcad8540207f4d8c5aca4fb03115dc6e2a6ed646aa9b36bc13088ad7b846410c6364ae9cd1903d549a563e92b6a9dc60d17059429f4735ac5ae6ea3c52f3c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\11448c48208acbcb_0
| MD5 | 7ff842599dfd7b5daf2cc460d843f967 |
| SHA1 | cebeff7361d7fefc11a2d4c0417badf3644affc0 |
| SHA256 | cf24822365129dcb61dbe1e2d6153dd0c2a140935f093ed75c7f057826164de7 |
| SHA512 | c6849b41bb8e6685180e13eb03348b973b3aeb0068b90441bec92e7f07df79c1202119bf20fba7e030ab5f3f6e5c98d9d51189c3ce407fc2e0ff3bd1cb4e8cdd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 2e23d6e099f830cf0b14356b3c3443ce |
| SHA1 | 027db4ff48118566db039d6b5f574a8ac73002bc |
| SHA256 | 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885 |
| SHA512 | 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dec68f3879fd2242743a02096d491857 |
| SHA1 | a44977c77922a3476d0e1a3be7bedb2945ccf3de |
| SHA256 | 14153ab2c6f0a16b6ef174a919975435decfe0e5a4a5cfbb3f189246719fc20a |
| SHA512 | 3c0696fcdde549ccc39ce89d05e7bce01906eeddfdbe6bf829ee4f97392c53265d618f45c116460b5bc8c90b93a612825cdd58a268900d3c590168041d1da6e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dcfa83f02ebdc9a57756307a97fa9b12 |
| SHA1 | 0fdf18b0db4f18d4bb8361f9159f4ec2a5d78373 |
| SHA256 | 07be036c3bf15eb6f302f585da6ffb0d840559373fbe50c1057f62113609d82b |
| SHA512 | 7a52916663b64e04d4a18dfd6509c56a0bcc564f53ff9f4cb2c5641f35f9978534ab124621c190bdc634700508fc541a177d4464080a16e1f49f841e49a38f07 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c036f15b85a21b5152632f04c5175d0f |
| SHA1 | 0cc19fa0270952a13d7c3da2539bfcc3d6952633 |
| SHA256 | 3f1e4e9a40ad49c1815c02d18ca79e9daf1d5c82778a11b645c03e81bb858c7e |
| SHA512 | 84f836f6f2ed7d6f210bd427be3707a9dd3efe9b55c8e207b9bff9a36ac344a4c5beb453322d84c6664b441a8036fa847c66ceaad59a5b9ab3cc977580162cf8 |
C:\Users\Admin\Downloads\Unconfirmed 459229.crdownload
| MD5 | aa98ce357dae9a8fea9d1ea301a2a510 |
| SHA1 | 9280b6d646da4fefb5ac8f48c9c3a08fe33a9117 |
| SHA256 | fb9b15b7a19f15da480190040f9c71ff32fd2400b8474fc9c0c4fcbcabc8cecf |
| SHA512 | e4e1539245fa4c47422314726a994d57ef24bdc3d9f84ef359ebacb4cd7edc8feb422ebdf8d8cffc8f5205340fd439ae05deb24ed48cfecc3778a4b5dd452aa8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 038e6a44bd66673ba816457550d55056 |
| SHA1 | 89687a4414b75192fc1764f0180e9c8c21259b10 |
| SHA256 | d147a363318edd276af260cba255d6bbffc59c7026c72cf6aa01ad2e23efa2f9 |
| SHA512 | 46d1e4cf579343349e573c0d64cbdc69d217db2cb6ddb69f88b63d9036347fe749f3e1a26291b5133f9955db04b40cdcd62a64786468cb589354a44c48a24f12 |
C:\Users\Admin\Downloads\Dead Fish.exe:Zone.Identifier
| MD5 | 03d45280b35d4eac32d87c78d1988425 |
| SHA1 | 0bcefde0ed6b6c1066eec300dfa1fe075ced797f |
| SHA256 | 729bfd45a8ac48872e959503c31340acd05d98bfd6651f03f8254301404133c3 |
| SHA512 | c04fe8400d23bcc6c8e8b806e2358aca63a1c2d87ae66f0cd7331dec38374e83fa567b69db87eda8c6bee0674bec4353289e352d325c212b6ba4c57846b12e74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 625288ed6e1875d622ffc8e209ed9fbb |
| SHA1 | f73f0f6db63165a2846a5a50937d80e74d5d8ea3 |
| SHA256 | 7e936f4b8bada8f083a2d56daf908f3fbd10825a8a6cc9a3e7aa154790a8e10f |
| SHA512 | 6143bb6c925a425a32dae3ea01bd0092963eb36186f7e131de325f61caf246742413c928ab7833e502640be31ddeda0031594c7e929df94c24ff3c92dec58331 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051
| MD5 | 1585c4c0ffdb55b2a4fdc0b0f5c317be |
| SHA1 | aac0e0f12332063c75c690458b2cfe5acb800d0a |
| SHA256 | 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5 |
| SHA512 | 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8a131ff211fcd19612934c2ed7dfb616 |
| SHA1 | 485de5b4d35ab45240c8c24f22c29cca90cac870 |
| SHA256 | 28b00be41c356a4a6fed72799d8f6a99b71ae609ca147fcc5e024db516392a6b |
| SHA512 | b272e66d4e7681acb93be30014d812fd81ed0c62f3d043c29a39e5d60743abaec8478c93a317c2d2423763a1e7dcdc8333a8f490b22653225b8aabff7f8be0d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 24ff9852159867d088abafccdd1eb27d |
| SHA1 | 3e815d296da20814df77feb12d9a529911b51be8 |
| SHA256 | 4eb44095280d95df5fa4565e2443a371ae5d5786addca38be8df2fd484136635 |
| SHA512 | dd3e4a54ef57c8b9b3c099001ebea2d1445d117cc3eeb10d3e926dcdb20095eb7ba743a95aaf3df6a534fe2f576947c6652ca63d3936493bb7764ad89e523c29 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c42e67c4c917daa7f2d3fba10379016d |
| SHA1 | 69bb27e3bb104e56010a113d9e9af26d3c1d11ec |
| SHA256 | 20f5dd91db31ad0607e39644b3975e8fa43702a062101e63e3c7950099c04392 |
| SHA512 | fcb1be6640a589f2c0d73c298411e0616333687ca7adcd275de63882cc8caf90b43511ffc761adad16181e02eeb05a3b1e0bc3cd85f9f89ecfc0ba26a68db11f |
memory/1388-1182-0x0000000000A40000-0x0000000000A66000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d29afa8b90f5eb08e50fd0e005328d66 |
| SHA1 | f1bf06716b850f0391555ad28c221b58489a2637 |
| SHA256 | 3b578bfb718b468466176b21dd00fe20622ed60fafbc0497e8f7829c46ddd338 |
| SHA512 | 2dc8f55e51001e1a6dd8aca72618043040fd9d3540bcf7bc6a00b79790221633d69a8d4c9a80cce052bf026b5aefb5c5600d8498441590f29179da9176fa94c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 1675eea70b14c72e2d158353c3cc5721 |
| SHA1 | f129ff02f7563266b5fc72da2b244fd63a6c1107 |
| SHA256 | 70fa9edd91705163c1bfc77871708039063b026d00718f71eb2868badbb36d9f |
| SHA512 | f0e8e9199009c194d5a07d1ed0070c3989adbf0ecb1b62cd62c5d539de00d189a26ea215faeb83fc21a4a65fa30ba549423ab6ddfa44e8dd12fb622b02960b9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 561b87a3ff088cd8107b4c8829e6869b |
| SHA1 | e9dd2e007f8441b302d2ae66631ce6355236d58d |
| SHA256 | 12e29a0a76cb1d7db57940369c9ec954c0377e5ccde19426bf9f23a75ab1d6b8 |
| SHA512 | 44b13b953e353a0adfe7b80e6606c51a0bfa6325363e58a8976c19d744bd82413ed0b85bb99e0e1f9af1ced31b7ff350a294e684e305fdbd4f911c9507f3857b |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Dead Fish.exe.log
| MD5 | 284393596fdd49bebd7b861bf339b82d |
| SHA1 | a36767dfc423b3c7fd3ff439b616862743a053c8 |
| SHA256 | 0e692bcbba51ca4e766a427c9f28a7a4a9e326d2cf835493e57a9dc2121326b5 |
| SHA512 | 8d3247ee0c3bf9a9fceea23eb5c646dbd8b3d954f4d62622f49070629e642d6a13bfb0d27949e2355c081d45f5a1101f05a9972782a0f0a478ed90f551d2efeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b0db3381630c55b38805ef941f79b9b6 |
| SHA1 | e8a304853d7fabf45d85e02ce8e6936debae13d3 |
| SHA256 | 16c871bebbc23aa4815c229e67c0dfe6f21c73dd748b4a1bbd48b40c62652107 |
| SHA512 | 497524ea3e974ba2d11226e23c554be8509e64954278f4dfd49399306c61718f88926aa2b9f069c953b5508efc4e7abed5e05c0b89bf3e5b2269f4d35e02f05e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f6fbb777cef0443ecc0fd9d99d8dabfd |
| SHA1 | 8d70661f0a9413ee8c8b9c8e4dcbce750cf1f404 |
| SHA256 | 620435275adc1f34fd3ef3ebc686ced469f344fefdeda5dd1d972c9064bbe981 |
| SHA512 | dc378d92bde5c09ae9cfc36ac6e3068ce3a78fe78bf421c9b35ab4fb6204717a35f411f160f4619766894574f44ff819140c0917e6e88c9b20cc79118cfbddde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e1cbc4b702ee09d70306082985f2b501 |
| SHA1 | 64077219d2a5a9d6dd1d5119bbba028f7a15c205 |
| SHA256 | a0a02808c4bd47b075a5d4e44ae3e139a01732e85545c1eb13c95cfe93385e7d |
| SHA512 | 658d1d11d31c264ea902a366d7e936bd82516fe59feacfef26caeff89a64a7791a55989fea5b241aa11275cfb770bec9d0764abdbc46aec86003724cfec8c175 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2444a227ad0a84ab66e51b60901caad7 |
| SHA1 | 0f0a6536d0d5e4fb28c037328636dd11b0f9f8b5 |
| SHA256 | 160388a6fc197dda57fb526cfeebb85a7349268cd1fca11868d70fb71560fee8 |
| SHA512 | 7c50bd7302fe6851b9f3b7a0e00b4c1e52278ca8ed2a05ea80868d1dc0ff2d69bd1a131cba99ec04e3f9ce4b3fca679d6b76a0d273805417b187a1abc13267a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6173d8b26941d292d5d4495641437484 |
| SHA1 | c3fe8cc92f2312b38b826fd14400c8b691e583ba |
| SHA256 | 89ebd4ee738533a7bf71b94913fde5c76e01e2e840901128e7550ddce4e2c8d1 |
| SHA512 | f593abb3f41a681b1b36493d5534ef54f31f41500988ccaa32bfca3283c565e2913c1a3d981e2d8f14d0308d08b7ae1544f69e9e51176c8d8d34a633c2ccbef0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 204a88c9b12b81346921a4037b706fc0 |
| SHA1 | 2b0c5a568334a424ffe9c7bb46d78e6498717d98 |
| SHA256 | 27cd6d50463bf0abb37b129e9641fd33345e71a0b974d6482b5f650e93a55c54 |
| SHA512 | a2473dc7f47caa34dd9a1d5615848396008858fe50c4a3b0af94935a286a2be3565de65b2447cec41534c370d66dd2814c27f2542fc42705d1516812a253b1d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a078ac3dbbddd9e72e27dcaef510a1d3 |
| SHA1 | 666fd91ac9c1eae487e1d0f350b70652a54e98d2 |
| SHA256 | be50671ea65372a415be2a9f5b5e2ad4ced0f5f0b021f78fbede35b1d8caebe6 |
| SHA512 | 29ee41a732cfdd5666a2c69ca2c1f79a808f885990b1ed20cfb5b141d50f7cdab2335c280da4a4e30fa671a951f6821788a0b610e19ea9a903ad0a2203b58a5a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e417919b7c9c3e220da2a0b5801ba969 |
| SHA1 | 4e5e7145075af83fd4490ccded31cd5c8a969286 |
| SHA256 | ee55e78ab642a5e3f10c1db54561e71b63859b2b9ec649f747f664f8834b05c1 |
| SHA512 | 0e495ada2c759c69e9669c93b1675dacb869190ca1cf01fa3c3ba24856ebc7809dfed285b1cd2950d496991966f011a6bd67700dd004e7e1141260f2d0b8b3ae |