Analysis Overview
Threat Level: Likely malicious
The file https://dashboard.blooket.com/my-sets was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Writes to the Master Boot Record (MBR)
Legitimate hosting services abused for malware hosting/C2
UPX packed file
Drops file in Windows directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Suspicious behavior: GetForegroundWindowSpam
Modifies registry class
Modifies data under HKEY_USERS
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-16 18:09
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-10-16 18:09
Reported
2024-10-16 18:19
Platform
win11-20241007-en
Max time kernel
599s
Max time network
591s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133735757794750254" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dashboard.blooket.com/my-sets
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc8202cc40,0x7ffc8202cc4c,0x7ffc8202cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1752,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1740 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2040,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2092 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2352 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4308,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4416 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4940,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4956 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4972,i,8122075209224679604,7225652351095038972,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4888 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | dashboard.blooket.com | udp |
| US | 34.120.37.181:443 | id.blooket.com | tcp |
| US | 34.120.190.171:443 | ac.blooket.com | tcp |
| US | 34.120.190.171:443 | ac.blooket.com | tcp |
| US | 104.17.202.1:443 | res.cloudinary.com | tcp |
| US | 8.8.8.8:53 | 1.202.17.104.in-addr.arpa | udp |
| US | 34.120.37.181:443 | id.blooket.com | udp |
| DE | 108.157.4.14:443 | js.stripe.com | tcp |
| US | 34.120.190.171:443 | ac.blooket.com | udp |
| US | 34.120.190.171:443 | ac.blooket.com | udp |
| US | 34.120.37.181:443 | id.blooket.com | tcp |
| US | 34.149.18.126:443 | s.blooket.com | tcp |
| US | 34.149.18.126:443 | s.blooket.com | tcp |
| US | 34.149.18.126:443 | s.blooket.com | udp |
| US | 34.120.37.181:443 | id.blooket.com | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 84.69.194.173.in-addr.arpa | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
Files
\??\pipe\crashpad_3672_LFKOEIHMFBNLSPGF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 1585c4c0ffdb55b2a4fdc0b0f5c317be |
| SHA1 | aac0e0f12332063c75c690458b2cfe5acb800d0a |
| SHA256 | 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5 |
| SHA512 | 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 1cd1129ccdbc49c0b25910d2e60057bb |
| SHA1 | 1ccb3374572e517f1b4fb88696bbc37c48a4cd67 |
| SHA256 | 93acb6bb6975b7cb6c0099a3b695a6c6e43e650267f585a79dd5367cfced081a |
| SHA512 | 524228f54cfd984ab95b1c6dd2f98b0ec579d0db7e85ae140f5d7739777b248f8e692b6903f6e236669f74561cbcee559ba0aae33f369a0b03efffe18b02a980 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | fc12ef1c3d520652355c2c82fa42d8b0 |
| SHA1 | 713fb885d39b7e06d87b8c29b2770b27535be166 |
| SHA256 | 5c0c2916ef9f0b487a1adb8115db6451322070fa46a44734a4cf75f8730d7bf7 |
| SHA512 | 6affae6378f58ff117b9cbb3e0d96c395e1e1307bf29e4b712493a105d45e1e976035ef2e723fe1bca95d5ebe38686705070e78702993d0111bc7898fa06ce2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e9e9b14ddd02762e17fde817100d97a7 |
| SHA1 | b3353d0c7dd958ea59843a3061a45da16f5878ee |
| SHA256 | bd2d16e5105fd8851c68f85160079f6add57b85d8751d6f6c3aba8e17ecfa36f |
| SHA512 | 05ea33a69f576774c8bce884c47125312a609081fb3eaf5fa4189bb139094eacb862b94a148de97c7ce071784b9838b6fd91cd1ea742f087250f283b187d8504 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7ddc5327f9535deac09d8df892bb70ec |
| SHA1 | ecb4db758d35a5b321c486fd8c07eef22c347dc5 |
| SHA256 | 70ce6b088888cd20624d70b0fe689a73021c5eed6be355f92fdd9a742da15d4b |
| SHA512 | 9d57d5bca15eba1f9006b2afe663abaf285b8432700c24b90d7d9ae928858f33cb8fae04c7b7b13d646ad5dfbac82a810d24c3e2b7c5db61975bbddacc4dce34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8f75202dc146d3b33bd93c809cfa3741 |
| SHA1 | a85337820a6d5eb3582e594795e1ac9e368b2208 |
| SHA256 | b1793fd3e4bcdde9483441b33b5523042878b548f05f5e30523d046b08244daa |
| SHA512 | fb76418e54ba92f454fa7d6b716326c15d8b937a677c02b33dd71339da1c9f3f631ab95f2fa1414fa99f2ecef8aaf98b478d053f45a048ef7298628a743fcd4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0826926e9d92721a7ff148b57a49bc6c |
| SHA1 | 9da9a9484704236793c633ea54f5449c6232e1e3 |
| SHA256 | daacba927d2cf4cfd6180a3214124f231af9009a096a380788333ce3f5e5b555 |
| SHA512 | 025d01795b7f0e8fb6627fdf12f76c4a801b9fb15c6caeec932b993b94559f3a051efc4e2058a0cb53e8091ee832020d9622be95aaeda25328d3c638bcc5ff29 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c99e5bf6958bb3beb502cc84c121f770 |
| SHA1 | 43f8921b79c1c1d7b1559b7b355962c1964e7b5a |
| SHA256 | 79af7a4d1c9c550e8a49331589133d8cec35dfefa12d3393e75253ad3da9211e |
| SHA512 | 9c2fc5c8f07f365a3df0435ad42ac61ce8b4ebf7a321014c6da3a11dfbebe87113d6d0ea12cbad2e8ef6f6997850baaa815c7e9878aaf653f4efea62250d5473 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7e5b41531b6a0504d435b92f35c1195e |
| SHA1 | 4dc0a928770d5a5a5171905346b8170d24008d9e |
| SHA256 | fd21050ab6dddee3de6210f06443ef9155d533821325da1cb279f6b784893019 |
| SHA512 | a0b2b327472d6644b8396b1f4bcc960517f0650e1b073fafe38471ffa0a701e3489b7b3814ca7f3e4bb0868fec1372d02e225d362084185c72ef12ebed3e0760 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4a0451baa70f64393f88900409836e07 |
| SHA1 | 10678c3345c2955fd65fd8bfa6ae358bde9215f5 |
| SHA256 | 52e119ec5640fac6da5037452f0148fea4edd5f845c93e1cf2cb129bbf8ff1a3 |
| SHA512 | 872adafa38570344824e4372911892d72af0fc2f4eb676da76773ab3087f8b5c798bda8ce86f4730d5bde12b66506beb7b0d6036148589a57cb9e8504de7b9ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\04cef22c-2919-4381-84dd-4b2c017cddae.tmp
| MD5 | d451849db84a6c4ce565f5af0a31c44d |
| SHA1 | 709b1146fdd54d24f717c654f6387ffeb2a43e10 |
| SHA256 | 2004b82e91958796a178ac14c97706fde4a128cddfca2477f4f2788f5a9366ca |
| SHA512 | de84bb316cc71607bd7195814abf6b476463d3914958a74e1fee978675d17e91f3a71e03d53b53d888c21ab545277c6603e464dc814a364468c510917e96ad70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0a48278038f442b81626c5ead7629ee8 |
| SHA1 | 1c069616b60112808b44f7a45fd12392d38da708 |
| SHA256 | 5581c351c946d04cae81b05a087129a9ec29a4928fad2ba08a6cb478a3de3459 |
| SHA512 | 5fc880b4b47fd79446b2232bb3884161174c6452d5a6136aab805b1e5eef449b9c1d0f7e251432150a65a34a9dd8a898309408e94822e31d6ee4c5d2393594db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f3026768b2f638eb40af5249cc006468 |
| SHA1 | 4dcc92d40049ff9842002fdafa34f1ea24fe3ec9 |
| SHA256 | 7766ca240b334ba49fa2bf904a4207d2fd8ac817f2b647837f662569d76f1a00 |
| SHA512 | 6c2a1545d93163e083f9bbcfcbd48d821ef6cca1e4013d87997a3020e9b8311f6dc6d0874b57c78a4c5c67a01aab36e8923bde205b075cad665cf54ba469529a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8b191a111473d8487450be0e989b02c3 |
| SHA1 | f252acc24751bf6d338742fcd5030982f83e3062 |
| SHA256 | 52c5c4fa0826d7f838378fc34ce0b821f28161cab19c8bd3415a18fb073459ab |
| SHA512 | 2f00153aac0ef7d5053e50f041b591ed9c0a023417d5f7667a942f3909f56ded2b1e188432e93134aed8a3804edea20d7c5fbd514c21c8418bd7a4bb89d323de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 459dad09cc87a473c0de8a3fcd9e0616 |
| SHA1 | 1f03d27ca1b5c34bad37ded633feed38b6167401 |
| SHA256 | e56001a14a3941090703b4a1cfbbd14db1e2c1fb5dd358faebf127444b3900ad |
| SHA512 | ed1cc92a5015cfe6b65da0d0c6f418197d601de87974dd8d0049d71ad39ab2df4c76d43d7f77ac1445b87294226be8c24f4466597640b4aa6c11b3bd44af8018 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b8844950-6ea5-402c-9f55-3ba95c8a03bb.tmp
| MD5 | 990d61d1db98689e2e5aa0c01b00ea5e |
| SHA1 | fe90e5676ba6aaec8f878d1c5dbc0be36ce88170 |
| SHA256 | e2d917bd20e309a06e383d31f98ee46d6b916be7cb5d058c4877080047b045f3 |
| SHA512 | 34ae90d330f749bfadb7aaebd7c6c4bafa049af77455e95a0e81db74722dd8ac856cb5038fb1faa984015fc6c73d5f8f4fada16c0739e0b98f1d42ff9b6542e5 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2e536397b9c656c7d12b2fca9768cb7d |
| SHA1 | f3baf9ad3256ae604d0d6d0aecf3bafff678ca29 |
| SHA256 | cd882164d52e1aa59c2fde627017f063138d02e987deb4bd36c5403487da08ce |
| SHA512 | 645c45283c4d77aa4c453bb2f73928b3eb5339831532cd1eafee3eb2d342365ae9fa063deb0b87a578b38e750f0941b481c01c8e71837cf5d842ed5e97fa20de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 759013a33ca1f057cebb4d2aaaa5ed6c |
| SHA1 | 9601d4061a391f197ddee88c4451788c95a2e8a9 |
| SHA256 | 96168215cabc87987e274e86708bb21ecc367e8da5dd3cc6fa66fc9e4cb18f1a |
| SHA512 | e24990f840cd97521c99688b15ab035832fc78180257ae1147648193795614141266279557281052600c3719522f53baa48949b2723b04a9ebfb35c8a0b39ac4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 85b0592804d9c2b0cba789936a5de5da |
| SHA1 | f9daf8c61ef591dc3fae1a98170d36310de2f386 |
| SHA256 | bd77136888ebb14ed997442fa702aad0f797a8c97979495e0fa43d0f688373a3 |
| SHA512 | 7d26a6f795c161792db418a7386622d9496682a0173d141aa2454eb75cf108cab0ba31866c065b180f87a910e2ba5120c06b171074b0974380708ec855a77231 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31cf8dc7ac1927faa69111f3dc1da6dc |
| SHA1 | fdcc1b9174958362d54b705eb373db65471d63f9 |
| SHA256 | c47d4f0a38d79863837dcf8643373e59466e7c385afbc6fda64cc2f7d6045833 |
| SHA512 | 76f64d901f1e91302af4bbeddb8820a7b2bf512c3a5a07d1fea582b3709213b453c13d785de833bbd436a7f04b6a0a0b1a8d3955e3da5297b19a5f5e347fa9f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e37dbe4fc5a8354c5518b6e05b17cd04 |
| SHA1 | 2cf0dacf2dd82bb803dd28d67b5f6d395ae2fa00 |
| SHA256 | c8fce97661660365c566e72c48f79351c99b7b450eb3c1a2a3e3ecaad4905e69 |
| SHA512 | 07b520e19632f045dd197e499b3d85f73251b685907f62e116420ba61a2ec7f07d7bee82cd71969dd2d3345963069078622a314bbb417b1ecf8e3f95891acb6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c2b3abf4b52f6fc1e849a8c7a2c7e7b2 |
| SHA1 | 73af01530ea5952f232612d0e143504b23921e2a |
| SHA256 | eb3395a2ef7f4c44a7b2c57c4b500b39052af8b33db53538aadd484a799164db |
| SHA512 | f7f0a10ce209dbc6b835fd21109f6c8957991fe057c548c4358596d4567b5205beed41f76df8c1fb9e4e0f484a5708f31d1803b7c4a2188a897b56bdea1c747d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6559133d7e65c8252944f2eed8fc19de |
| SHA1 | ffc670f896d3fbbaec07d280ada4cdb57b365191 |
| SHA256 | d930522e9d2d34c968fcd522f288196bd0f3b08b881f2f5a265329dd29cbbece |
| SHA512 | 8fd6042457a3dbf30abf3d534fc7bb9ef2cd80715c67c99a6022dffcac02ff244b6feaef9e597c60e0304b12cfa8d8e7644c98b1fc340d6a50760f8a29fc8b7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 630dbb7331d4741f938a4e4a99b23886 |
| SHA1 | bfb209116ffd616a05f8f318b886e1183dba39a9 |
| SHA256 | 9835d9d94cfda1cbf765030d68012c9903eb34453d948c49ea634d2f795ded91 |
| SHA512 | cd73e0df3cc16cbb54db3cd9c5e219e4d33a029246bd287d53987d0b5dfe2f60897f76b630af4735cc1cd3624f3213fd197cc091690cc700cb54e8fa9ea82d7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1ba16608ed337b41dff0ccaccba34f1c |
| SHA1 | 7b6bd63a04a07043fa0920d266538cfbfd9b0a72 |
| SHA256 | 494aef09e4ff4f3c4bd6011293f51b56f204d24cd2441c920a74f476646a36cc |
| SHA512 | 7c11dba85bfbb2018b081b0336c75f4dc7b16da4c484afd67a72acfbe3303df590773171826ab05ae68b21bcd096e71032c337098fabc9a5be25099e6c3644c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0b2c869b1912862c5761735e6fd08099 |
| SHA1 | 8b39679787ed4760b343209f09bcd611617619e6 |
| SHA256 | 7b04720e5fe8fa6b295baa805421a06304ffaa36ffbfe8cc960008108b243698 |
| SHA512 | 16707177c34b23e13683237c7ebebaea785c96f66b4ab3567e4bfc0ad6a0a22d68e9c7102692a9aeab0193667fe877d0ffd5f2d6115c40bc3ee9716e384be456 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 98110ea89f5feafcc5d6e4e88be95af7 |
| SHA1 | 294bdec3a47a0917019850e43b034a8f15a3d417 |
| SHA256 | 3882cdd19b2655878d0d81a9440ce787a3d249aa9459d89129d8abff19614085 |
| SHA512 | 7e2e79e55104d6fc2d88be109bcea28be96b075fc47a04d0cd2f2eb7fc455f0030a5fdc7bdf82348073fa90b12d014ddd306def5b6288adc35053cbfb90fcf3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3fa64138218c60105e0b6daec92707a7 |
| SHA1 | ff1b6a7ccf489896bb8791b3f14f419d2472295a |
| SHA256 | a631e752a23a79f4eb7e43d0fbe6075dfa2c3948339d929bfa2a314da560c79a |
| SHA512 | 86be10ca31ca632f2bcbc2d4653ef3f924d9afba94f1a754e1492a18591f9eaead7423e389fd81c60759183c403ca94c7dac1ec78780a57b631230fd3c60c3c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 52840fc175cb243845cfffe9d1a07c8e |
| SHA1 | 19d81a74e272cd62d0c0300c5d10fc149ad194f5 |
| SHA256 | a9f454b45785996a8938d936fdfba9d2d38c7b90351ff0795e7be6d7bd1f1582 |
| SHA512 | c0f5d398f3b3213b2be9537e14d7b1f3aff1fdd563f434372577a8409c221043330d5b710ababa98b2b8e6b9ec3d5fb8e50ea9e25680e8bcaf900ff732ffc7f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 707a18512b290a4d8fd1a868fd6fe765 |
| SHA1 | 69b6624e9a8442190ece6ba196e32e1ab8343346 |
| SHA256 | 1098f305512062ecd2e6aa64149d58b90240d0651954ba5c976f08b31771a7bd |
| SHA512 | db3abc8c35bbe74942e80cdfadf4f17a9bd9a6557e4c56e0ed8b5b8365bf325bfa863b70282573370fe3ce5460e79273b3dcd7ca0b4dd9a59196790be810f4dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 29772c61403c4707ada8060f7f654617 |
| SHA1 | 158a0a2a81f0c270b39bf6899c19e387ee8cc533 |
| SHA256 | d7ee487eedd9cf51961df1657d826999cd2e38fd215ae519dbf8d0ac70988146 |
| SHA512 | 17af5efd3385729f9294f372fabb7c3cd508136aca2d3328c5140f8097fa134c78ac76a04a0c92678c27431f4968cd0488ee893769b1b87f219a6d7d05e4a3e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0b097d8746666a2a2122775838e84b4b |
| SHA1 | 6c7325ab98891ee510465f5878174de4799464b4 |
| SHA256 | 1445d2017b1d7ee53741d6907769aa0e907d5fc9f64ea5e93c3b2607b269f443 |
| SHA512 | 458b93d47f2e03bca291a8286c26a4248e9bb00ea8e9706bd3fa86ada13be91f2cbbb8277a88dbc3776a8711433f500d1905dc70e3a9350d606f839133905da5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 805c00e92f360fb5608f83b78ddc01f2 |
| SHA1 | 3e469cfc63b7447a0a30dc8bdc7ab2c3e73a830d |
| SHA256 | a642d6482d5b9b2879bf6c2f0343b96cf773faee5fc84cd2eb9acd910e7fe971 |
| SHA512 | 2c88fb799ff360191ea74485cc9f9c2297ca88263cbf970ae68d480e22a67cf21256f8e8524d075fc8796b3943e95afcf970e9a2ae29f21d26696dc3d0c4554f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 76650c0e2be630f546618a1ccb0828f1 |
| SHA1 | 2d8bc41dd8be3b444cdf66ab1f3a6127d991c52e |
| SHA256 | fc5e7ecc4806aae76f6fa88c163d1dfdc18b3ab0a9a5fa339a6c7dca195c5c14 |
| SHA512 | 298c40edc7e0e1dc5f8965ce702b9605bf985e6f67605d6bf94213e363ba75baeba38caaebcb26bc30a7ee287c9777baaebbba8f9531113f01debd2323c44e6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b05700f16a0943bce351b4eb1c9e0e6f |
| SHA1 | 28e55a4ebcf28d417d642fa71a7b004c968ddcbc |
| SHA256 | ffe8694546851ec694c2b67be8e572fd1ea779f29a7e97f1851c73053722686b |
| SHA512 | 2967e00c7ade3f526c7250578a76f386dab5eb8b4ff009b0dc11924795fff9bbd80a164fced9c992c920e2f7885e6fd25889787d71e03a1c0afe6581147e0d4d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9f999b29dc6f9bfc164ad1f27043d5ad |
| SHA1 | 7c85c4bb797240e483ce5eea84cba167e6b705e6 |
| SHA256 | 0beb60ce4d39974cb6080ff7fee571d2d7f9263fd2a41bf2d72d2cf1293fc2d8 |
| SHA512 | cd4ddcfd87f4d257cafee4571d1f2e02a43e84e8e5a066ceba8f71f00ee39e2f81b6f3793372a08b39b63c5c65e5cff6b3824145e4d01bf1fa061d2d063b313b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 362b8a13ec9c8211bdab30fcce74a495 |
| SHA1 | 493126b4329ec1eed06bf0686060d08299e44011 |
| SHA256 | c0a31111fb4ef3f49025fbf54c74336e48b0563d1c6aabd1a3f475ee6e6c2576 |
| SHA512 | 1282104a7f592ed6edf98a92afefd1a3bd96169691aca656bfaece0cc602f30548237f02782cc2a7657e5084886edcece0f0dda287f437fd560e003fdea24eb9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 70b77490bc2f42142a18605afc5bd7e2 |
| SHA1 | 2c114e8c5d67c0dd898e315265b4c7923b524ef3 |
| SHA256 | df26a79bae030edf5377a083b1b5cd824940bb4924a2f2ccd3ad8bcbfa916928 |
| SHA512 | bb891e3254703acf8ad9054df4179e57ca4ec69f187e205192a24d2c5801d8c496708ead5ad28788bb84ee408f32f2dcae903c6f2bc58ba3988e5b1bd5fc35f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | adc1c33d89d3fa3aaf026352b7f3aeb9 |
| SHA1 | 6c940824b1a68f8df0e8e6b2b714164bf56a685c |
| SHA256 | e194f54544fb9f906bd3f080a5bc4390c4aee26bd3819d61d969c88087830967 |
| SHA512 | 38e99e66628bd1e0448655a3b3eb63ba3368468f38288dcf4a05666a67f3523d2d55905a8156f2a6d03db10b8985b8d84acb250cfc4cd3ddfe5f582c4c98cbc5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | adced7b2685867ad36b6f896e4376815 |
| SHA1 | 5b87e13c891ae2b956c6a511112e87e64abfa4aa |
| SHA256 | f64930dfd56daf03aa279afa8ee3d0b512be6f914770519e94b5f75db2d4514d |
| SHA512 | ad31b9f1b2aad28baf743a953326ea6af1238ff40ac861bdb4fb156911328027fd69b7c92fb2a40f6cc3cc5f2f2170d167bb8d97b2ea09f44f9bbb882a3f5d73 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b47aeebcf1b61af8924cc70ed2fe9df2 |
| SHA1 | 2e21040b1268e15d77e8b276a6c8f2a8ec7843a3 |
| SHA256 | 005cef1968eac018d221d770a4212344611496e33516183dfca22c68e376b9d2 |
| SHA512 | 05fb0d3e0b67bfebde9e9091143b8aca99e5510b59d7f21779a604f4b1ebfd21cdd9395cbc0f960114d3f3e6dd55e242692de2b6e24b2a4fa30ed503175b28ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f6609bd40bb84bf1961d346dbd115b71 |
| SHA1 | 712a1900f9152a802b6f382945c0795c28151a59 |
| SHA256 | 6abda28c2ba2a355793b977cad7ecfc73846b115980be991954acaf40ec7ced9 |
| SHA512 | d340b12194dd267cdde6100eea70d1e425ec2d19948df8c27948766099a4b6dbf06468015db141bf1295712e79a2dbdb870e720e25acd113d94691af6d130ab2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 17e9cafd3c3e90bb077cbfbeb267183a |
| SHA1 | a75f0bded855e31d0b327d353ae2cfa4326db779 |
| SHA256 | 41dacceb1d12e8368fd2b4ac03276d6c8d8d5955e79b0eaf9eb161fd66c562af |
| SHA512 | f36414983ffbf278d5bf76fae1fc45054468fc8760b9adbb6375e2b88ebb57d2e4889ade5a0d5c81c1ceaf5dfcb3c565047cf2bff1eaaf762a11034dcfaeaef8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | de878f1f68db8bbb4b03d8302aa57ac1 |
| SHA1 | 00c12e81f029ad1a1a18e83112aee74ca0f4cc8b |
| SHA256 | d8c5764b0ac54cb27ec974c371bb31871d05ae8a7cd53803f514d5807bde596d |
| SHA512 | 849af07e8dcd0b3b89758f378ccf2cc906ceb5289ed634154ee7d79d72b64dd3ea8330198f0ffa2dc268f069582deb246723652f3f954f8954bc17cb2b971aa7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 844ecaa0fd938f15c63fb8a139ae8380 |
| SHA1 | 629f479e9ff2687403b6a0e3f215f7ccbf67bc7b |
| SHA256 | dd39d75104d7856460185fe12f7a0f7ecd7365cfed5bc1e468051b924b591640 |
| SHA512 | e5614fd36a9de920e923038f2ab4759de63b03bfe54d34cdbf0538f905f5fcb3d83a9cf88a7f3823ab7977b0d3faf8d19792e6f4d06debf81bd40019c218d476 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-16 18:09
Reported
2024-10-16 18:11
Platform
win10v2004-20241007-en
Max time kernel
98s
Max time network
107s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\LivingDeath.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\LivingDeath.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Browser Information Discovery
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\LivingDeath.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133735757776158198" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dashboard.blooket.com/my-sets
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff996cccc40,0x7ff996cccc4c,0x7ff996cccc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1924,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1916 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2164,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2192 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2224,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2252 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3208 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4656,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4668 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4660,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4756 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4956,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5148,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5180 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5204,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5312 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5444,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5460 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5380,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5340 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=208,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5076 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4872,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4876 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5388,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5452 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5604,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4676 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4856,i,10396047848599884528,15376951884912607398,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6012 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\LivingDeath.exe
"C:\Users\Admin\Downloads\LivingDeath.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dashboard.blooket.com | udp |
| US | 34.120.37.181:443 | dashboard.blooket.com | tcp |
| US | 8.8.8.8:53 | res.cloudinary.com | udp |
| US | 8.8.8.8:53 | ac.blooket.com | udp |
| US | 34.120.190.171:443 | ac.blooket.com | tcp |
| US | 34.120.190.171:443 | ac.blooket.com | tcp |
| GB | 23.44.64.36:443 | res.cloudinary.com | tcp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.37.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.190.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.64.44.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.28.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 34.120.37.181:443 | dashboard.blooket.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.192.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | id.blooket.com | udp |
| US | 34.120.190.171:443 | ac.blooket.com | udp |
| US | 8.8.8.8:53 | s.blooket.com | udp |
| US | 34.120.37.181:443 | id.blooket.com | tcp |
| US | 34.149.18.126:443 | s.blooket.com | tcp |
| US | 34.120.190.171:443 | ac.blooket.com | udp |
| US | 34.149.18.126:443 | s.blooket.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 34.120.37.181:443 | id.blooket.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.192.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.18.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 84.69.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 172.217.16.234:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.179.238:443 | apis.google.com | udp |
| GB | 172.217.16.234:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| GB | 172.217.16.234:443 | ogads-pa.googleapis.com | tcp |
| GB | 172.217.16.234:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.201.99:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 75.117.19.2.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.201.110:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
Files
\??\pipe\crashpad_4556_XDOHRKZIURRIRCAL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | 1585c4c0ffdb55b2a4fdc0b0f5c317be |
| SHA1 | aac0e0f12332063c75c690458b2cfe5acb800d0a |
| SHA256 | 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5 |
| SHA512 | 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 453d2f1a867e10ef77a1209a73c5a7bf |
| SHA1 | 3d7a672f8d0c18af50c63f2affd902545b42242c |
| SHA256 | 09b3df2439b4939b0ef1692ba1c1d6d252c65f3f0742bf03500edf09f208bb21 |
| SHA512 | acb81b6a43c52fec0ef5a9814fe6e012c25ea872fe1dc9774ffac6522ef77daaa951821f6c365580394626233a5c7deb8d16b0e78d26e9a8e9ebdec333d8f1f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 98529596e0532591d92c109120f4e56e |
| SHA1 | 2f418e3d150dcc87745e8dc84bf70ef6fb9e3355 |
| SHA256 | 21e91ed1d31a1d6c6d432aae84825209d2edd6dd5e043de3f8fdfd4130f4c52e |
| SHA512 | 53bb2f3f3bdb05907d0ae43398034a6065e71553e1e43adf5c2701cc442454749c953bc6bf1f3a7f79e77bb264fe24ac10624e62d6841cd6b5533b5e58c1750b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec42d4a5513ff3c1f704b08cc9271d13 |
| SHA1 | af55b188ec3def3d274c605de42be3e7f1c790d8 |
| SHA256 | d2d35e728d75cf0f999b8da373cfde3133784570320a12aab4042cdae6692b61 |
| SHA512 | a4fa371f6a7a4608caeb3274cb3fc240b26afccae7ce85d3eb1199e90edcd71d019fbf5a6e6368697a6dbdb33f7b9d2bb5699e4828c4d7fe0cc8fb69e9838580 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fa1c5fc09d0b94146bf41b5fb5d85187 |
| SHA1 | 1e6dfe75a4064d1acdde70dc20894b3d43ee5821 |
| SHA256 | da3abf8ec04e86c87f7408c0ab39191f74e25934bf0fcb6faac12262d3d5d7e4 |
| SHA512 | 29131aaf6260c893acff16d1b5fc67e32dcdb36ac05dd478c6b12859ac7f92cf9dced47e816da7a6927682b8d0fd10897319abb439cae5bd3f2c349a53d9424c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cba30454803caea2c5863024475d48a4 |
| SHA1 | 9fe577a2fa60b15622619690b4e8cb661e72c2a8 |
| SHA256 | 40e382f24c4ae9888b719694a9f7cc487a9e701abd5e14a6741e6cb16b348cde |
| SHA512 | 2b228089968ad3735e20daf84d04b201af989593ccf7c584a9bd462c1595323302483341b3df9009ec05a26489a3779090c18f0b1a3fcdc22b481aa017e4239c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a5fe2e339d67e5258617baa6cf17b983 |
| SHA1 | a87a34d22a5c9e040349d5b2e7ee22b8a538983e |
| SHA256 | 994616d576425d76e1b4418aa1e452ff619cb63fe82f780f0082bd3bf7786a7e |
| SHA512 | 81c257b6cf089d4d7ef610fd75009753570d047253e09edb7034b17be0e5b72ac887f4d173ea4e247dcedbfa6303145ac794150946cb9ed3eb8ce193fbe15ce3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0cdd3a7d7c2a8ff5d948720e59cc7c02 |
| SHA1 | 22ae9dc9f9fe690d542cf42b441ff7e4de7664f1 |
| SHA256 | 8243076b3f8693ae0db4ec77a503d115f660d72483f98506a2f6b161a585dc78 |
| SHA512 | 1e0b6f6651fda50f242e30d586f8831afe4a153498c9df952a2082edd15a1c764df032ff1f3d03eb484507cc6436631f827ab6ea68953506698a60a2482f9c6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 73efb8a643d2e034078f8ffd12071f23 |
| SHA1 | f52870bb238c1cc264dd1ba8f960ef3db6109e2b |
| SHA256 | 2bc092787ca0854aa7a64c2b62fe961c5507ade19e58e38cf87d1cc1ccf07380 |
| SHA512 | be41ab58f64a726b402d710d7fa72879720f9e5e968293a052d29cc8fbc75eddcb8be68c3166a64f408f5fa8d7866db0d6987bb316876ad85d522232e3177f00 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d250ef5e0fd1f358e8e2b289a11103a2 |
| SHA1 | 30dc0a68afb9c895072a9cc0d20f3185b2d0697a |
| SHA256 | 4c7928b9ec555a34b441a76de64613144340e35f431872780d7dde325638a107 |
| SHA512 | 95c939aa777b8b084492b9f0f7f0d0b8e45c27f6cb134410a869de8eb530e4a8d2fec863acd3ffabc37383fafd991fef8645c91c41d90491410ec912a77f154a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 12cadc734b15fa6472caae8ddd8484ab |
| SHA1 | 989260aa1c7dd753302b89f77edd51b189ce9bb5 |
| SHA256 | b4277589addab7007ac77657006b0d56e387b4c487cfe899e5454247b42580ee |
| SHA512 | b6563fdaac4cf40938c775d67c1fad5db82cd984bf3347874a73a82b0cae5768e67f3698987ac0fbca68630ed03fa4d5fccb141bb1cfc6f9d28d26c75db91125 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9742fcb213703b3f8ba82abef48de091 |
| SHA1 | 9699aa8965b7621cc8f351b4d51928705290777e |
| SHA256 | ae1bd3b28aee173c103546d38cbec18ffc8c29dc95957ffd2602d6e1b60a5d03 |
| SHA512 | 0297611b39ea87418bf9b75dafcc79a9ad01299a8b116c57643ca8b1e2926c16303c05261745ae77c34b0987a6dd304312670d25734a006aa9273b31334c98de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eb0159c104f24b61e0b37c43292bc29e |
| SHA1 | 8043af1f65b828783a9e6a9396e9f9fee91a3eb5 |
| SHA256 | 93d2ccea811572bf7a223ad98f34739f2ee549adc37dfc8c391da9f7a9cb03d5 |
| SHA512 | 62ae7b32c8c7dd8caf6e7e5ee1822baf57fe82d978f52d10b7370c7965e56c1f2f30861083f484700ad1dcccc639523ef95738ad691fd9d84d75f03083fedbb2 |
C:\Users\Admin\Downloads\LivingDeath.exe
| MD5 | cdfdb046ce89e2b4667ec83a4b569f05 |
| SHA1 | 54f192c3dafe359707c01926aa0e5ef6228fa2b5 |
| SHA256 | b105701d8452833153625e1c159c9a3787b9d5c99e5cfb24f19522d0ece66820 |
| SHA512 | 7b3003b9b174adde0f75c53c0c83c9448093de6cf5972f54ded7481292b95021ccb7eb3c5ac66a3fb2f4b6ae96126b132fdf6586b09ea57ca86edf23f1471bf5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | bf4385664fea39754dd233ff241f8835 |
| SHA1 | 03530c60cb4498aea032397083aad1118a07cc9c |
| SHA256 | 3e4ce3e5657ddb5615194abdcad3c172a3fefe68532b0a030f90922e01dfccd5 |
| SHA512 | 6656b19dca4d84695c4cf5e0e9916ffb1ba302ff3f9bbbb41113e4f4ac0f80e8ab39beecb47e14aa048fc728966e9ac0fdf5df036d187ed161bcba574e10c3ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c3d305469e1a884ff5a6cffc43fdbd71 |
| SHA1 | 0d79ae2c2f6ee9185ec440112a0d53341d3e017a |
| SHA256 | aff00239eff08c131cf10edecff558eb223353772057415f2ca694027dd6e10f |
| SHA512 | 40243bc2ab5403136f2c83f2a7b2fc7e8d1d78f7afa7c0ae8915c8421448be9a823922f20a7c4235a8bcf2594cd3db4053f6a7c07f2afa318d73644c80741981 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 2b88ce295f43e161908b91ca536bc4b4 |
| SHA1 | bf3e529eb48d326e7a679d5e805b8c2db595a5ac |
| SHA256 | bbe9ebf1f4bb2341ba5ed56718a21d8a8a7f6767954fdc228e54e73675acb585 |
| SHA512 | 437f764d757bf8f037db884ece620004bbb70ae08c49eb59597ec00eb3111ad2ade50e4b0e2694e9617312cb6ff9daf5608ce9f0618f87149df89e02b2656e94 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7019225262df61671170bea1d00c03e8 |
| SHA1 | 027d9730dcc9023021d3d0e67931a8b6f6644380 |
| SHA256 | 72adc936063620c1b7a58b063dd3a7472361cfc68ad6d946ccabd86b276d806e |
| SHA512 | b3f32ffb430eb9950f41f9d8988fb2d3ce6499cdb2895141ff69fc499ece07606f4f5e3998e703c96aac843cfa416c5b836c2f855a0269164bce27f3d45f4b83 |
memory/1380-460-0x0000000000B80000-0x0000000000BA2000-memory.dmp
memory/1380-462-0x0000000000B80000-0x0000000000BA2000-memory.dmp