Malware Analysis Report

2024-10-23 17:58

Sample ID 241015-qwcwas1erk
Target https://disputedcontentillegalcontent.vercel.app/page/
Tags
discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://disputedcontentillegalcontent.vercel.app/page/ was found to be: Known bad.

Malicious Activity Summary

discovery

Looks up external IP address via web service

Browser Information Discovery

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-15 13:36

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-15 13:36

Reported

2024-10-15 13:41

Platform

win10v2004-20241007-en

Max time kernel

299s

Max time network

278s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://disputedcontentillegalcontent.vercel.app/page/

Signatures

Looks up external IP address via web service

Description Indicator Process Target
N/A api.db-ip.com N/A N/A
N/A api.db-ip.com N/A N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133734729895501666" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4700 wrote to memory of 4256 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4256 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 3528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 3528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4700 wrote to memory of 848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://disputedcontentillegalcontent.vercel.app/page/

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb596bcc40,0x7ffb596bcc4c,0x7ffb596bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1540,i,13571697913736145730,4235113466332892658,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1532 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1832,i,13571697913736145730,4235113466332892658,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2160 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2196,i,13571697913736145730,4235113466332892658,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2380 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,13571697913736145730,4235113466332892658,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3132 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,13571697913736145730,4235113466332892658,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3172 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4508,i,13571697913736145730,4235113466332892658,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4496 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4796,i,13571697913736145730,4235113466332892658,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4864 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 disputedcontentillegalcontent.vercel.app udp
US 76.76.21.142:443 disputedcontentillegalcontent.vercel.app tcp
US 76.76.21.142:443 disputedcontentillegalcontent.vercel.app tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 142.21.76.76.in-addr.arpa udp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 172.217.169.74:443 ajax.googleapis.com tcp
US 8.8.8.8:53 api.db-ip.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
US 104.26.5.15:443 api.db-ip.com tcp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 15.5.26.104.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 212.20.149.52.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 168.117.168.52.in-addr.arpa udp

Files

\??\pipe\crashpad_4700_GNYGBAXVDIXHRMOC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 24107ec594aedcf6bd89ef2eb049bb1a
SHA1 b5f5ee0ad352b652a3e12cfc239d6c4032d9dc21
SHA256 a90661a6d2f633b9c8a5a4feb435b983d1ff788536764ea2c92854d1f4165714
SHA512 85716fe5e8fb7239378cc4fda891b41afb403665415cf934c7487ac87151cd7d4f1605da3c80a27d1853b448066b1072db332994a6e8e72ce6669176262d5187

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 10e98773e13efed87f63bbaba42bcbab
SHA1 1a359592fb268b1b43f69fbf2b322bf265cbec3e
SHA256 28dbd3a4db59a16f69b6345845dd00dfbc6c403b7d53cd459124f62943c3f9d1
SHA512 d32c8373138f9cc51dce91cbdec5a9ce2d7aeba54cae41a76e64e411d74fb07f707e46a1d1670ba7f89692df335c55be6eed2d2b0c6732fa2dc7f16894406f8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f890be3787181dc406b27efdee6ab077
SHA1 5852afa4f0aff93ad25c7d06b50c19a5f1736c58
SHA256 6098e273c59accd053e1f5fbd960b1cc3656b473cb232ba260b8af863c2b5b0c
SHA512 ad0e73a39ad3108df2e627429397f0a4c064c217631e423798e2786bc9442eec0b188b1b3b46ac60f47100e04b25e7a07df448ca89c8cc954033177a0bf60aed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1fa88d6a810108dae76422fa9f590ae5
SHA1 3c313b47f3551bf27b55184b685b7ab3e910eb63
SHA256 a858c947fe259e238a6e7b6e4ed27c6f21d9ebabdd6740df08c3b0c0eddb654c
SHA512 660f0e1b88b6d73a0a58b7a33825444ccdc024d74ae0a04eadee786f9d403e06a06c61a0d8bcdf8c046a737ee658afd186ab44a89626ad00e38ad1bda9c14f80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b53ed3cb72afdb2607ac73a0bd416ecb
SHA1 7deaeaf43389139a5bef057c3601b170fcaadef9
SHA256 0bdc6bfbe4f415c53691b4d7e6b33c77e74e1d687913548a716fc487be6e5a08
SHA512 13dcb6675787bf205290d7b6e815c4539c2a0eecbad9dbfcb5c03826930d8aca0b1dd4cb11178e27fa5bf73bb4e331eebb3d633175397bf7b850aebddd55d69f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5c158a6462e331a2bb9a44ac2567d3f7
SHA1 73e3fa787b74b49218cbab9abb33e5287706d695
SHA256 ef8c1a38707cb2bf631f68e4ea3641adc1ef28a3f2be3bd5c4a4e71480597f08
SHA512 320e335caecbd51d53d36c43c1eab438371e5bca5281f8046af5945112bbb4cbd4525e598bbb2d66876ea54688e766547e7993d4514bbc32ad95c7f18fe3281a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 180389b9883fac1f65af918cc71cd401
SHA1 7bf73653d7cb2541e66e8ec705543178c4dcac48
SHA256 c6cd63393e43ffdfd89ed66b7d83caf4d74cca1ceb392a170c0411c37dabe989
SHA512 c7c676925adb9c404224f1da155217f94a038856637cae416612c78f34181e2b9ba1fb1bccf10680b832be22f949f379b752c3ec10f3778be70e6a721a855ea6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e6f25c48d9480b735888a1431e71f777
SHA1 aa6bb581a32a6d56e9c207ec9f98dfd356087f4a
SHA256 8170679fd76f9fd1a49fc39d041d66ab2da1ca5e6b04be7deb064167a3335861
SHA512 d7a3e46094c5e9b7bbdc2ce48bfee9c72b5db218fb299c8351f76870bb3d946206eb5ca991130c303825ec1e19f7861edbc07b5b0636c0fe7e564e96a809749b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 343d8f10e461f868971dc6c2f0c10867
SHA1 6de62cc39c26afe359551a12dd0a38880f5eba63
SHA256 3860773dcf8472be9c020b7f5200f79fde3e3d5979ac65815308d21795c2061f
SHA512 31c276fba0680df5f5efe33ade3bffcc0ae13ae9d2869f19880273bb11d6d23175bb0fad3f9bfa4ba47c0fe28237ac16c553bec08ba6cb5743bdf39550a3ff63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 04c53c1aa0c3035883c0541150fe19bb
SHA1 bd62fbe1c4e0b21732659310ffdde450fa970e15
SHA256 cc7104ec1e7a223fd4ea30ee9f30eefcf757d078530524642856d6ddffe43b10
SHA512 f17190b55dd7cc7a6c23df69a1261697d605e9bece911d72f0b9173167ae4ecd1cf289136fe7e4764728296a7c55c793c7abcec7fa6d4e65d668272ea4c820dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1e7060f6f582b6f9ce15f2375ce39f2f
SHA1 a13800edb2dcbd9c51449c7e5c5702db9e38e35c
SHA256 6eab7d9fd1984e19f3376d593358bc8102b72aa5a51ff3b9aa61a2226f86cd62
SHA512 42413572a96b566fce8f98c4cac8a1582b35eb6f8516e397961b74d008d7e05e93297bfb3a2ae54ec2496fbc4554fb59a569921a606732dfce6a1327c5aa0204

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dfcbec882444489f822e0924892f154a
SHA1 3c06757ef2e58ffc4029b7913d07bedf82209fa2
SHA256 6bace8ef300de52b502cd87efe39c58dd2237b2797e83cc93d20fdde7f3eb20b
SHA512 25ef3e16cd88349734357fb2666e1add0277e450d1171a7ac54a0e5cbe0ea1126919a552574e972fc0022b84234fb7dc3b9d317239c7cbd61afe1ee186880263

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1807fe6aa844a375d8864df90f2d6bd
SHA1 71b298e57755ceaa69eb29a361d8d4af50f53774
SHA256 d62aead62e4c3618ccded9d8cb66f50f5f783a9b092056f4b126e114094c74b0
SHA512 1ae4646f326ae2df0aaa183ba9f32f6cb21b97e34976de39320f8d4c85a001654266e191ec1ee3c1df60be9014365522b0e310584981dd6a0707a37342c66fec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f049064293a560fb7d8fa3857dc19bb8
SHA1 6c12a0bd0bc16dde4dabae2684378ab428c22bcd
SHA256 5f61c1c17971149de5deeadfa0644c325f2216aeb109042376cb26472a39e7c2
SHA512 66f0b1cf947a146152b9594ee41511ee4b334193f67f89b10703acc2b0a26f0f6fb309868fca7743a22b720ce623fe5ee29c0899f92aecf0e23acc332fbc2b2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 526a5ef6b3b8048720c946eb93e8c141
SHA1 fe50beb449b4088dc3e0699cfc0ada98a5ddd008
SHA256 2803f8b5417ad8e3224d19081a3eddbe327e44c0c2c25e1e3e6e0bb97d979090
SHA512 e84584304b4bdfbe1913d4658d3b2af1a37d6da7b2fd407280d0d3dcb5649647e49586942c2ff8663f6e25d5b90607e31e7cd7773a37aec6de42fdf6a58373b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11d243be15d6c8f9f5417cf40ac389e1
SHA1 77c87d3bc1e68f4749f04523022cf7f812560f9f
SHA256 1a601c185d152e59b235093ca17ae2745e03b7010e5241860eafac579ceb99dc
SHA512 9ea12f81f87fa213f14a6797aab01dff5edb18c00332d85449fffafbc3d8ced55f8fac76bc946ac7743bdecad49d4aa81e175278247d844c6c319298a1fe644c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22cfb28a6e8f38805a6c2cdf206fc10f
SHA1 dd7cbe0a342177de35a24199c3a9c494ee046abc
SHA256 7f8fd23e8829456b5478ba46ca8018a0db2d4758093650e4d65c2477491cd764
SHA512 941974719e6c5c4aff8230c611b6d61905e052c91e519f2f875641a0eb63a9753dc27a59df810b6e19841f232c440aa1a00c6aafffabaefda4d57bcb321280be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 efa15053102cd2bbecc6e7380c92ca17
SHA1 f2f1c1725a06b03aff51d99668ff5b22619df375
SHA256 f38be46a39e6d4a4897e50e35ff7c91cfa149c6ef1b1b77e9a79d75e21b41d50
SHA512 60aacbe6b77bbbe36fb6607f6a9a38b8853a4511471d29ff8294b4cdffc889cf05006845c234faad2eeb7167530abcb94f558330b38fc84aad83ecbe0994a839