Malware Analysis Report

2024-12-07 14:32

Sample ID 241016-wrkcgatenh
Target https://dashboard.blooket.com/my-sets
Tags
discovery bootkit persistence upx
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://dashboard.blooket.com/my-sets was found to be: Likely malicious.

Malicious Activity Summary

discovery bootkit persistence upx

Downloads MZ/PE file

Executes dropped EXE

Writes to the Master Boot Record (MBR)

Legitimate hosting services abused for malware hosting/C2

UPX packed file

Drops file in Windows directory

Browser Information Discovery

System Location Discovery: System Language Discovery

Suspicious behavior: GetForegroundWindowSpam

Modifies registry class

Modifies data under HKEY_USERS

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-16 18:09

Signatures

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-10-16 18:09

Reported

2024-10-16 18:19

Platform

win11-20241007-en

Max time kernel

599s

Max time network

591s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dashboard.blooket.com/my-sets

Signatures

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133735757794750254" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3672 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 2436 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 2436 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3672 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dashboard.blooket.com/my-sets

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc8202cc40,0x7ffc8202cc4c,0x7ffc8202cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1752,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1740 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2040,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2092 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2352 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3140 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4308,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4416 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4940,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4956 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4972,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4888 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 dashboard.blooket.com udp
US 34.120.37.181:443 id.blooket.com tcp
US 34.120.190.171:443 ac.blooket.com tcp
US 34.120.190.171:443 ac.blooket.com tcp
US 104.17.202.1:443 res.cloudinary.com tcp
US 8.8.8.8:53 1.202.17.104.in-addr.arpa udp
US 34.120.37.181:443 id.blooket.com udp
DE 108.157.4.14:443 js.stripe.com tcp
US 34.120.190.171:443 ac.blooket.com udp
US 34.120.190.171:443 ac.blooket.com udp
US 34.120.37.181:443 id.blooket.com tcp
US 34.149.18.126:443 s.blooket.com tcp
US 34.149.18.126:443 s.blooket.com tcp
US 34.149.18.126:443 s.blooket.com udp
US 34.120.37.181:443 id.blooket.com udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
GB 142.250.200.36:443 www.google.com tcp
GB 142.250.200.36:443 www.google.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
NL 173.194.69.84:443 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
GB 142.250.200.36:443 www.google.com udp
N/A 224.0.0.251:5353 udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp

Files

\??\pipe\crashpad_3672_LFKOEIHMFBNLSPGF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 1585c4c0ffdb55b2a4fdc0b0f5c317be
SHA1 aac0e0f12332063c75c690458b2cfe5acb800d0a
SHA256 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5
SHA512 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 1cd1129ccdbc49c0b25910d2e60057bb
SHA1 1ccb3374572e517f1b4fb88696bbc37c48a4cd67
SHA256 93acb6bb6975b7cb6c0099a3b695a6c6e43e650267f585a79dd5367cfced081a
SHA512 524228f54cfd984ab95b1c6dd2f98b0ec579d0db7e85ae140f5d7739777b248f8e692b6903f6e236669f74561cbcee559ba0aae33f369a0b03efffe18b02a980

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fc12ef1c3d520652355c2c82fa42d8b0
SHA1 713fb885d39b7e06d87b8c29b2770b27535be166
SHA256 5c0c2916ef9f0b487a1adb8115db6451322070fa46a44734a4cf75f8730d7bf7
SHA512 6affae6378f58ff117b9cbb3e0d96c395e1e1307bf29e4b712493a105d45e1e976035ef2e723fe1bca95d5ebe38686705070e78702993d0111bc7898fa06ce2c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e9e9b14ddd02762e17fde817100d97a7
SHA1 b3353d0c7dd958ea59843a3061a45da16f5878ee
SHA256 bd2d16e5105fd8851c68f85160079f6add57b85d8751d6f6c3aba8e17ecfa36f
SHA512 05ea33a69f576774c8bce884c47125312a609081fb3eaf5fa4189bb139094eacb862b94a148de97c7ce071784b9838b6fd91cd1ea742f087250f283b187d8504

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7ddc5327f9535deac09d8df892bb70ec
SHA1 ecb4db758d35a5b321c486fd8c07eef22c347dc5
SHA256 70ce6b088888cd20624d70b0fe689a73021c5eed6be355f92fdd9a742da15d4b
SHA512 9d57d5bca15eba1f9006b2afe663abaf285b8432700c24b90d7d9ae928858f33cb8fae04c7b7b13d646ad5dfbac82a810d24c3e2b7c5db61975bbddacc4dce34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f75202dc146d3b33bd93c809cfa3741
SHA1 a85337820a6d5eb3582e594795e1ac9e368b2208
SHA256 b1793fd3e4bcdde9483441b33b5523042878b548f05f5e30523d046b08244daa
SHA512 fb76418e54ba92f454fa7d6b716326c15d8b937a677c02b33dd71339da1c9f3f631ab95f2fa1414fa99f2ecef8aaf98b478d053f45a048ef7298628a743fcd4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0826926e9d92721a7ff148b57a49bc6c
SHA1 9da9a9484704236793c633ea54f5449c6232e1e3
SHA256 daacba927d2cf4cfd6180a3214124f231af9009a096a380788333ce3f5e5b555
SHA512 025d01795b7f0e8fb6627fdf12f76c4a801b9fb15c6caeec932b993b94559f3a051efc4e2058a0cb53e8091ee832020d9622be95aaeda25328d3c638bcc5ff29

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c99e5bf6958bb3beb502cc84c121f770
SHA1 43f8921b79c1c1d7b1559b7b355962c1964e7b5a
SHA256 79af7a4d1c9c550e8a49331589133d8cec35dfefa12d3393e75253ad3da9211e
SHA512 9c2fc5c8f07f365a3df0435ad42ac61ce8b4ebf7a321014c6da3a11dfbebe87113d6d0ea12cbad2e8ef6f6997850baaa815c7e9878aaf653f4efea62250d5473

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7e5b41531b6a0504d435b92f35c1195e
SHA1 4dc0a928770d5a5a5171905346b8170d24008d9e
SHA256 fd21050ab6dddee3de6210f06443ef9155d533821325da1cb279f6b784893019
SHA512 a0b2b327472d6644b8396b1f4bcc960517f0650e1b073fafe38471ffa0a701e3489b7b3814ca7f3e4bb0868fec1372d02e225d362084185c72ef12ebed3e0760

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a0451baa70f64393f88900409836e07
SHA1 10678c3345c2955fd65fd8bfa6ae358bde9215f5
SHA256 52e119ec5640fac6da5037452f0148fea4edd5f845c93e1cf2cb129bbf8ff1a3
SHA512 872adafa38570344824e4372911892d72af0fc2f4eb676da76773ab3087f8b5c798bda8ce86f4730d5bde12b66506beb7b0d6036148589a57cb9e8504de7b9ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\04cef22c-2919-4381-84dd-4b2c017cddae.tmp

MD5 d451849db84a6c4ce565f5af0a31c44d
SHA1 709b1146fdd54d24f717c654f6387ffeb2a43e10
SHA256 2004b82e91958796a178ac14c97706fde4a128cddfca2477f4f2788f5a9366ca
SHA512 de84bb316cc71607bd7195814abf6b476463d3914958a74e1fee978675d17e91f3a71e03d53b53d888c21ab545277c6603e464dc814a364468c510917e96ad70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0a48278038f442b81626c5ead7629ee8
SHA1 1c069616b60112808b44f7a45fd12392d38da708
SHA256 5581c351c946d04cae81b05a087129a9ec29a4928fad2ba08a6cb478a3de3459
SHA512 5fc880b4b47fd79446b2232bb3884161174c6452d5a6136aab805b1e5eef449b9c1d0f7e251432150a65a34a9dd8a898309408e94822e31d6ee4c5d2393594db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f3026768b2f638eb40af5249cc006468
SHA1 4dcc92d40049ff9842002fdafa34f1ea24fe3ec9
SHA256 7766ca240b334ba49fa2bf904a4207d2fd8ac817f2b647837f662569d76f1a00
SHA512 6c2a1545d93163e083f9bbcfcbd48d821ef6cca1e4013d87997a3020e9b8311f6dc6d0874b57c78a4c5c67a01aab36e8923bde205b075cad665cf54ba469529a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b191a111473d8487450be0e989b02c3
SHA1 f252acc24751bf6d338742fcd5030982f83e3062
SHA256 52c5c4fa0826d7f838378fc34ce0b821f28161cab19c8bd3415a18fb073459ab
SHA512 2f00153aac0ef7d5053e50f041b591ed9c0a023417d5f7667a942f3909f56ded2b1e188432e93134aed8a3804edea20d7c5fbd514c21c8418bd7a4bb89d323de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 459dad09cc87a473c0de8a3fcd9e0616
SHA1 1f03d27ca1b5c34bad37ded633feed38b6167401
SHA256 e56001a14a3941090703b4a1cfbbd14db1e2c1fb5dd358faebf127444b3900ad
SHA512 ed1cc92a5015cfe6b65da0d0c6f418197d601de87974dd8d0049d71ad39ab2df4c76d43d7f77ac1445b87294226be8c24f4466597640b4aa6c11b3bd44af8018

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b8844950-6ea5-402c-9f55-3ba95c8a03bb.tmp

MD5 990d61d1db98689e2e5aa0c01b00ea5e
SHA1 fe90e5676ba6aaec8f878d1c5dbc0be36ce88170
SHA256 e2d917bd20e309a06e383d31f98ee46d6b916be7cb5d058c4877080047b045f3
SHA512 34ae90d330f749bfadb7aaebd7c6c4bafa049af77455e95a0e81db74722dd8ac856cb5038fb1faa984015fc6c73d5f8f4fada16c0739e0b98f1d42ff9b6542e5

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2e536397b9c656c7d12b2fca9768cb7d
SHA1 f3baf9ad3256ae604d0d6d0aecf3bafff678ca29
SHA256 cd882164d52e1aa59c2fde627017f063138d02e987deb4bd36c5403487da08ce
SHA512 645c45283c4d77aa4c453bb2f73928b3eb5339831532cd1eafee3eb2d342365ae9fa063deb0b87a578b38e750f0941b481c01c8e71837cf5d842ed5e97fa20de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 759013a33ca1f057cebb4d2aaaa5ed6c
SHA1 9601d4061a391f197ddee88c4451788c95a2e8a9
SHA256 96168215cabc87987e274e86708bb21ecc367e8da5dd3cc6fa66fc9e4cb18f1a
SHA512 e24990f840cd97521c99688b15ab035832fc78180257ae1147648193795614141266279557281052600c3719522f53baa48949b2723b04a9ebfb35c8a0b39ac4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 85b0592804d9c2b0cba789936a5de5da
SHA1 f9daf8c61ef591dc3fae1a98170d36310de2f386
SHA256 bd77136888ebb14ed997442fa702aad0f797a8c97979495e0fa43d0f688373a3
SHA512 7d26a6f795c161792db418a7386622d9496682a0173d141aa2454eb75cf108cab0ba31866c065b180f87a910e2ba5120c06b171074b0974380708ec855a77231

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 31cf8dc7ac1927faa69111f3dc1da6dc
SHA1 fdcc1b9174958362d54b705eb373db65471d63f9
SHA256 c47d4f0a38d79863837dcf8643373e59466e7c385afbc6fda64cc2f7d6045833
SHA512 76f64d901f1e91302af4bbeddb8820a7b2bf512c3a5a07d1fea582b3709213b453c13d785de833bbd436a7f04b6a0a0b1a8d3955e3da5297b19a5f5e347fa9f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e37dbe4fc5a8354c5518b6e05b17cd04
SHA1 2cf0dacf2dd82bb803dd28d67b5f6d395ae2fa00
SHA256 c8fce97661660365c566e72c48f79351c99b7b450eb3c1a2a3e3ecaad4905e69
SHA512 07b520e19632f045dd197e499b3d85f73251b685907f62e116420ba61a2ec7f07d7bee82cd71969dd2d3345963069078622a314bbb417b1ecf8e3f95891acb6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c2b3abf4b52f6fc1e849a8c7a2c7e7b2
SHA1 73af01530ea5952f232612d0e143504b23921e2a
SHA256 eb3395a2ef7f4c44a7b2c57c4b500b39052af8b33db53538aadd484a799164db
SHA512 f7f0a10ce209dbc6b835fd21109f6c8957991fe057c548c4358596d4567b5205beed41f76df8c1fb9e4e0f484a5708f31d1803b7c4a2188a897b56bdea1c747d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6559133d7e65c8252944f2eed8fc19de
SHA1 ffc670f896d3fbbaec07d280ada4cdb57b365191
SHA256 d930522e9d2d34c968fcd522f288196bd0f3b08b881f2f5a265329dd29cbbece
SHA512 8fd6042457a3dbf30abf3d534fc7bb9ef2cd80715c67c99a6022dffcac02ff244b6feaef9e597c60e0304b12cfa8d8e7644c98b1fc340d6a50760f8a29fc8b7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 630dbb7331d4741f938a4e4a99b23886
SHA1 bfb209116ffd616a05f8f318b886e1183dba39a9
SHA256 9835d9d94cfda1cbf765030d68012c9903eb34453d948c49ea634d2f795ded91
SHA512 cd73e0df3cc16cbb54db3cd9c5e219e4d33a029246bd287d53987d0b5dfe2f60897f76b630af4735cc1cd3624f3213fd197cc091690cc700cb54e8fa9ea82d7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1ba16608ed337b41dff0ccaccba34f1c
SHA1 7b6bd63a04a07043fa0920d266538cfbfd9b0a72
SHA256 494aef09e4ff4f3c4bd6011293f51b56f204d24cd2441c920a74f476646a36cc
SHA512 7c11dba85bfbb2018b081b0336c75f4dc7b16da4c484afd67a72acfbe3303df590773171826ab05ae68b21bcd096e71032c337098fabc9a5be25099e6c3644c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0b2c869b1912862c5761735e6fd08099
SHA1 8b39679787ed4760b343209f09bcd611617619e6
SHA256 7b04720e5fe8fa6b295baa805421a06304ffaa36ffbfe8cc960008108b243698
SHA512 16707177c34b23e13683237c7ebebaea785c96f66b4ab3567e4bfc0ad6a0a22d68e9c7102692a9aeab0193667fe877d0ffd5f2d6115c40bc3ee9716e384be456

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 98110ea89f5feafcc5d6e4e88be95af7
SHA1 294bdec3a47a0917019850e43b034a8f15a3d417
SHA256 3882cdd19b2655878d0d81a9440ce787a3d249aa9459d89129d8abff19614085
SHA512 7e2e79e55104d6fc2d88be109bcea28be96b075fc47a04d0cd2f2eb7fc455f0030a5fdc7bdf82348073fa90b12d014ddd306def5b6288adc35053cbfb90fcf3a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3fa64138218c60105e0b6daec92707a7
SHA1 ff1b6a7ccf489896bb8791b3f14f419d2472295a
SHA256 a631e752a23a79f4eb7e43d0fbe6075dfa2c3948339d929bfa2a314da560c79a
SHA512 86be10ca31ca632f2bcbc2d4653ef3f924d9afba94f1a754e1492a18591f9eaead7423e389fd81c60759183c403ca94c7dac1ec78780a57b631230fd3c60c3c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 52840fc175cb243845cfffe9d1a07c8e
SHA1 19d81a74e272cd62d0c0300c5d10fc149ad194f5
SHA256 a9f454b45785996a8938d936fdfba9d2d38c7b90351ff0795e7be6d7bd1f1582
SHA512 c0f5d398f3b3213b2be9537e14d7b1f3aff1fdd563f434372577a8409c221043330d5b710ababa98b2b8e6b9ec3d5fb8e50ea9e25680e8bcaf900ff732ffc7f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 707a18512b290a4d8fd1a868fd6fe765
SHA1 69b6624e9a8442190ece6ba196e32e1ab8343346
SHA256 1098f305512062ecd2e6aa64149d58b90240d0651954ba5c976f08b31771a7bd
SHA512 db3abc8c35bbe74942e80cdfadf4f17a9bd9a6557e4c56e0ed8b5b8365bf325bfa863b70282573370fe3ce5460e79273b3dcd7ca0b4dd9a59196790be810f4dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 29772c61403c4707ada8060f7f654617
SHA1 158a0a2a81f0c270b39bf6899c19e387ee8cc533
SHA256 d7ee487eedd9cf51961df1657d826999cd2e38fd215ae519dbf8d0ac70988146
SHA512 17af5efd3385729f9294f372fabb7c3cd508136aca2d3328c5140f8097fa134c78ac76a04a0c92678c27431f4968cd0488ee893769b1b87f219a6d7d05e4a3e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0b097d8746666a2a2122775838e84b4b
SHA1 6c7325ab98891ee510465f5878174de4799464b4
SHA256 1445d2017b1d7ee53741d6907769aa0e907d5fc9f64ea5e93c3b2607b269f443
SHA512 458b93d47f2e03bca291a8286c26a4248e9bb00ea8e9706bd3fa86ada13be91f2cbbb8277a88dbc3776a8711433f500d1905dc70e3a9350d606f839133905da5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 805c00e92f360fb5608f83b78ddc01f2
SHA1 3e469cfc63b7447a0a30dc8bdc7ab2c3e73a830d
SHA256 a642d6482d5b9b2879bf6c2f0343b96cf773faee5fc84cd2eb9acd910e7fe971
SHA512 2c88fb799ff360191ea74485cc9f9c2297ca88263cbf970ae68d480e22a67cf21256f8e8524d075fc8796b3943e95afcf970e9a2ae29f21d26696dc3d0c4554f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 76650c0e2be630f546618a1ccb0828f1
SHA1 2d8bc41dd8be3b444cdf66ab1f3a6127d991c52e
SHA256 fc5e7ecc4806aae76f6fa88c163d1dfdc18b3ab0a9a5fa339a6c7dca195c5c14
SHA512 298c40edc7e0e1dc5f8965ce702b9605bf985e6f67605d6bf94213e363ba75baeba38caaebcb26bc30a7ee287c9777baaebbba8f9531113f01debd2323c44e6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b05700f16a0943bce351b4eb1c9e0e6f
SHA1 28e55a4ebcf28d417d642fa71a7b004c968ddcbc
SHA256 ffe8694546851ec694c2b67be8e572fd1ea779f29a7e97f1851c73053722686b
SHA512 2967e00c7ade3f526c7250578a76f386dab5eb8b4ff009b0dc11924795fff9bbd80a164fced9c992c920e2f7885e6fd25889787d71e03a1c0afe6581147e0d4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9f999b29dc6f9bfc164ad1f27043d5ad
SHA1 7c85c4bb797240e483ce5eea84cba167e6b705e6
SHA256 0beb60ce4d39974cb6080ff7fee571d2d7f9263fd2a41bf2d72d2cf1293fc2d8
SHA512 cd4ddcfd87f4d257cafee4571d1f2e02a43e84e8e5a066ceba8f71f00ee39e2f81b6f3793372a08b39b63c5c65e5cff6b3824145e4d01bf1fa061d2d063b313b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 362b8a13ec9c8211bdab30fcce74a495
SHA1 493126b4329ec1eed06bf0686060d08299e44011
SHA256 c0a31111fb4ef3f49025fbf54c74336e48b0563d1c6aabd1a3f475ee6e6c2576
SHA512 1282104a7f592ed6edf98a92afefd1a3bd96169691aca656bfaece0cc602f30548237f02782cc2a7657e5084886edcece0f0dda287f437fd560e003fdea24eb9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70b77490bc2f42142a18605afc5bd7e2
SHA1 2c114e8c5d67c0dd898e315265b4c7923b524ef3
SHA256 df26a79bae030edf5377a083b1b5cd824940bb4924a2f2ccd3ad8bcbfa916928
SHA512 bb891e3254703acf8ad9054df4179e57ca4ec69f187e205192a24d2c5801d8c496708ead5ad28788bb84ee408f32f2dcae903c6f2bc58ba3988e5b1bd5fc35f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 adc1c33d89d3fa3aaf026352b7f3aeb9
SHA1 6c940824b1a68f8df0e8e6b2b714164bf56a685c
SHA256 e194f54544fb9f906bd3f080a5bc4390c4aee26bd3819d61d969c88087830967
SHA512 38e99e66628bd1e0448655a3b3eb63ba3368468f38288dcf4a05666a67f3523d2d55905a8156f2a6d03db10b8985b8d84acb250cfc4cd3ddfe5f582c4c98cbc5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 adced7b2685867ad36b6f896e4376815
SHA1 5b87e13c891ae2b956c6a511112e87e64abfa4aa
SHA256 f64930dfd56daf03aa279afa8ee3d0b512be6f914770519e94b5f75db2d4514d
SHA512 ad31b9f1b2aad28baf743a953326ea6af1238ff40ac861bdb4fb156911328027fd69b7c92fb2a40f6cc3cc5f2f2170d167bb8d97b2ea09f44f9bbb882a3f5d73

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b47aeebcf1b61af8924cc70ed2fe9df2
SHA1 2e21040b1268e15d77e8b276a6c8f2a8ec7843a3
SHA256 005cef1968eac018d221d770a4212344611496e33516183dfca22c68e376b9d2
SHA512 05fb0d3e0b67bfebde9e9091143b8aca99e5510b59d7f21779a604f4b1ebfd21cdd9395cbc0f960114d3f3e6dd55e242692de2b6e24b2a4fa30ed503175b28ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f6609bd40bb84bf1961d346dbd115b71
SHA1 712a1900f9152a802b6f382945c0795c28151a59
SHA256 6abda28c2ba2a355793b977cad7ecfc73846b115980be991954acaf40ec7ced9
SHA512 d340b12194dd267cdde6100eea70d1e425ec2d19948df8c27948766099a4b6dbf06468015db141bf1295712e79a2dbdb870e720e25acd113d94691af6d130ab2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 17e9cafd3c3e90bb077cbfbeb267183a
SHA1 a75f0bded855e31d0b327d353ae2cfa4326db779
SHA256 41dacceb1d12e8368fd2b4ac03276d6c8d8d5955e79b0eaf9eb161fd66c562af
SHA512 f36414983ffbf278d5bf76fae1fc45054468fc8760b9adbb6375e2b88ebb57d2e4889ade5a0d5c81c1ceaf5dfcb3c565047cf2bff1eaaf762a11034dcfaeaef8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 de878f1f68db8bbb4b03d8302aa57ac1
SHA1 00c12e81f029ad1a1a18e83112aee74ca0f4cc8b
SHA256 d8c5764b0ac54cb27ec974c371bb31871d05ae8a7cd53803f514d5807bde596d
SHA512 849af07e8dcd0b3b89758f378ccf2cc906ceb5289ed634154ee7d79d72b64dd3ea8330198f0ffa2dc268f069582deb246723652f3f954f8954bc17cb2b971aa7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 844ecaa0fd938f15c63fb8a139ae8380
SHA1 629f479e9ff2687403b6a0e3f215f7ccbf67bc7b
SHA256 dd39d75104d7856460185fe12f7a0f7ecd7365cfed5bc1e468051b924b591640
SHA512 e5614fd36a9de920e923038f2ab4759de63b03bfe54d34cdbf0538f905f5fcb3d83a9cf88a7f3823ab7977b0d3faf8d19792e6f4d06debf81bd40019c218d476

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-16 18:09

Reported

2024-10-16 18:11

Platform

win10v2004-20241007-en

Max time kernel

98s

Max time network

107s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dashboard.blooket.com/my-sets

Signatures

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\LivingDeath.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Downloads\LivingDeath.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\LivingDeath.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133735757776158198" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4556 wrote to memory of 512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4556 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dashboard.blooket.com/my-sets

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff996cccc40,0x7ff996cccc4c,0x7ff996cccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1924,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1916 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2164,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2192 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2224,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2252 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3208 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4656,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4668 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4660,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4756 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4956,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4508 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5148,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5204,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5312 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5444,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5460 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5380,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5340 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=208,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5076 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4872,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4876 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5388,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5452 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5604,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4676 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4856,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6012 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\LivingDeath.exe

"C:\Users\Admin\Downloads\LivingDeath.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 dashboard.blooket.com udp
US 34.120.37.181:443 dashboard.blooket.com tcp
US 8.8.8.8:53 res.cloudinary.com udp
US 8.8.8.8:53 ac.blooket.com udp
US 34.120.190.171:443 ac.blooket.com tcp
US 34.120.190.171:443 ac.blooket.com tcp
GB 23.44.64.36:443 res.cloudinary.com tcp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 181.37.120.34.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 171.190.120.34.in-addr.arpa udp
US 8.8.8.8:53 36.64.44.23.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 150.171.28.10:443 g.bing.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 34.120.37.181:443 dashboard.blooket.com udp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.192.176:443 js.stripe.com tcp
US 8.8.8.8:53 id.blooket.com udp
US 34.120.190.171:443 ac.blooket.com udp
US 8.8.8.8:53 s.blooket.com udp
US 34.120.37.181:443 id.blooket.com tcp
US 34.149.18.126:443 s.blooket.com tcp
US 34.120.190.171:443 ac.blooket.com udp
US 34.149.18.126:443 s.blooket.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 34.120.37.181:443 id.blooket.com udp
N/A 224.0.0.251:5353 udp
GB 142.250.179.228:443 www.google.com tcp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 176.192.101.151.in-addr.arpa udp
US 8.8.8.8:53 126.18.149.34.in-addr.arpa udp
US 8.8.8.8:53 228.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
GB 142.250.179.228:443 www.google.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
NL 173.194.69.84:443 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
GB 142.250.179.228:443 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
GB 172.217.16.234:443 ogads-pa.googleapis.com udp
GB 142.250.179.238:443 apis.google.com udp
GB 172.217.16.234:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
GB 172.217.16.234:443 ogads-pa.googleapis.com tcp
GB 172.217.16.234:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 216.58.201.99:443 ssl.gstatic.com tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 200.163.202.172.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 id.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 75.117.19.2.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.201.110:443 consent.google.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 172.217.169.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.114.22:443 collector.github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 140.82.114.22:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 22.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 99.209.201.84.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
NL 173.194.69.84:443 accounts.google.com udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp

Files

\??\pipe\crashpad_4556_XDOHRKZIURRIRCAL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 1585c4c0ffdb55b2a4fdc0b0f5c317be
SHA1 aac0e0f12332063c75c690458b2cfe5acb800d0a
SHA256 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5
SHA512 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 453d2f1a867e10ef77a1209a73c5a7bf
SHA1 3d7a672f8d0c18af50c63f2affd902545b42242c
SHA256 09b3df2439b4939b0ef1692ba1c1d6d252c65f3f0742bf03500edf09f208bb21
SHA512 acb81b6a43c52fec0ef5a9814fe6e012c25ea872fe1dc9774ffac6522ef77daaa951821f6c365580394626233a5c7deb8d16b0e78d26e9a8e9ebdec333d8f1f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 98529596e0532591d92c109120f4e56e
SHA1 2f418e3d150dcc87745e8dc84bf70ef6fb9e3355
SHA256 21e91ed1d31a1d6c6d432aae84825209d2edd6dd5e043de3f8fdfd4130f4c52e
SHA512 53bb2f3f3bdb05907d0ae43398034a6065e71553e1e43adf5c2701cc442454749c953bc6bf1f3a7f79e77bb264fe24ac10624e62d6841cd6b5533b5e58c1750b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ec42d4a5513ff3c1f704b08cc9271d13
SHA1 af55b188ec3def3d274c605de42be3e7f1c790d8
SHA256 d2d35e728d75cf0f999b8da373cfde3133784570320a12aab4042cdae6692b61
SHA512 a4fa371f6a7a4608caeb3274cb3fc240b26afccae7ce85d3eb1199e90edcd71d019fbf5a6e6368697a6dbdb33f7b9d2bb5699e4828c4d7fe0cc8fb69e9838580

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fa1c5fc09d0b94146bf41b5fb5d85187
SHA1 1e6dfe75a4064d1acdde70dc20894b3d43ee5821
SHA256 da3abf8ec04e86c87f7408c0ab39191f74e25934bf0fcb6faac12262d3d5d7e4
SHA512 29131aaf6260c893acff16d1b5fc67e32dcdb36ac05dd478c6b12859ac7f92cf9dced47e816da7a6927682b8d0fd10897319abb439cae5bd3f2c349a53d9424c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cba30454803caea2c5863024475d48a4
SHA1 9fe577a2fa60b15622619690b4e8cb661e72c2a8
SHA256 40e382f24c4ae9888b719694a9f7cc487a9e701abd5e14a6741e6cb16b348cde
SHA512 2b228089968ad3735e20daf84d04b201af989593ccf7c584a9bd462c1595323302483341b3df9009ec05a26489a3779090c18f0b1a3fcdc22b481aa017e4239c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a5fe2e339d67e5258617baa6cf17b983
SHA1 a87a34d22a5c9e040349d5b2e7ee22b8a538983e
SHA256 994616d576425d76e1b4418aa1e452ff619cb63fe82f780f0082bd3bf7786a7e
SHA512 81c257b6cf089d4d7ef610fd75009753570d047253e09edb7034b17be0e5b72ac887f4d173ea4e247dcedbfa6303145ac794150946cb9ed3eb8ce193fbe15ce3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0cdd3a7d7c2a8ff5d948720e59cc7c02
SHA1 22ae9dc9f9fe690d542cf42b441ff7e4de7664f1
SHA256 8243076b3f8693ae0db4ec77a503d115f660d72483f98506a2f6b161a585dc78
SHA512 1e0b6f6651fda50f242e30d586f8831afe4a153498c9df952a2082edd15a1c764df032ff1f3d03eb484507cc6436631f827ab6ea68953506698a60a2482f9c6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73efb8a643d2e034078f8ffd12071f23
SHA1 f52870bb238c1cc264dd1ba8f960ef3db6109e2b
SHA256 2bc092787ca0854aa7a64c2b62fe961c5507ade19e58e38cf87d1cc1ccf07380
SHA512 be41ab58f64a726b402d710d7fa72879720f9e5e968293a052d29cc8fbc75eddcb8be68c3166a64f408f5fa8d7866db0d6987bb316876ad85d522232e3177f00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d250ef5e0fd1f358e8e2b289a11103a2
SHA1 30dc0a68afb9c895072a9cc0d20f3185b2d0697a
SHA256 4c7928b9ec555a34b441a76de64613144340e35f431872780d7dde325638a107
SHA512 95c939aa777b8b084492b9f0f7f0d0b8e45c27f6cb134410a869de8eb530e4a8d2fec863acd3ffabc37383fafd991fef8645c91c41d90491410ec912a77f154a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 12cadc734b15fa6472caae8ddd8484ab
SHA1 989260aa1c7dd753302b89f77edd51b189ce9bb5
SHA256 b4277589addab7007ac77657006b0d56e387b4c487cfe899e5454247b42580ee
SHA512 b6563fdaac4cf40938c775d67c1fad5db82cd984bf3347874a73a82b0cae5768e67f3698987ac0fbca68630ed03fa4d5fccb141bb1cfc6f9d28d26c75db91125

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9742fcb213703b3f8ba82abef48de091
SHA1 9699aa8965b7621cc8f351b4d51928705290777e
SHA256 ae1bd3b28aee173c103546d38cbec18ffc8c29dc95957ffd2602d6e1b60a5d03
SHA512 0297611b39ea87418bf9b75dafcc79a9ad01299a8b116c57643ca8b1e2926c16303c05261745ae77c34b0987a6dd304312670d25734a006aa9273b31334c98de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb0159c104f24b61e0b37c43292bc29e
SHA1 8043af1f65b828783a9e6a9396e9f9fee91a3eb5
SHA256 93d2ccea811572bf7a223ad98f34739f2ee549adc37dfc8c391da9f7a9cb03d5
SHA512 62ae7b32c8c7dd8caf6e7e5ee1822baf57fe82d978f52d10b7370c7965e56c1f2f30861083f484700ad1dcccc639523ef95738ad691fd9d84d75f03083fedbb2

C:\Users\Admin\Downloads\LivingDeath.exe

MD5 cdfdb046ce89e2b4667ec83a4b569f05
SHA1 54f192c3dafe359707c01926aa0e5ef6228fa2b5
SHA256 b105701d8452833153625e1c159c9a3787b9d5c99e5cfb24f19522d0ece66820
SHA512 7b3003b9b174adde0f75c53c0c83c9448093de6cf5972f54ded7481292b95021ccb7eb3c5ac66a3fb2f4b6ae96126b132fdf6586b09ea57ca86edf23f1471bf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bf4385664fea39754dd233ff241f8835
SHA1 03530c60cb4498aea032397083aad1118a07cc9c
SHA256 3e4ce3e5657ddb5615194abdcad3c172a3fefe68532b0a030f90922e01dfccd5
SHA512 6656b19dca4d84695c4cf5e0e9916ffb1ba302ff3f9bbbb41113e4f4ac0f80e8ab39beecb47e14aa048fc728966e9ac0fdf5df036d187ed161bcba574e10c3ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3d305469e1a884ff5a6cffc43fdbd71
SHA1 0d79ae2c2f6ee9185ec440112a0d53341d3e017a
SHA256 aff00239eff08c131cf10edecff558eb223353772057415f2ca694027dd6e10f
SHA512 40243bc2ab5403136f2c83f2a7b2fc7e8d1d78f7afa7c0ae8915c8421448be9a823922f20a7c4235a8bcf2594cd3db4053f6a7c07f2afa318d73644c80741981

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 2b88ce295f43e161908b91ca536bc4b4
SHA1 bf3e529eb48d326e7a679d5e805b8c2db595a5ac
SHA256 bbe9ebf1f4bb2341ba5ed56718a21d8a8a7f6767954fdc228e54e73675acb585
SHA512 437f764d757bf8f037db884ece620004bbb70ae08c49eb59597ec00eb3111ad2ade50e4b0e2694e9617312cb6ff9daf5608ce9f0618f87149df89e02b2656e94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7019225262df61671170bea1d00c03e8
SHA1 027d9730dcc9023021d3d0e67931a8b6f6644380
SHA256 72adc936063620c1b7a58b063dd3a7472361cfc68ad6d946ccabd86b276d806e
SHA512 b3f32ffb430eb9950f41f9d8988fb2d3ce6499cdb2895141ff69fc499ece07606f4f5e3998e703c96aac843cfa416c5b836c2f855a0269164bce27f3d45f4b83

memory/1380-460-0x0000000000B80000-0x0000000000BA2000-memory.dmp

memory/1380-462-0x0000000000B80000-0x0000000000BA2000-memory.dmp