Malware Analysis Report

2024-10-24 20:53

Sample ID 241015-lvq93sxflh
Target https://github.com/JPaulMora/VirusSamples
Tags
bootkit defense_evasion discovery persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://github.com/JPaulMora/VirusSamples was found to be: Likely malicious.

Malicious Activity Summary

bootkit defense_evasion discovery persistence

Downloads MZ/PE file

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

Writes to the Master Boot Record (MBR)

Drops file in Windows directory

Subvert Trust Controls: Mark-of-the-Web Bypass

Browser Information Discovery

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies registry class

NTFS ADS

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-15 09:51

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-15 09:51

Reported

2024-10-15 09:59

Platform

win11-20241007-en

Max time kernel

416s

Max time network

409s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/JPaulMora/VirusSamples

Signatures

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Dead Fish.exe N/A
N/A N/A C:\Users\Admin\Downloads\Dead Fish.exe N/A
N/A N/A C:\Users\Admin\Downloads\Dead Fish.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Downloads\Dead Fish.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Dead Fish.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133734595422749799" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Trojan.Linux.Xorddos.K.zip:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\Dead Fish.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3568 wrote to memory of 812 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 812 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3568 wrote to memory of 5964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/JPaulMora/VirusSamples

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc4a6ccc40,0x7ffc4a6ccc4c,0x7ffc4a6ccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1756,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1752 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2068,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2092 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2148,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2324 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3104,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3248 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4584,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4464 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5004,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4788 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4660,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=2656,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5228,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5208 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5020,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4408,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5984,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6024 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6020,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5812 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6132,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5660 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6140,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3308 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6008,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6100 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5848,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5556 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6096,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5440 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6256,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6260 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5452,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6016 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5916,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5912,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6348 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5792,i,8946477243352824001,15072155893685093787,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5904 /prefetch:8

C:\Users\Admin\Downloads\Dead Fish.exe

"C:\Users\Admin\Downloads\Dead Fish.exe"

C:\Users\Admin\Downloads\Dead Fish.exe

"C:\Users\Admin\Downloads\Dead Fish.exe"

C:\Users\Admin\Downloads\Dead Fish.exe

"C:\Users\Admin\Downloads\Dead Fish.exe"

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x00000000000004D0

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
GB 172.217.169.74:443 content-autofill.googleapis.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
GB 20.26.156.210:443 api.github.com tcp
N/A 224.0.0.251:5353 udp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
GB 20.26.156.215:443 github.com tcp
GB 142.250.200.4:443 www.google.com udp
GB 142.250.200.4:443 www.google.com tcp
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.179.234:443 ogads-pa.googleapis.com tcp
GB 216.58.201.110:443 consent.google.com tcp
GB 142.250.179.234:443 ogads-pa.googleapis.com udp
GB 216.58.201.110:443 consent.google.com udp
GB 216.58.201.99:443 ssl.gstatic.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.201.110:443 consent.google.com udp
GB 142.250.179.234:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
DE 136.243.127.251:443 chessconnect.de tcp
DE 136.243.127.251:443 chessconnect.de tcp
DE 136.243.127.251:443 chessconnect.de tcp
DE 136.243.127.251:443 chessconnect.de tcp
US 104.26.2.199:443 img.buymeacoffee.com tcp
US 192.0.77.48:443 s.w.org tcp
GB 142.250.200.4:443 www.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.201.110:443 consent.google.com udp
GB 142.250.179.234:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 20.26.156.215:443 github.com tcp
GB 172.217.169.74:443 ogads-pa.googleapis.com udp
US 140.82.113.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 216.58.212.202:443 ogads-pa.googleapis.com udp
GB 142.250.179.238:443 apis.google.com udp
GB 216.58.212.202:443 ogads-pa.googleapis.com tcp
GB 216.58.201.110:443 consent.google.com udp
GB 216.58.201.110:443 consent.google.com tcp
US 216.239.38.21:443 virustotal.com tcp
US 216.239.38.21:443 virustotal.com tcp
US 74.125.34.46:443 www.virustotal.com tcp
GB 142.250.187.195:443 www.recaptcha.net tcp
GB 142.250.200.3:443 recaptcha.net tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
GB 142.250.200.3:443 recaptcha.net tcp
GB 172.217.169.42:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
GB 142.250.200.4:443 www.google.com tcp
GB 142.250.200.3:443 recaptcha.net udp
US 74.125.34.46:443 www.virustotal.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
GB 172.217.169.14:443 google.com tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp

Files

\??\pipe\crashpad_3568_TNJLKJZBEGNJPVRA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 cd796568dc68e24c7e090604fa7147a8
SHA1 eb40a9d11c1098ee6e89c214c3a41a7aaec38e5d
SHA256 e6d4fe9e879e147e9ca58b76da01422b0944a68d1a6f3a89204e7f892b2ef0db
SHA512 a7961ca453c799321469efcdf7e316b29e9e66d4bcfb2b94a329406b75047196bcc3bd2687ac46bc03d9585d9d0956506681380080ab1c851d9194a868561cd0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 02f723ab69045074b40f214fb1cfff4c
SHA1 31c213370147537b691b56b6ffc00937e2c68071
SHA256 4144655c268da67acaa1455e00e49d590bf4522a907a0dd88dfb34f2a2cce915
SHA512 37cfff2790cf7c2774db2933ad29e39cf8c53f3d2e10bb49fcd9435748052048d6ef3f3d0e0f54f33a0351393d4ba3b587b60785d6fac5bb5f04e589dd9a3b70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 41e2a11e6a2eb5c88e54a44c6f931c54
SHA1 933c5da84ec1de5119dd3a34d5057aff53902a2f
SHA256 a43f870ff1de9809a356d91899cf180dd411be56656f92b22d4b70169910db9f
SHA512 4d1b5ffd47bcdb3256d055c7c53dc99ba33b92e9b8614bd68d90cebcc24c2c4668ac6be58d1a3d0e52a0ffc649cef14c902d09e34d7797f5e54df5c502ed5fef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b4e67187493e606ca0f382e9de354cf5
SHA1 4a5a0d0aa2f6126a3fa53c0e12fb7c288bf48a74
SHA256 131ba8633fdfea4ba11e2a0f3c921e04d42bd7f9d441ff953c16e45586cdc112
SHA512 99cf9344286e726be30ea7e9bae6bcdeee8e3b41df641972d3452f3748d8a0fec9cd2fbf3228de7978fbf37b35b893e7ef11205cc75932fed9d6a908a6bd9ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c7c6322f4e21c3a816272a79c2bb0ce0
SHA1 5b5025603c2d6985079ecf6e5c0f89fa944ed8e2
SHA256 ce991c586ac804bbb35233afb9e0eae6bff62f9a1d0cd1e09f1e9b5d43c01475
SHA512 195fcc98ab1c5e9c31ad165e583b00889178c88495d07b844cb8c4fe3d6f7ce74e931e55399d9793ef3aff2215550c842984e46bc3a0eb7fc2371888cbd48794

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e4a02995c64f60e45c9227ed9011d8ae
SHA1 40857eba7fe65e1a590aeb31f5205d87fe7dc1a2
SHA256 acf841d1b8dae3f064513727a4519ec08a3a325f8ba72cea6f132d32f78ad6a9
SHA512 1e8757c967a509409eb80012f297a9daadd0538c64959ed2b06db4233423727c3d94fc2b3afc9caa4468b24c19912499cec1e96f0387c8ef7e619dbae63c574b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8c2efc61eefc83588b313e1fdaa7a3f0
SHA1 03e9d0cf251b1c42892dffc30f9a892cb5e32b59
SHA256 814c89ff75c4455723364098524f6eb7431c8f4b8f227f4332a2a29e5233947c
SHA512 e6b64a41b4b7ac356b2dd020cefd5fb83f94069391dab2464c86e803e27971a48e57b2cd9e07820b21fded7aeec272cc0bd2ef9a69399b25c4b7d1248f317ee6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7bb324627d83c3aec1a97f1ed89db652
SHA1 ffb27d919a8d0e7ebbc072b439a617dd999918f1
SHA256 aa49be126174dc71b5c103060ddbabe46ef6d29e12675559d7695ffc1350b261
SHA512 ad7b87d35d7417172bcdf1cb0414e3e485876dec9d4b551d5b48e6eeab7beb820027db21a9132e823590d97f545f27601bb6412911f5c453f2cc1b2d04655593

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 916f43ac697a43954ca815560b7a87c5
SHA1 e2f46fb2cb3d6048f3c2d9de699478b3a6afbd5a
SHA256 4e3b41ed5d95e7ca24b79af262e0008cf0ac1fad19773c6b50f2e51c5357b531
SHA512 929e48760759836069e2fa178b727314e961622cbd9e3ff966fe11d3d01e39fd6fd433d27156128522a89fe4f37356e5ad112e677b2d8b1c572693229f26b4b2

C:\Users\Admin\Downloads\Trojan.Linux.Xorddos.K.zip.crdownload

MD5 b67b3c1f7ded886d104f4e39a147626c
SHA1 ef09e037192a0b49852fc0ddc4055e6e21dc08e2
SHA256 da5b980e96c6bcc67373b74c96d5f55ac9a8030fc6aaa56de9820daf88f99ca7
SHA512 da7a3441cc0a3f4a8ba68019b1850ae1e68da6494089f3ca27f16fa2242266e753748218e09e6e9a63c229457eae74dd8afcfa53c8f5ae4d0901e92e7a8f0c70

C:\Users\Admin\Downloads\Trojan.Linux.Xorddos.K.zip:Zone.Identifier

MD5 724256b4657299197e37d38296f00c7c
SHA1 1979480019c221b2aa79daac080e4d4c9100fefc
SHA256 715525f0ad953c7b0eeba91ee2ffbf32598c3d6be80779d89691fa916768e821
SHA512 2c463fd8fbbf09ab2b4eb34be1527c71194091da53d5e936b614f7b868aec279d5e5618b8df4903a716f6e47848a9aecc686465e332b7b8583cb2b6dce12db00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f953d40984bda8702cedfe173dc6b1ab
SHA1 95767b3c60ed64bb390769144d40c84aa3f6f102
SHA256 1ab7ca7067feafb30055d3ceb3af769b8f765648240f43de0820402f494c7eff
SHA512 0aca93f7560776a195baae61fc9460bb51ec9a0b768ef34ea455691245ac0d2ccd7b86d849e248e56b1b5e12c4a6bab5b96f108cd338fa36b0425afd1e11e64f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c79d627536d27bc72d802b501e5d93a3
SHA1 7bf56dd3127e8b6a594194fee1a044af5568887f
SHA256 ed1af1cd867aec22143741115992f9a36bcce6d05632ba3c5ae27e7e6c207766
SHA512 2228f449f05e1f6a7eecc23fe8c7b95358b19fb114d307a9bd3e290207274537cc9af6555f5dde8b166a0cea0f00bcf3b3df04a46f20f80cf04dfcccfd98f8a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a41bc438c1abe79a97155d03aca862a
SHA1 5c9f5b3dc7f610aeddc82557b438f012f90b789c
SHA256 8df9348ccfc5268a9f0387ef0d775c9c351a7b5536b3d6d53de9559552d3c2d7
SHA512 c47888f4ac36c02cc8d92a96fc6192e8c04d2994926c83c23dbfd681a0fdcc3fbc0bca2c2e122e7f23cddb0b986326908f7ff099f4508ac73cae3af376b926f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d1a706c099c61c0b2abc22b76a8ac5b7
SHA1 9fb3d6f92626b74ac17f6a0606b161bc28cb4b0a
SHA256 f6c47de206f682f90ea423d2e4a2001f62041062ce5ccd308c9b1c3f3643396b
SHA512 6bb92d3ce26da9b71352b8525245b3c0d73fff54f7f550a22ab620f7e2061aa73685f7600974e1d81211f7d78d9619c702d03d9cc2f8f29b679cb20d4771e7f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 32fdffe1509a09914f5fe3dd55b48cab
SHA1 1e464607c16dee6fafb089e43f876b3ef9e8a662
SHA256 3116c015ae286d6e95e659fee05116db303698e409dd7a0bb53ff84c46c24efb
SHA512 a6c3e48d28a20f2ee9930ea0a185ce55f3cdea70c6d8a4b620bf52ddc537342bcdaf8f27ed6dca22ae6610d4cdd0b8923a80ec4cfc7db331eef4bed7c4d8d251

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2928fefca683259429dbe8fe4f6330c9
SHA1 bb583a1edfdcaa15af5384c56cfccdd46cffe850
SHA256 979f95824399899d5ee400f8dc5113c782de85dee10915d353f68eee1d0ef36b
SHA512 ce39fe69a78ff8e1330d59566955c3e5a427a0b4f0c45eb22b240a1ad120e9693a0c4f3d60729de0f8a8fd9619e4ef122337d1005b9bf6404fba1aef68b43e75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 37fee1c37a61579efce6636a3c343e58
SHA1 4465a56f3d505408a8842fd2413b125dcd697120
SHA256 0c67d411df43c45956a7347d195dfb7d4e99012b69992df19ea0f2539b82b9c5
SHA512 159b389a5011f7c6acaba06bc07c01af32290313125d813f22389bd125ba42bffc3be2146b0b220fe2cb3b34e9121208230b20538a15b27a38bd18e0a820ef80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40d352a091e52dcf4068fa0572f01834
SHA1 a3ddd2145f6b53a812bf2c50dd7f8f176c3edd15
SHA256 33bc70257f3359a86fd464fb8090e86203f3ba99ebdf291b5f4b46ce635e7921
SHA512 4671beba821fc5e3bbcca073f8b94d6692a8c5344b55fdb2e916542bfc862e8ad5162817648a4a65a77c64abd71ee74f00a9462bcdcf8bc4c99e0532ce23ce43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 095657847403531427180bd9bc575748
SHA1 9f69a81ca03a2095de3ee999bd42218dc01120b1
SHA256 fc7b79c1e0d94148e806c5b0fdffa2359d1420197e0d8089da858947a68f41b7
SHA512 f604e66518292c6379a281cc703055cbbce13eefbce2f1329adfc8d4f76cba24edb67aadc58deedcbb20168a1a765d1ae74f50c628231f8db066bb08078a3ff9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 48995287f0c59244acdd6fa393360aa1
SHA1 f47d28e4034eeb638778fbd0c3d6348fca72acbf
SHA256 42083e5b42d1d761a478805bedc3bb55403fb35afa14447a2f2949dfee0416c9
SHA512 d2357c1c9e60d9d8bd8b8b86e53408399f77d70b670b84cad1af913dc85f8a343bc37aad0df32cfcfb1d32066f17dbbea010e2242e83a004c53a076a22b6e85c

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b695115689d9e58a2eb43bde5bbd2fa4
SHA1 35ec9ebbcb78e08a79a1714f6d7d812ab8cbf4a1
SHA256 d019c6a2d417e7d01931d4293af3e204fd70bc54574ce1d8126df2d8fe5ae656
SHA512 29f602f911dbffab360993d8bc4f91d1fedaf9dfad08cdfa521037bae4e82cbd651bebacea2f5943df44dfe188c107388d3626e2b1e82da90030c4965686379c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 20d90f28fed7738e0345b4e1aff7f108
SHA1 b870404e85c50073a2c45c0c4ff1fc47072f6374
SHA256 fef89206c2e44479aa404fdfaed0abab777f8189c1270a6fcd3e362607f4740b
SHA512 aa2d4b8f65cebe55ac1fa70c9c3330e1b74b286c37af89de589cc727d7f05ff6d400ac2d5a5651831946d7f3eb2c9250069ef551eb7d1c939eb3b7319326f1a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 849dc0b5332ad80f82a3ed3cb871f49c
SHA1 afe2c4090c614589895861f00ae52a9c27d02e1b
SHA256 ffe50865b11f669190531b84bb28c1039559a4f4981784d12d70ccb9fa7d1a9e
SHA512 df1676c328803fb05408b0510b3f8a375055c09b4f24393d34c02bc2b8aadcb85b8bb16174599604a0a42a47861fd9ef75257e30b22ee522492dcb86e2ba78f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ef7fe1b37aa9a325c0d8a39181fd400c
SHA1 681169a5e81950bcb7b20493b932a095d1779a2e
SHA256 3ddb1acce3f63c1793b5ec218377ebdf366c84c723673d302f48d9fc3be30559
SHA512 e88a011be5bacfa5068e67ae6a9a28c1f18babec93998f0789ed63823b83f86321ef27047704b33aeb1add96216b400c219914e373272a5bc758df8a829b03e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c092058a73d05da25816eb99e2602b60
SHA1 65e03690b1bf39c2ebd5726e46e55c49965f8561
SHA256 113ea1f1f8d9237f65c6c1fcc4fc72648778b9d67bb23eb242d568acdf06489b
SHA512 428b188a3c4f074d917ca0cb502308c2c70658f0e995ed578280e59c2757ced4b1c694b134bb3c7cead727318c1cfec581fb4e914b3caaf8689e23c42eeebe49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ba57238a351ac1bccf61d7982e04dcb2
SHA1 d3f592c3752d2c06228ce5ab837a896e39b2f19a
SHA256 5e4c6e1fba147d3d59894ecb2da7dab9a925d4fb2d450910c65b441333a2a8f1
SHA512 d781209c5b2d8b998a6a8f70c7a25e7aebcac0144ce15d6d7950741a2ed0fe39ab6113df0b1e6230e5f3f4630c40386df9f2c94635718f381daf8c40305a93ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4745e76b4669f863e8347d78c6eec872
SHA1 079d5fa4e5862b72e11eaefcc450c892ac9b676d
SHA256 0f9c2ea158a221ad886d42714e1cc15971f26c95ba1f3c8a67159d0e14ea86ae
SHA512 44c1da2fcdb53a8f898fd7cdd44c5320a0872e7a1ef78da744714113d7ea760fc18f83a8fb2abb679b288dc3cd3b6972b4ba41d22d1533630e84ca884e9db93f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 410433a00c0fb1cdd5eda905597bc5ab
SHA1 7f06e0921ff58c0271e3c42b4c5ac8d1c942b4d5
SHA256 0a0e30d79b68f5cf43b1576560e2e0d5fd8a3db5020c89fe2f4f78d38dd4d8ce
SHA512 e05366bb3989d9a0195489dadef286ee18b7da1b9b632765e7c685aaad674236fe71aaf81de8915ca333524ae11be830ad29eb7382749946b1fe8ecfd76573ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 6ee91c368f2ccb27602daade4d6a0c6d
SHA1 07417fb3286163c5aa48364a5b07e1b4c170fe66
SHA256 9b9b540f18a899f45bc1261fdf85db06ac0524e47cad52edb27e1de5defcb1e9
SHA512 6263d93d37f93669a203152df119c59f59ed5bc48e6ca2b4b9b1941ddb3a1176c4bc76f6e02665a6563c6eff2b8683a88aa51aeeeb8aecfea343182f8a01bcc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2913625a6d4741938d5cd7882a328c71
SHA1 fd81f32447934933c3054a39a3808c0952e9a784
SHA256 6b02f35be1554293bf9aeec9fb605d1b54687ac9d952c1eb96dbea7d9f35d14d
SHA512 55612dd8cd46301c5488500f0d465d37450e80b564cf99ac0752ab20e0994b99a3559a065d871fd15177b25058c16a98a60bc06996d6b57c92d6670d2b137918

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4e9434c4b7baed88293a5451b1644b58
SHA1 f5a517c316617e2f4eb241ac0dc56513a44d19f9
SHA256 50626eaa094a4e995e4ebc418237dcfc9cb7fcf93706976617b703669be8ee4f
SHA512 bcb6a4ef8e619591280f88504e099c19c0cd07c8885f1b8b35fdcb603e12e8dc3f71b06c3feee349addd9cbbd5c60be0c0a1b0ffdf20401f68317276655035a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 357a207df89e921a6dcf76546158e1c0
SHA1 03bf16471a14fdcaed73ebde889fc0592617c6be
SHA256 ce42ecac57ec84d530e5bf0563d9109674075a93008f8eb1c1f6ccb5eeeb2a2a
SHA512 f38fc8469182cd34f021534b4243fef97a477e4690747f3dc3ef296eb4e6447dbd47b23edf5010dd117c969088023bdedc422b6db98eb35eb36c9ad37fb3340b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1dafa6bead59c4d5f5ae92c69173dca8
SHA1 cd0f6695a5053f90af31f267d104f8bf9c9f18f2
SHA256 8493419017bf6533facac9655dd0b575072a4c152427b446745b22658dc80498
SHA512 52ca8f6bb536bd4e96e80686250b5c7d95f83f24fd73a61f50eccf873041ff631e0c170b6093ac530debe97510d92411ee25152303c1337c1ca6eeadff4d67d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ecdde06c6c35a4b96a6798f7313df212
SHA1 6052635793b9bb010a4d2b0efb678c395c54cd9c
SHA256 5c9ef1ea3d69fa0bb564d1d110e251d64299a6d8b5c348d04ae386e079dafda0
SHA512 95445302dd425284c1c2c53788ea7ea77a02ace74dbfeb38fc5e63987f310701fc63b5a8cc4dd81852f7b5ede3d9f7a67a43e6e0bcdda3def9ebf22e711b7fdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab80feeff2ce1acf556c5ad88db3ce05
SHA1 7acfffe6ced9da98e344cab5fcaccfec90dd447a
SHA256 5df270c1fe73defd2aa23b8030adfa537d9fde95b683024a0d0f5d49aeaf73f1
SHA512 020904bc8b667fcd08c6e5835e78d554b0ff3253a2a46deb0e22f3a62a55c911a340c4da51f4bda9f421586265de5dbd2113bfc7a617a44a6317b2fe6fb71c76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2b1ffedd7d8946d52389d1109d24d0a2
SHA1 1b95121ae6b51ec331b10f17bba1e41d02b07f80
SHA256 1d035947323b48ac97030fbbd755e9cc412b52461b264a3e2dce5ef6061c45b9
SHA512 fca3eab85a48aae260ff96136eb4efdc5de2d84657576cb5f67e29f8099000d8f511f62f1461c67baefaf2488c0f3c26a0b9e1f505053ee535d4cb37a976655b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4089fdbd21cb60aba16ffbec6446ff30
SHA1 c6c16f5d8fb3b0caf5d2478d256c8d4c77f661d3
SHA256 757e97a6230762edcf906e83e81eac1775e82397c5a699d6ddb991eecfd5995e
SHA512 31fa03c06d4a32b1a05cb3cdedf0704032a161527aac382d35c909c0e90c415681ae44ed9a5a2e14c8c13ede2ccfb5327e4a36d9b593460ed02ee905be6f60dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 824af66b0b9f73117753192653837542
SHA1 b1298f8a646709d1fdc8884590e59544c5c4ec86
SHA256 f12c7e7cd3dc53018bde411afdffa4a7903548ab3e29b968aca98513ff2ed165
SHA512 1a55b4ac22604e2036b7e9e8f5182f50a04641f8efd514ed0dcb68d008a9685e4d7b847d7410fcc019c504a073133d31a76cce87b36184c353b077d0b9bd0628

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 962ceb08caaeb3948f28e3706ed82699
SHA1 62c2f4970697ba95637d1e5defac391926eb03e5
SHA256 ca85e3f647dd0b48f161f27902e05a4f6024d6cd22c0de08a91c89ed1a519ee2
SHA512 a6318fb167f3156a95739f5afddf5e74f6d256012037e0a96961072881a8f43fc9e28f6e9deb636ffb8848b820097fcfcb5be05fed0bce9c484ed1002420e306

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 017ee9a1a90c03a03c9c790e50038cd3
SHA1 fa41a4290a6f270fa06ee464dfae41378a83f6db
SHA256 0ac0c6606d8adaabc0f3ef1efd5e105de2556f715cfdc72b553dd9cd858ec36c
SHA512 3416cb277f3bff978f43025242fd5c47399c6c6ae7c402d04b1bae4dec3ee6da8e390ce1dccaafcd263d88e380d86050a85e34ab37ce8fcaa07277c2dd9bd64f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 6a3fa48cac5c7550f11b03aac28d33d4
SHA1 92c5db9a7f6f6daea68710808bea66263aebe6f4
SHA256 ff9c1596eb2f59a6e50bc30db808069aeda2905435273fa72ae60dd4e249378f
SHA512 d8456f57d12c6c22e252c372568f456c7488e619e0701235d3242da3b4848b9e9e0e6f3d5761a72c28d093bd480e735fb63dfc08d2d0222833ae8b255ceb3e0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 41ff573133962868d740fddfce7e584a
SHA1 1e007e97f8b8e21d54783e8f306e75283d97651a
SHA256 4fc20cc7c82f23618d9913d1d8af47a7d03415d9926874a074a5f4e51b9e0cb8
SHA512 06fad5f17b66adca57ba614846752c88fe5f9b2a1c02622f1451f52b4366799af200e3c1dcae62401dd443e9269455f9766bc410d0f70366e29604f8f958a8f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 07d0f2983e3ea3d55ed98059a4eab130
SHA1 d41484542b7fbad7c05ec66bb7c4390ab7187a35
SHA256 85829c367f2958007bdcdca0496374a7521af3c160fc0f50245775d51b041160
SHA512 1ef48d4bf227530dfbdcde61dfd0ee268b2b9b87395f5f9e86af2b658ef48a18a9eb643757dadc02827c00ec1c842539122f22163b8a39eb5b6b9ffdd17baf52

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b9c3d04b9a748dac1139590f3628fbe9
SHA1 f47c9b3ca77c58729bfb49c7c7aad1f46f5740fc
SHA256 dc4eaeda33f2ed090a3f06f0d4eafe31e07e92d720dc09fa665494c15ffd97fd
SHA512 b874234e47325f0b676f9df15b29d8de9ff4fd8ec5d532cf4421c8d133e1b5dfab9f3960dc9a6324be9a1e42f0e12cc34a6e3aac6aebb3cce101e6638ef4337d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\df132b9b643c5dec_0

MD5 46390e2ea31cea866696f2a07ac71052
SHA1 231cdabe3e6ff4f303de8ef04723ebcc579a1d34
SHA256 c9fc85bdc0529ae2de5935cc032c76f3926b78593aeccf5191b0e6656a54c953
SHA512 91dcad8540207f4d8c5aca4fb03115dc6e2a6ed646aa9b36bc13088ad7b846410c6364ae9cd1903d549a563e92b6a9dc60d17059429f4735ac5ae6ea3c52f3c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\11448c48208acbcb_0

MD5 7ff842599dfd7b5daf2cc460d843f967
SHA1 cebeff7361d7fefc11a2d4c0417badf3644affc0
SHA256 cf24822365129dcb61dbe1e2d6153dd0c2a140935f093ed75c7f057826164de7
SHA512 c6849b41bb8e6685180e13eb03348b973b3aeb0068b90441bec92e7f07df79c1202119bf20fba7e030ab5f3f6e5c98d9d51189c3ce407fc2e0ff3bd1cb4e8cdd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 2e23d6e099f830cf0b14356b3c3443ce
SHA1 027db4ff48118566db039d6b5f574a8ac73002bc
SHA256 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885
SHA512 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dec68f3879fd2242743a02096d491857
SHA1 a44977c77922a3476d0e1a3be7bedb2945ccf3de
SHA256 14153ab2c6f0a16b6ef174a919975435decfe0e5a4a5cfbb3f189246719fc20a
SHA512 3c0696fcdde549ccc39ce89d05e7bce01906eeddfdbe6bf829ee4f97392c53265d618f45c116460b5bc8c90b93a612825cdd58a268900d3c590168041d1da6e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dcfa83f02ebdc9a57756307a97fa9b12
SHA1 0fdf18b0db4f18d4bb8361f9159f4ec2a5d78373
SHA256 07be036c3bf15eb6f302f585da6ffb0d840559373fbe50c1057f62113609d82b
SHA512 7a52916663b64e04d4a18dfd6509c56a0bcc564f53ff9f4cb2c5641f35f9978534ab124621c190bdc634700508fc541a177d4464080a16e1f49f841e49a38f07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c036f15b85a21b5152632f04c5175d0f
SHA1 0cc19fa0270952a13d7c3da2539bfcc3d6952633
SHA256 3f1e4e9a40ad49c1815c02d18ca79e9daf1d5c82778a11b645c03e81bb858c7e
SHA512 84f836f6f2ed7d6f210bd427be3707a9dd3efe9b55c8e207b9bff9a36ac344a4c5beb453322d84c6664b441a8036fa847c66ceaad59a5b9ab3cc977580162cf8

C:\Users\Admin\Downloads\Unconfirmed 459229.crdownload

MD5 aa98ce357dae9a8fea9d1ea301a2a510
SHA1 9280b6d646da4fefb5ac8f48c9c3a08fe33a9117
SHA256 fb9b15b7a19f15da480190040f9c71ff32fd2400b8474fc9c0c4fcbcabc8cecf
SHA512 e4e1539245fa4c47422314726a994d57ef24bdc3d9f84ef359ebacb4cd7edc8feb422ebdf8d8cffc8f5205340fd439ae05deb24ed48cfecc3778a4b5dd452aa8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 038e6a44bd66673ba816457550d55056
SHA1 89687a4414b75192fc1764f0180e9c8c21259b10
SHA256 d147a363318edd276af260cba255d6bbffc59c7026c72cf6aa01ad2e23efa2f9
SHA512 46d1e4cf579343349e573c0d64cbdc69d217db2cb6ddb69f88b63d9036347fe749f3e1a26291b5133f9955db04b40cdcd62a64786468cb589354a44c48a24f12

C:\Users\Admin\Downloads\Dead Fish.exe:Zone.Identifier

MD5 03d45280b35d4eac32d87c78d1988425
SHA1 0bcefde0ed6b6c1066eec300dfa1fe075ced797f
SHA256 729bfd45a8ac48872e959503c31340acd05d98bfd6651f03f8254301404133c3
SHA512 c04fe8400d23bcc6c8e8b806e2358aca63a1c2d87ae66f0cd7331dec38374e83fa567b69db87eda8c6bee0674bec4353289e352d325c212b6ba4c57846b12e74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 625288ed6e1875d622ffc8e209ed9fbb
SHA1 f73f0f6db63165a2846a5a50937d80e74d5d8ea3
SHA256 7e936f4b8bada8f083a2d56daf908f3fbd10825a8a6cc9a3e7aa154790a8e10f
SHA512 6143bb6c925a425a32dae3ea01bd0092963eb36186f7e131de325f61caf246742413c928ab7833e502640be31ddeda0031594c7e929df94c24ff3c92dec58331

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

MD5 1585c4c0ffdb55b2a4fdc0b0f5c317be
SHA1 aac0e0f12332063c75c690458b2cfe5acb800d0a
SHA256 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5
SHA512 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8a131ff211fcd19612934c2ed7dfb616
SHA1 485de5b4d35ab45240c8c24f22c29cca90cac870
SHA256 28b00be41c356a4a6fed72799d8f6a99b71ae609ca147fcc5e024db516392a6b
SHA512 b272e66d4e7681acb93be30014d812fd81ed0c62f3d043c29a39e5d60743abaec8478c93a317c2d2423763a1e7dcdc8333a8f490b22653225b8aabff7f8be0d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 24ff9852159867d088abafccdd1eb27d
SHA1 3e815d296da20814df77feb12d9a529911b51be8
SHA256 4eb44095280d95df5fa4565e2443a371ae5d5786addca38be8df2fd484136635
SHA512 dd3e4a54ef57c8b9b3c099001ebea2d1445d117cc3eeb10d3e926dcdb20095eb7ba743a95aaf3df6a534fe2f576947c6652ca63d3936493bb7764ad89e523c29

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c42e67c4c917daa7f2d3fba10379016d
SHA1 69bb27e3bb104e56010a113d9e9af26d3c1d11ec
SHA256 20f5dd91db31ad0607e39644b3975e8fa43702a062101e63e3c7950099c04392
SHA512 fcb1be6640a589f2c0d73c298411e0616333687ca7adcd275de63882cc8caf90b43511ffc761adad16181e02eeb05a3b1e0bc3cd85f9f89ecfc0ba26a68db11f

memory/1388-1182-0x0000000000A40000-0x0000000000A66000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d29afa8b90f5eb08e50fd0e005328d66
SHA1 f1bf06716b850f0391555ad28c221b58489a2637
SHA256 3b578bfb718b468466176b21dd00fe20622ed60fafbc0497e8f7829c46ddd338
SHA512 2dc8f55e51001e1a6dd8aca72618043040fd9d3540bcf7bc6a00b79790221633d69a8d4c9a80cce052bf026b5aefb5c5600d8498441590f29179da9176fa94c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 1675eea70b14c72e2d158353c3cc5721
SHA1 f129ff02f7563266b5fc72da2b244fd63a6c1107
SHA256 70fa9edd91705163c1bfc77871708039063b026d00718f71eb2868badbb36d9f
SHA512 f0e8e9199009c194d5a07d1ed0070c3989adbf0ecb1b62cd62c5d539de00d189a26ea215faeb83fc21a4a65fa30ba549423ab6ddfa44e8dd12fb622b02960b9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 561b87a3ff088cd8107b4c8829e6869b
SHA1 e9dd2e007f8441b302d2ae66631ce6355236d58d
SHA256 12e29a0a76cb1d7db57940369c9ec954c0377e5ccde19426bf9f23a75ab1d6b8
SHA512 44b13b953e353a0adfe7b80e6606c51a0bfa6325363e58a8976c19d744bd82413ed0b85bb99e0e1f9af1ced31b7ff350a294e684e305fdbd4f911c9507f3857b

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Dead Fish.exe.log

MD5 284393596fdd49bebd7b861bf339b82d
SHA1 a36767dfc423b3c7fd3ff439b616862743a053c8
SHA256 0e692bcbba51ca4e766a427c9f28a7a4a9e326d2cf835493e57a9dc2121326b5
SHA512 8d3247ee0c3bf9a9fceea23eb5c646dbd8b3d954f4d62622f49070629e642d6a13bfb0d27949e2355c081d45f5a1101f05a9972782a0f0a478ed90f551d2efeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b0db3381630c55b38805ef941f79b9b6
SHA1 e8a304853d7fabf45d85e02ce8e6936debae13d3
SHA256 16c871bebbc23aa4815c229e67c0dfe6f21c73dd748b4a1bbd48b40c62652107
SHA512 497524ea3e974ba2d11226e23c554be8509e64954278f4dfd49399306c61718f88926aa2b9f069c953b5508efc4e7abed5e05c0b89bf3e5b2269f4d35e02f05e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f6fbb777cef0443ecc0fd9d99d8dabfd
SHA1 8d70661f0a9413ee8c8b9c8e4dcbce750cf1f404
SHA256 620435275adc1f34fd3ef3ebc686ced469f344fefdeda5dd1d972c9064bbe981
SHA512 dc378d92bde5c09ae9cfc36ac6e3068ce3a78fe78bf421c9b35ab4fb6204717a35f411f160f4619766894574f44ff819140c0917e6e88c9b20cc79118cfbddde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e1cbc4b702ee09d70306082985f2b501
SHA1 64077219d2a5a9d6dd1d5119bbba028f7a15c205
SHA256 a0a02808c4bd47b075a5d4e44ae3e139a01732e85545c1eb13c95cfe93385e7d
SHA512 658d1d11d31c264ea902a366d7e936bd82516fe59feacfef26caeff89a64a7791a55989fea5b241aa11275cfb770bec9d0764abdbc46aec86003724cfec8c175

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2444a227ad0a84ab66e51b60901caad7
SHA1 0f0a6536d0d5e4fb28c037328636dd11b0f9f8b5
SHA256 160388a6fc197dda57fb526cfeebb85a7349268cd1fca11868d70fb71560fee8
SHA512 7c50bd7302fe6851b9f3b7a0e00b4c1e52278ca8ed2a05ea80868d1dc0ff2d69bd1a131cba99ec04e3f9ce4b3fca679d6b76a0d273805417b187a1abc13267a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6173d8b26941d292d5d4495641437484
SHA1 c3fe8cc92f2312b38b826fd14400c8b691e583ba
SHA256 89ebd4ee738533a7bf71b94913fde5c76e01e2e840901128e7550ddce4e2c8d1
SHA512 f593abb3f41a681b1b36493d5534ef54f31f41500988ccaa32bfca3283c565e2913c1a3d981e2d8f14d0308d08b7ae1544f69e9e51176c8d8d34a633c2ccbef0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 204a88c9b12b81346921a4037b706fc0
SHA1 2b0c5a568334a424ffe9c7bb46d78e6498717d98
SHA256 27cd6d50463bf0abb37b129e9641fd33345e71a0b974d6482b5f650e93a55c54
SHA512 a2473dc7f47caa34dd9a1d5615848396008858fe50c4a3b0af94935a286a2be3565de65b2447cec41534c370d66dd2814c27f2542fc42705d1516812a253b1d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a078ac3dbbddd9e72e27dcaef510a1d3
SHA1 666fd91ac9c1eae487e1d0f350b70652a54e98d2
SHA256 be50671ea65372a415be2a9f5b5e2ad4ced0f5f0b021f78fbede35b1d8caebe6
SHA512 29ee41a732cfdd5666a2c69ca2c1f79a808f885990b1ed20cfb5b141d50f7cdab2335c280da4a4e30fa671a951f6821788a0b610e19ea9a903ad0a2203b58a5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e417919b7c9c3e220da2a0b5801ba969
SHA1 4e5e7145075af83fd4490ccded31cd5c8a969286
SHA256 ee55e78ab642a5e3f10c1db54561e71b63859b2b9ec649f747f664f8834b05c1
SHA512 0e495ada2c759c69e9669c93b1675dacb869190ca1cf01fa3c3ba24856ebc7809dfed285b1cd2950d496991966f011a6bd67700dd004e7e1141260f2d0b8b3ae