Malware Analysis Report

2024-12-07 14:32

Sample ID 241016-wstyasxgqk
Target https://dashboard.blooket.com/my-sets
Tags
defense_evasion discovery exploit
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://dashboard.blooket.com/my-sets was found to be: Likely malicious.

Malicious Activity Summary

defense_evasion discovery exploit

Downloads MZ/PE file

Possible privilege escalation attempt

Executes dropped EXE

Modifies file permissions

File and Directory Permissions Modification: Windows File and Directory Permissions Modification

Legitimate hosting services abused for malware hosting/C2

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

Browser Information Discovery

System Location Discovery: System Language Discovery

Enumerates system info in registry

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Modifies data under HKEY_USERS

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-16 18:11

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-16 18:11

Reported

2024-10-16 18:14

Platform

win10v2004-20241007-en

Max time kernel

180s

Max time network

182s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dashboard.blooket.com/my-sets

Signatures

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\HURR-DURR 4.0.exe N/A

File and Directory Permissions Modification: Windows File and Directory Permissions Modification

defense_evasion

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\Google\Chrome\Application\debug.log C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Program Files\Google\Chrome\Application\123.0.6312.123\debug.log C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\HURR-DURR 4.0.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133735759096405208" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5032 wrote to memory of 2848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5032 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dashboard.blooket.com/my-sets

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd769ccc40,0x7ffd769ccc4c,0x7ffd769ccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1892,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1888 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2160 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2440 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3132 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4460,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4504 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4712,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4660 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4864,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4904 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4868,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5052 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5060,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5144 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4352,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5152 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5692,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5596 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3852,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4448 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4596,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5696 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5628,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4676 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4324,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5856 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4588,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5860 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4612,i,10685383351649650817,3185760086520884231,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6132 /prefetch:8

C:\Users\Admin\Downloads\HURR-DURR 4.0.exe

"C:\Users\Admin\Downloads\HURR-DURR 4.0.exe"

C:\Windows\system32\cmd.exe

"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\6BE4.tmp\6BE5.tmp\6BE6.bat "C:\Users\Admin\Downloads\HURR-DURR 4.0.exe""

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://hurr-durr.cc/

C:\Windows\system32\takeown.exe

takeown /f "C:\windows\system32\winload.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffd62e946f8,0x7ffd62e94708,0x7ffd62e94718

C:\Windows\system32\takeown.exe

takeown /f "C:\windows\system32\winresume.exe"

C:\Windows\system32\takeown.exe

takeown /f "C:\windows\system32\ntoskrnl.exe"

C:\Windows\system32\takeown.exe

takeown /f "C:\windows\system32\hal.dll"

C:\Windows\system32\takeown.exe

takeown /f "C:\windows\system32\ntdll.dll"

C:\Windows\system32\takeown.exe

takeown /f "C:\windows\system32\ci.dll"

C:\Windows\system32\icacls.exe

icacls "C:\windows\system32\winload.exe" /grant everyone:F /t /c

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,9930144599793199427,7299556984925939305,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,9930144599793199427,7299556984925939305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2364 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,9930144599793199427,7299556984925939305,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2808 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9930144599793199427,7299556984925939305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9930144599793199427,7299556984925939305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\icacls.exe

icacls "C:\windows\system32\winresume.exe" /grant everyone:F /t /c

C:\Windows\system32\icacls.exe

icacls "C:\windows\system32\ntoskrnl.exe" /grant everyone:F /t /c

C:\Windows\system32\icacls.exe

icacls "C:\windows\system32\hal.dll" /grant everyone:F /t /c

C:\Windows\system32\icacls.exe

icacls "C:\windows\system32\ntdll.dll" /grant everyone:F /t /c

C:\Windows\system32\icacls.exe

icacls "C:\windows\system32\ci.dll" /grant everyone:F /t /cç

C:\Windows\system32\mountvol.exe

mountvol C:\ /d

Network

Country Destination Domain Proto
US 8.8.8.8:53 dashboard.blooket.com udp
US 34.120.37.181:443 dashboard.blooket.com tcp
US 8.8.8.8:53 res.cloudinary.com udp
US 8.8.8.8:53 ac.blooket.com udp
US 34.120.190.171:443 ac.blooket.com tcp
US 34.120.190.171:443 ac.blooket.com tcp
US 104.17.202.1:443 res.cloudinary.com tcp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 181.37.120.34.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.202.17.104.in-addr.arpa udp
US 8.8.8.8:53 171.190.120.34.in-addr.arpa udp
US 34.120.37.181:443 dashboard.blooket.com udp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.64.176:443 js.stripe.com tcp
US 8.8.8.8:53 id.blooket.com udp
US 34.120.190.171:443 ac.blooket.com udp
US 8.8.8.8:53 s.blooket.com udp
US 34.120.190.171:443 ac.blooket.com udp
US 34.120.37.181:443 id.blooket.com tcp
US 34.120.37.181:443 id.blooket.com tcp
US 34.149.18.126:443 s.blooket.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 72.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 176.64.101.151.in-addr.arpa udp
US 34.149.18.126:443 s.blooket.com udp
US 34.120.37.181:443 id.blooket.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
US 8.8.8.8:53 126.18.149.34.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
GB 142.250.200.36:443 www.google.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
US 8.8.8.8:53 36.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
NL 173.194.69.84:443 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
GB 142.250.200.36:443 www.google.com udp
GB 142.250.200.36:443 www.google.com udp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
GB 172.217.169.10:443 ogads-pa.googleapis.com udp
GB 142.250.179.238:443 apis.google.com udp
GB 172.217.169.10:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.10:443 ogads-pa.googleapis.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 172.217.169.10:443 ogads-pa.googleapis.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.21:443 collector.github.com tcp
US 140.82.113.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 21.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 200.163.202.172.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 75.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 hurr-durr.cc udp
US 104.21.41.143:443 hurr-durr.cc tcp
US 8.8.8.8:53 143.41.21.104.in-addr.arpa udp
GB 92.123.128.155:443 www.bing.com tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 155.128.123.92.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 google.com udp
NL 173.194.69.84:443 accounts.google.com udp
GB 172.217.169.14:443 google.com tcp
US 8.8.8.8:53 14.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
NL 173.194.69.84:443 accounts.google.com udp
GB 172.217.169.14:443 google.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 api.github.com udp

Files

\??\pipe\crashpad_5032_LWAISIPCMZYDGMKS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 1585c4c0ffdb55b2a4fdc0b0f5c317be
SHA1 aac0e0f12332063c75c690458b2cfe5acb800d0a
SHA256 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5
SHA512 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0ecab50c05fd6b388071fd6948b648ac
SHA1 f2735f6483912ae2483d8cd304e4b3ecaf05db7f
SHA256 c86398628101fdb5abc4c4d37ec5007b630e8d88c6fb820379b3b24e641ad877
SHA512 ab80534675724e4e9308b1d2900d6844abcbe685e08f97a5e7787baec251db16523c2443584fa35156da7d9d4f93a6f8d09d9e51a7e032b56f445feb5c6d14de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ab164be8d9ad37cb2b43f0ffc850a08
SHA1 260199b94e996f274e539c6e2530ed1dff670aeb
SHA256 52ef56ce7997abe1be9772e5b6a26404247a8c1660eeb02974d2c6cb4874c2cb
SHA512 85b9df22b2c9226110070d65e3d4ecbba1441b98b1d61d2e656a41980efd4ce0286a8fdfd0de59af5eddd3515adf97d8c150ce068b90c6e6a9cd18ede43de55c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 1fd0a5705121a6002a9eaa2ab8dc790e
SHA1 d38015b483466dc7c92d3fc5a8471021ed68f7f2
SHA256 94a2bbc6415b2b74c706a0e51197ab4967603fedb0d9d3f24d9b67158e4c50d2
SHA512 20caef1785fb707c9ae9ea5c86e4ad834e5d78f3f6b7d893c4d5e5d75093459cff27ec9ec296c1b65edfb0cf5822240b0431342f4b19afb9521f78cc432efa56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 098b1d931748c037041e260af5d8bdf3
SHA1 abb663c8914d369e9f3d61a573a4a9d200e09b79
SHA256 c8e3cd228f22e3c54681f401a2ae9300bf86f6cd896fc18d9049cabe1bc58e0e
SHA512 4b12b702950ff611b43e92343ce901736768d49f3cc5002d347819e659e9d6ee1253aaf12507bdd9f9e78c7153b50c380a1f17c52d1601254b1339ec37af5dd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 92b5a19e9c397f7869f1b03503974e65
SHA1 ce7e67d74b6579d3773d0c85fc22061c16f9b250
SHA256 6d62a3847c8d61674aea0469cbbb7743520860a611c0462ca8a4aeba22537f2e
SHA512 79516d0e7442ba9844c3ff08f002b03f1235670512a722dc63232d5bec73998b7c8801779bfcb42bcdfa09b59a8e95b123a775e2927e0f96e4415992e642e27f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7d4535247a7f6d032d11d7953d589540
SHA1 28e393a4763c6b9530f21146a63d6de3a8624f1c
SHA256 ed1094dbde02097c60893ff62c6c707ae34e86489a0ab0067e4576d218886e10
SHA512 8904d919336c70fe4df95fdc3a591026785444195a605e3c207d48d81422657778b375cbed4f562d684df329acd3937772a09f1e1c7332baf3aecbb706c9d6d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb6d45fcbbf0c50924b6407e5917af22
SHA1 72261ae08f0a2dfb9c29d604e2a03d827141d419
SHA256 ecef1cb916e20f4ecf98c419964499859d1e106b320d6d7a43dfba6fe3f2d4d3
SHA512 5a9db001e5397912e508acd5c06594db30530004d3d8850de9c4b9bdb56b66286b99dad27fac671b66c1994a4c80a36274e3db8352c85b60bc0ab2f88ea6165e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5f99a8699fd12a8724c66c7df9760632
SHA1 637a44bd8f02f06172eae6905368b2bae8e46eba
SHA256 28b867ed088ab9bed98f6f971dd6f82684303f318f7e1833e92904409996c7ae
SHA512 7faf31d7f0212f55f2c500595f45b9b58758d91489712996eae2250a4aa51685dad4d8bea869eaf6f2c83b7fbb5303de77fb637a82c568443bbfa6711c2a9fd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 887aeab400d0eb02cf3727212661fe43
SHA1 4e9ad99f82f194ef1f94bf13ed27ccade284016c
SHA256 c40f21ed1fb37f9d18fb765623e5903a451af37a0d7c5674f8fa7fa4370fe23d
SHA512 29eacd9bb77af028f1a8aa22c69f444ebdb3e6077056318f7009999c72324b6c4f85b546319e1e2c0aba0402b13841c4f0d1fbde27c98cfd1953fe646217d1f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0fd87aa96646d36283d3458bbd7221b3
SHA1 6eb29b9e215d2317d7e444f509c67064ccb7cc17
SHA256 b457776c56d24f06e6913eb44098fc6f362d373f5a3736bc34a81a157ebffd14
SHA512 9751301e14258ecbe8d80ff4e3b2db6cfd11054781625757d110b37bf571bd71f5d6e9521c63bf665d418836b124efa0cdf1b210f474cfc443d728ffe95972e6

C:\Users\Admin\Downloads\HURR-DURR 4.0.exe

MD5 709002961b4a3d18185690cf820c4758
SHA1 9e45ade994f2d711f12fd1bdd24c76c29190d919
SHA256 39d024d9d590f29e0e522f1e41ac4e5c7bf67ebd261b3fa939b6e0ee883acc59
SHA512 a759d2c16eb3166714d0422e931458ea1bac942f440bd159f7a130e9edaef2fe13090adb4de0ef65d6f66446d929f2152e879d1949c4860654564e9e8f8be916

C:\Users\Admin\AppData\Local\Temp\6BE4.tmp\6BE5.tmp\6BE6.bat

MD5 fea29a2bbc979a1a83a9887b62240d6e
SHA1 b6c1ab3b84f50a1aa567c311b77fade00379b006
SHA256 abb42b3699e20f9208261c9ef6105f29be0c1005b47e966b5dd9a78845b6dcb6
SHA512 c8ed4b01d15956e668cf4ce215efd0e3708405a3aa2dff30c4a5e4e5a86959308c832f14a4d19b1c0ef9b1491e24fcf8d3388dc155911784b3b8d5b25f790164

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d22073dea53e79d9b824f27ac5e9813e
SHA1 6d8a7281241248431a1571e6ddc55798b01fa961
SHA256 86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6
SHA512 97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 bffcefacce25cd03f3d5c9446ddb903d
SHA1 8923f84aa86db316d2f5c122fe3874bbe26f3bab
SHA256 23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405
SHA512 761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7767ae03657454d0b251a399a101c7af
SHA1 30264c9e11f52183551112e8f9f9963d569da3d8
SHA256 be6a9897255072c451dc041e5810d239858a479a74eb86ae801364c90517bb43
SHA512 b438f0b39d6d0f6775b563fa853bc57cd002ac61647d12b9b24baebba6ee7f712ad5b6f31cbfd47fcd74c404e76d9c80512a581346352ae2d9f10f1fbbd2c86f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 3f756b40868b37c067e6d8bc7b59ace2
SHA1 0027a9db231ee6dae1308d1b38e212d2ac92196d
SHA256 98a7d756a4f2bdd8c71ded17590d64258a6836a4f403774a96874186f4baaaf2
SHA512 a56e0277918b278a72b709498dc690ebbff4e950cfde84831ea62aad77180510ae882b0da4c6c37f0e5cd623f17fd8b94ffbdde271d633a94b0bca21048f1858

Analysis: behavioral2

Detonation Overview

Submitted

2024-10-16 18:11

Reported

2024-10-16 18:21

Platform

win11-20241007-en

Max time kernel

599s

Max time network

590s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dashboard.blooket.com/my-sets

Signatures

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133735759080693311" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4456 wrote to memory of 1816 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 1816 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4456 wrote to memory of 4696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dashboard.blooket.com/my-sets

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9fc0bcc40,0x7ff9fc0bcc4c,0x7ff9fc0bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2292,i,7812000732335650590,17734317820989802788,262144 --variations-seed-version=20241007-050102.714000 --mojo-platform-channel-handle=2288 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1836,i,7812000732335650590,17734317820989802788,262144 --variations-seed-version=20241007-050102.714000 --mojo-platform-channel-handle=2324 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1912,i,7812000732335650590,17734317820989802788,262144 --variations-seed-version=20241007-050102.714000 --mojo-platform-channel-handle=2428 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3076,i,7812000732335650590,17734317820989802788,262144 --variations-seed-version=20241007-050102.714000 --mojo-platform-channel-handle=3112 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,7812000732335650590,17734317820989802788,262144 --variations-seed-version=20241007-050102.714000 --mojo-platform-channel-handle=3144 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4280,i,7812000732335650590,17734317820989802788,262144 --variations-seed-version=20241007-050102.714000 --mojo-platform-channel-handle=3412 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4912,i,7812000732335650590,17734317820989802788,262144 --variations-seed-version=20241007-050102.714000 --mojo-platform-channel-handle=4956 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5060,i,7812000732335650590,17734317820989802788,262144 --variations-seed-version=20241007-050102.714000 --mojo-platform-channel-handle=5064 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 dashboard.blooket.com udp
US 34.120.37.181:443 dashboard.blooket.com tcp
US 34.120.190.171:443 ac.blooket.com tcp
US 34.120.190.171:443 ac.blooket.com tcp
US 104.17.202.1:443 res.cloudinary.com tcp
US 8.8.8.8:53 181.37.120.34.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 171.190.120.34.in-addr.arpa udp
US 8.8.8.8:53 1.202.17.104.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 34.120.37.181:443 id.blooket.com udp
US 151.101.128.176:443 js.stripe.com tcp
US 34.120.190.171:443 ac.blooket.com udp
US 34.120.190.171:443 ac.blooket.com udp
US 34.120.37.181:443 id.blooket.com tcp
US 34.120.37.181:443 id.blooket.com tcp
US 34.149.18.126:443 s.blooket.com tcp
US 34.149.18.126:443 s.blooket.com udp
US 34.120.37.181:443 id.blooket.com udp
GB 142.250.200.36:443 www.google.com tcp
GB 142.250.200.36:443 www.google.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
NL 173.194.69.84:443 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
GB 142.250.200.36:443 www.google.com udp
N/A 224.0.0.251:5353 udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp

Files

\??\pipe\crashpad_4456_CVVWTSAUJXMPJNLA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 1585c4c0ffdb55b2a4fdc0b0f5c317be
SHA1 aac0e0f12332063c75c690458b2cfe5acb800d0a
SHA256 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5
SHA512 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 af77f8f53f7afb94e18e9feb10124dae
SHA1 297f48acf0cc694bb662b4d558912db514a49d11
SHA256 7e3e600377c2e20e3f938f4ffb0ee84171b5bdfd56e33fb6042f70bd0721e76b
SHA512 4a96e65e446be70149b82a53ce387e17d75e4b56588e04b2c9bad5ad15d445e58fdb5eb49deef5e62597df4faea837b9bb4dd8d25781303e507064c2ff9f7c13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d38a1a9ea10af3eb6e7db03dbadf7acc
SHA1 6ea945cddd86781591921a7836da1fe5dcb993bd
SHA256 e9df8a7dd9e6b356efda9b261998bff87543819d6fe1d84b32e398f86f0020c9
SHA512 4ee9873d172b5b47bd98f34c1d36b10c3f00a11375c803bce0c0826ff0a736cfa67116f300c433ee39aa95741abaa67903b7988687d392b2be0653fb675586a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f7d53367e76684434d78804af043b9f
SHA1 6676a894af91fd0e8393bdd7cb3c354564b2e186
SHA256 6edcb1036f50019ef1e9bd7b2a86645a70882ffd74d3bc4525571430ef0faee1
SHA512 12aa203ea9e1c794a654f68f3fa628386c950bf89afef92eb66c413ac46e41c4d78338085f0d4cc797ba60ec960df13580f100cec17f8144bc5db30e5e28f104

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cda0daf79e1c4a1e739cce1376266392
SHA1 e36bbea5cd38ee35058ba1bc185c7247dda92bd6
SHA256 956fdecd6c042d7ac62a1489555940c27577e0be3ffb863de12e5ac803d29881
SHA512 de4bf2b23e813dc4622b78cb734d1a239ea7d040bc20610f88ccffe8bcbe7eef5aa69b3a94e048a21120d0050131fb80cb5b08f4d604a8e23c5103df9808301f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 77c89dc1e06f73ead4f20f835ad5ed7e
SHA1 ae3df72e00aea8c2dce4b3d42aa27d0c27ae9821
SHA256 097087894d95546613fb3650106c44b272d43177bbea15d617e2cc0bd3e3c424
SHA512 ed101a5aa83268a48dedb701f7ad172501c5d7d987518ca910dbe4571aad37105c0968dcff144e10b6f13554a13dfcdf31a8ed8d881927b6411f4252081c1099

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 830abcaad8887bdfe475d75fa526aec1
SHA1 11cfec5ad7b09c1a5da0fa3cdeebf6252f6878cf
SHA256 32cbffa9adc2d2c4913db85a93a98bf11d12b85a6699cc77e0306dc4da9ea08e
SHA512 8a862971cc7e547b044a1706ad6cbcc64579f6fa8a7d6e6a89c128451b16e9a92a4e0347dfccbfba7fc524b335fb82bddacf0858051a94faed64548afd964a21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6926fdd7a757c41546e3583cffb0529c
SHA1 2c555156415974838871dca4c9ae2a46d8325aee
SHA256 dbb08bc180af053d40dc5a6cd25f2018f0565f2177e1fa3c99de3d47116e4888
SHA512 ea2d8f852608b2e44b6ca3d996b6f55d0976f8ab5b53ce2d9698dec1a152615685fb14c14350a0edf14a50259c160d10204d7e4a1418f528eb173b7ac9232d5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 779f38395081a51f011917474a133a3d
SHA1 825848d2f2200c398f832b8fbedb809979cf64f2
SHA256 8d0a792871f590499b881024824538adb8247b4d4f46746333b0532dc6ec9878
SHA512 f783cac1c1420ecbf4d1ac397228ab3b9d2aae601698d81ff00fc56610d566fba8bb167ef6e82fa7ddbed1d13dc4df7c86f44a88a87278a825177b0b701b0f76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8d165f93c4921aa13c228264e2432f39
SHA1 50328369b31e13d340e477b361111a9563884c21
SHA256 24882b5319bb736b547a00a8658a7935e81219b28be6928e2a3bb965c3b346bf
SHA512 7569c2109722fd04eb3dc1ca93a5c8b176407d91e85e14f4068a24e642f67b3a8eb8687211fa34ed290ae676fef953fa262e0997de719247cf540242a554c4c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 39c745334847de3474e847a6e6b2c3f3
SHA1 cab6031763b41f3737cf6ff62086d6153b71e794
SHA256 7ed8e1113946bfee7474f022553ecfaa005f40a73ebc072bc91723a845d04faf
SHA512 641f16356cd0fbaa3ff39da2e3df3f3db12ea8ba10a39e7395125584c3308d928d8a84d5ad214950ab466ebb3e0797d88a5da0dc7ff1817352f78f443a183cec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 18c55c1805f4ed23e05db12039bd5d6b
SHA1 9a96689758ef1c0fbb5453086f9b21a9169ad6f2
SHA256 bab65550ca97628207c2c03072d04914283051b1bc21198ea95c20da20a098f0
SHA512 cf7456791d9dec79a6f597f7faa7cdd729f4d61c942af4da1c357543528632c11b681cc7cc4387d981604c2290732d142fa77529e77e691cc9561a143eab8876

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1033c9e133029167458e97c6f97fd355
SHA1 b21b53e6b769cea981b2c7dae12c0d4e67c77e3b
SHA256 9064558da8c9efd07b5d354e4ffd58baf667754dfb891eb6b1b73343200d8d40
SHA512 a9ffbdd10da17c5da1094f187ea66ce4914819cc8d7ffc600bc5b97b0e90433f2bb7338d1ea7c0877f6dd977904a18ebea0e5e4c4d826da6638b3ad8026953f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce50fde61fa26efe536a9a5a1d9c611f
SHA1 5221c452db55b560df9f2895c8affa872c8ddd27
SHA256 afa632098beda6a035fc860870dc13344062cebe96232db799722af1bf2fbc2c
SHA512 038528bde88597d7251aade232c6dd155b9a915b0abb280469e5a6260c0d44245d356abcc646dcb32ad4067e5135cb994de07875369c23a0da707dbdb69966f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ad7176cce3df46297e4e4674a1c036d2
SHA1 594b9db84846a53ffd1233c435bf8863ffa696f0
SHA256 109a77de65fe3596080ae4ef42a58e5a2e964f2c90e3769a3f235f229ef95df1
SHA512 c413035a589abf017d417d4dd8148f40ae037eae29adfaaf67c074019176de68ff6e7b17f9a22530c886b600f084bc499ec3242aaaebdb88887af66f3ed9f33f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e29e71e99eab35644ed39042c35e44a
SHA1 cbe4f068d795fe2c2642efe496dc04a9ab944d82
SHA256 6ae60fa0fbd51870a51b9aeee467909c0e6f5529e595b5f39a21849cb02eb26e
SHA512 6191d91869b1016c03e32c07abf0f0c6ce2483f32fdae239b68b5cf6aa869c2570e86d4b78e796534a848c70b36a5d575a97d01269ec360e1d8b3be99c9b900b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 033a3f0beae5d5635238f9b8f15f551d
SHA1 3beaeefc1cf66b1dc10c9e76e877187a76c069d1
SHA256 b9d943373c33ced0c3917359cc9a4c8a17010c6f2c265798ee5eb859a6fd312e
SHA512 4573a2c2833ae8a82b119ebd09ec93ac784c8ebc5cb2dbdebda92867ee05d0f2a6ab2144e9c88692a44cc124d933c3d26c4bf71de1e84ab864042d564d8252cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e5fb4988553abeb7f67163f08f03d41
SHA1 e778d7a78d79557fb6e3ba8a8a33b2448fe3cd65
SHA256 e76a0a978f6593cd4287d275949ad762c714439d056f9cfe8793b21889f150de
SHA512 24437734e4a2fb119326982d21e39fa1a2bd973ef7ad6f21dd77a16c6c2c15f4d54ad17ec32e22c8c1e3111b231991f9dee1dc3d99710516da9098f174c66b7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1ae402493a6cc7041ab5b7c73ccab7b5
SHA1 067f7849ac03ced24b13bb4b4e460997c3d2afcd
SHA256 327919b5048a43c18b2faacd24924f0705cb2b7cb9d30b20c65a8bfa483c13e5
SHA512 37b5d912481800cf3fde2f3e3c96f9d10c8725a7825b6546b13382538f92586931d56c5653f7dd5560e2761234582db1c863c20e628024d16f95472fde5f3bcc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e3b6102555afd6589272aa9225c967d
SHA1 995fe4d7a336db8e6fc1294e48c022dccb018b22
SHA256 3b5a190ad0348d7172eab7b98e1daf4542a0ad93eaf25acf6f6441530989dcc0
SHA512 e24a6411c0a074e4b92b9e1d445f5361def29f59f8e5a6c358c626c0621918ffc1a46760ea378bd645721a41dc9e5f4af767ae1b880d797e73a2b86bdca42f10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1ffab305997121d9bddffb1924291325
SHA1 dde184a047fab9519b383ebbc4667cffc4758ef4
SHA256 54f01d80330b5f45c49b67f55779b7e92e496eddd79d8d6662f6586b94afe02a
SHA512 19755172313ef10d5b8c266c1c03bc5c2eb4603e9fe1bffc48eb35e517e32cef908f8154ee92f1d3b205afb76ac2926ba4f7780cbc1a3fe3d5db860ba27c0c8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 90af245f0fe05d66110fc60102a44f0c
SHA1 3e8330f9ccb1547981e8485e09020eb1b5e5a2cb
SHA256 f6c392673cc07fbb63c1cc60184523d3dcf472a9fcd02543a1215b2123e00628
SHA512 f5597282c4dd223e5323555a1f5edbb72ec73862a34a4e4ffcddc2a62f2cd2c411a2bad6e2157d4b7acb62c76277dc870f0f3783beacf91bd6a3330bc8dc62ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e43e5fc6e1ef6aa8c12687ea6910db44
SHA1 bb60c8c40c439be453bc426236e40e39e965058a
SHA256 761bbadf5c96863a76a31153daafa0fa7fa7a27b142061e592e7c017872be24c
SHA512 a3b590178b4651770636acbbe593f7624cf10748b796b40c18ca916a56e3533f043679dd855ad33a8680eecca186dcd1a025a16408f4be7923e0188aff4d53be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce740267510aa30e3ef9a6df4aa5c37d
SHA1 a2ef91ccb13cd0cc24c7c80a6457ce053f5e0dc7
SHA256 c6309a8b61fcdc001a5273d3e15c619c51b5ab329d9c107803a6ac041b2f1f7d
SHA512 5ed24669dd8436fbcf0a7ecf19f88fad8b8c6668aa415bca9340da072363e90048962091766e7d48f532cb363b31fb86a29a9020f60808c325f1340a0ce0674c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 37ab5b7a17f2b397e67853c8eb390b22
SHA1 7a0522d65e5e9f2d2c12047f006402f3a60e9bbd
SHA256 fd2641d0fa7f1570268dc33b4758496b469280daf6ebdc5d6ee1bf665bd6f98e
SHA512 26864bec070662890013506a5a1b7cb57991757103995c9ace49e7ee26b938910ce2ca048413446136045e6f7cd6f7d8adde49a54de7f9926883ee68144c32d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0c9125db969be6a3a503170953f93235
SHA1 24f1df5978168d3f3c9e14c4aa8dc9f2b7b0b5c4
SHA256 ac08bd62db280203be901e34c5101fc45fc825db4a8df637303f668e2ca4e5b8
SHA512 c0abab0987dc9a304138fc94cb9acc435d9b54c121e5f41870ae8022e385a64c3346403dec3a69ca58591f52ec14eac22d15845228af022251dabc8951fd1e52

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9752ed25a1163d766706357cd23f8b2d
SHA1 3e44988f7728d96b46eceeae8e2f283283ad6b13
SHA256 3e8301473ead486cc8d22ef182889e09d74d613c4bf6152b17cc80f72f648412
SHA512 b6328766769ad61ba8c27663c3899e485b035374495e3c9cc89977abc7341c078ea775aa131ff6d3a40847f7afc9e6e9e3146365dfd4d7427b8c24e932bf3dbc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6b4b1ded8064090664670cb00910bc4c
SHA1 36434fff3ac964e74b94a61cdf625dd676469612
SHA256 c78a360131be6c3f3eb97c68a02e7cd22ce4091f3fc4cbcd94e9437ec302d707
SHA512 85dc2c8150363aa0c159a0d4ae0847636475beb331d82e59f942d048a9a042c392417756cb55e88f58154fe771b9485f0bb6f6505f48f7d2c7576b87fd0735ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ecb9e420deb45ebfad0278b356a985fd
SHA1 92034d31ca786c1864d30dacad1e3ca515f6ac33
SHA256 d6759ea145dee5271f1a78aa2cfdf51bf28f36552ce35be23b0b15a92e394dc1
SHA512 8b9bafc65eabd6ca0b110d16a87b7f6c56854c9a1fd5c3a696bb2fe4e5160210c87bd90a5c384939451570f58be2f1429148e5cc9e2663f671a8d8a692716461

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 15b339cd1627c6824fbe3d1ae3a378a2
SHA1 c2c7b47d1921911c0590bdc3dd3e1ec04141c64c
SHA256 4c27266e2b8c71fd2d46e19b1f449e02c2e60a0d06d718f53ab379470926afc2
SHA512 ab23737214dddff2b1076a13cb71b142f68d0beaa3e49dd13c2ca0e9ac3c28f1215d8151ba0f07aa9d4e01ddc3984d2898bd4e8003efeafbc301047eb3b7bbc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0ec4bda84f5f793b867e3a1134fb7046
SHA1 2beed7309dd6d1f5533ad8d08173aba1c9011427
SHA256 a17eceb2242d94fb921e4ec08abea2c3270e290ddb373f5e901d3b4295eb3ce5
SHA512 5499504692aaeca2fb1c59f3b92d98d27188f8a192571b45a6b4a5d598f0e88d8edbbd7f19ade66d2569dc0f86193b9f4423b319159205f96ad2c8ef3679ccb4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d686f41cece6dd15c0e0fbc861567766
SHA1 540f97318f33e47c663c9774df677798c1441a21
SHA256 83e2d640d76dfe2deca6dca389a13d8a830bb25a2d6fdf4d05c2a53c26fd8450
SHA512 247f2773acd19711d8907f3dee1d9f22e75ccfc308506a415906e0aba2a236dabb68bcb40c373d68249681ca6fae09611e7722122e83e8facc8a7d785ae5e44e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b758c72d7836a1f5b013f34b5d85ef77
SHA1 43a206f8d45ac6e107110d1abdca98a05a6bb511
SHA256 db26f73a6cd3842de045eb4a28668e80ed5e6d9e7ff0dadc393d038b7f0460b9
SHA512 a85d2017a5be41430bc3fd62f41f4955b218d9bd2918facef454bea2c50bbdc8dd9876aae83443ee3ee317c5ba7244398f325d637bd68dbcace37e7c1caa5d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 66f3532ce9476006d78b44d436222182
SHA1 ca5030d2becafbfdbb02c9536c59589c4160d50d
SHA256 e70bc2483d2ea4b193949fc57ea12a16d677dcf5dc0437b287b1d7b2ac143dfd
SHA512 7736c97aaa741a6862664360180db15d2b2921da09ac899fdb8bbdc4626ebec36d34f82a4a894d2f0c6e56dac823152ca6d62ff3c1a2bf9dbdeda6d01cb9eba6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e3cbc8e8c5ce436d3b6e5c6261e3a70
SHA1 a61c11985e1318694a25f96ca3a898934ffa98d3
SHA256 370dd72ea7a671e0622b097987f2b67c3415ec8eaa4ea40566f1284e90cab6e6
SHA512 38b08822dab63dc898e4164e8c7a2d0b39c55fcb432df5a179b8c4c4f7651a62a5f82f043f5748e7b106b714b695da636215c626cc43a5f6abde6497d2b7b62c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce8a84032b03598acbfc27a28f996d49
SHA1 389cb01bd049f86cddce275a1e2d13b8b6cfb34a
SHA256 55542a8edc0c99de23fbf3798004644193d00bf69bae4c05d0e9aa7a7f1e1877
SHA512 5c012425ac3d16434152686b72bb4298094238a24f885b6dd6a7d6781736e9abda7d02f36014c1c9fba5fdc40cf1ff03478e5f094eb28a811c17b3799537befd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 54336ac35a90f7144c11e1e2a042544c
SHA1 fa6014f4f6037243dd6aa99039d31d20295fcca3
SHA256 27f68f37b5db6c2ba7b65f04531dc543c0ffcf5e9b3e23cb30bed406dbdc6f07
SHA512 8a6ebe9b0e2a609f7fcce74b6717d313222074d77c1393566b7d24a15f2095962949f437d53e34f8c69dcffab55641d9166630cba2756afe5d6428ab8452d9a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 239197bf1d54b9b301ae3a3dbbc5df5d
SHA1 e28ffd3a65f61de26b6943aa311562c070b5e186
SHA256 fd1c44a72d9e7e74ab1499173537e94497a0fcd906dfd77d0a461409cd6e2aa8
SHA512 5316ece87cac51318a819e6ba7e054389b560534534ee9c190d2b68b98cf2e2f32f7fea4f0db2f64e4c56eb054e1821c29ad535a99994e755c1ec5c0aec645c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 84fe2f0131afe5bb55cca1a2f8c912c5
SHA1 5b78d56e638849f3d5c3989e2a86ea8238dd9cfb
SHA256 a61c8756cdf3e442af0cb1cd3648c62947c5d9016f8d1f8b7427db75971a72b1
SHA512 79bdcb545f3a339894263a24e200c79717972c4af319d866fd9f526931bfe94bea140a5b07fbe699d2e74dcf9c4cc9781f79de9e4c7db48ac4b6331da44f02dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f583acc833cfda1b9da315d4bb5c605d
SHA1 80b6cdc88e041d56a3588fee71cad8eaeb21fe13
SHA256 728779ae4afc0cb220fb0b09479210a4d200855951c54eb577ff0e549a88d85c
SHA512 071b5b208f25cefda18c14cd7035d6477f040c42ffebcb02613ec7d8c7b4c36478a549e89aa106140889d2f6dc7ffe698d46a930d53b7a43a2bb5be35004f6c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b998659499e43de36b066b6816e1761
SHA1 968a61ad338de2bb2c2a058fecc390f71732ec1b
SHA256 11e541fb16d45b30c6cf1018e79b54dc2925f2d05ea2e26dff6e59b7cb55d337
SHA512 8d209f7d47225fd78996e3a623569aada5500fb887445e6adf4b9dc9c73a92cf9693e0ad131b02b3348ef94053b012a194cb84a6bcc6d1f21b0c18c36c8f9d8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49dce9891623d52324b342053349aa09
SHA1 603fd947af3e230b06e75ad7c0471159a1213f6f
SHA256 d5230eae03fcab238544faa3e5f996afef57cd14d38cd8b6a4676a39c61544a4
SHA512 dc70cca2df965559f74e31a5c1e9ba1127838f8d8400ad1936262d3135c0aa29eba435027aea20ba13c6e68d467708bc8fc0e00b6f0a44fe7f6cbe176b707e6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c06068728e0508b99a8e4381886da76e
SHA1 b6fecc119054aebc48d03601556982efd5400336
SHA256 e52307d36f0929ea119392cc7b5ed4e5a6232ec45488279108bc2e2dfb2400d0
SHA512 f3b64d7f2ba9e5ea316b9ee249122337181b526b01f9e4b9ca9646d7d56064da16f865444a9cb615e5e16e618b1c3bdfec6708995360a5191dd4ff0b9d8874e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ecf84205189a6dd750dd1a588c649b3
SHA1 847cdde9e187dc09431b4c43b667a2e415659cac
SHA256 92f95a49497707469b878d91966d64345cd92d88f59cf0ab1beb1a69165427f3
SHA512 0cdd415183e90e2b4c661671a895b0ef8fcacaed1a7bed18447fff3aff45a597965c6a45e87cf1ecea0fa9c518069a991ba80fe65420378e47acde8f80ac6d7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ba6f5dc40224630b2c0522d05d89a7b
SHA1 1bf4ad91a6c5fad92f713239752ef1c08f2c327b
SHA256 399d3ed6c7f02b75f529d1f3a89623fbaa0495691128eaa7b6165c7aae5b1c2e
SHA512 218ce0002317580d13fb579479c20711548d0d0f663d93d36104e067c8db61ef8c986af506ec3c515b219f9990d314a7f82c4a600debba23d6c66857541f814c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c36bcf05e724b60f1a0b066745f0df65
SHA1 c59feb7e71b7419acc9fec44c3a056523d2773e6
SHA256 76023e0ac719695a5591cba5fa77dfa5de94ed91dbd39712a0de21c966969466
SHA512 65ce3a9a959a1515ccfc3329359d96c5d7dfca67753764919c4acdb8ea83a1a0727162e1727603717863b6848ef45288d310a36a0e43a5195e9bd9b1615174d3