Resubmissions

22/10/2024, 19:51

241022-yk8gtstckl 7

22/10/2024, 19:48

241022-yjkpdatbnk 7

21/10/2024, 21:25

241021-z9xx3axema 7

Analysis

  • max time kernel
    101s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    22/10/2024, 19:48

General

  • Target

    $PLUGINSDIR/app/js/libs/cmp.bundle.js

  • Size

    348KB

  • MD5

    16fc087f1323fce759abc94f985f9dc0

  • SHA1

    4f9fcb398d19077ac5b39c107a9934d3d41c8d71

  • SHA256

    304f8a03efd2a1e65f08b0606dca97c66f4875a4d71a9e4ad7a83fbb36731ded

  • SHA512

    37696e22931829c05f53b6a5fee734dd4631836e20eeff7186aa8a5b0a1b8bc765c7ed42af0ade2d403cb7020c6c9913be2caf25db6388524b48a773c4e334bb

  • SSDEEP

    3072:vSDSLzJgixPFNRoSHo2BTkNOqTOqSP88+G9L+xEtQ8OaxPyf:bxgixPm2ZkNU+G9vpi

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Command and Scripting Interpreter: JavaScript 1 TTPs
  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Enumerates system info in registry 2 TTPs 14 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 26 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\app\js\libs\cmp.bundle.js
    1⤵
      PID:2864
    • C:\Windows\SysWOW64\DllHost.exe
      C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
      1⤵
      • System Location Discovery: System Language Discovery
      PID:2844
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:2252
      • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
        "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde
        1⤵
        • System Location Discovery: System Language Discovery
        • Enumerates system info in registry
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious use of SetWindowsHookEx
        PID:2916
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe"
        1⤵
        • Enumerates system info in registry
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of WriteProcessMemory
        PID:2224
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5759758,0x7fef5759768,0x7fef5759778
          2⤵
            PID:3000
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1128 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:2
            2⤵
              PID:2424
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:8
              2⤵
                PID:2296
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:8
                2⤵
                  PID:2744
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2312 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:1
                  2⤵
                    PID:1348
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2344 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:1
                    2⤵
                      PID:1820
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1412 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:2
                      2⤵
                        PID:3812
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3636 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:1
                        2⤵
                          PID:3252
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3860 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:8
                          2⤵
                            PID:3068
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3880 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:8
                            2⤵
                              PID:2396
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3936 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:8
                              2⤵
                                PID:3548
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3972 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:8
                                2⤵
                                  PID:2276
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3912 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:8
                                  2⤵
                                    PID:3864
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3936 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:8
                                    2⤵
                                      PID:3904
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3916 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:8
                                      2⤵
                                        PID:3808
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3972 --field-trial-handle=1340,i,671227895314507632,17208167179386801086,131072 /prefetch:8
                                        2⤵
                                          PID:1760
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                        1⤵
                                        • Enumerates system info in registry
                                        • Suspicious use of AdjustPrivilegeToken
                                        • Suspicious use of WriteProcessMemory
                                        PID:576
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5759758,0x7fef5759768,0x7fef5759778
                                          2⤵
                                            PID:2372
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1308,i,8404292342028250539,8935159293413786840,131072 /prefetch:2
                                            2⤵
                                              PID:1688
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1452 --field-trial-handle=1308,i,8404292342028250539,8935159293413786840,131072 /prefetch:8
                                              2⤵
                                                PID:2136
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                              1⤵
                                              • Enumerates system info in registry
                                              • Suspicious use of AdjustPrivilegeToken
                                              • Suspicious use of WriteProcessMemory
                                              PID:1264
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5759758,0x7fef5759768,0x7fef5759778
                                                2⤵
                                                  PID:368
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1188 --field-trial-handle=1304,i,13715678743604898495,548327436213917664,131072 /prefetch:2
                                                  2⤵
                                                    PID:2800
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1476 --field-trial-handle=1304,i,13715678743604898495,548327436213917664,131072 /prefetch:8
                                                    2⤵
                                                      PID:1468
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                    1⤵
                                                    • Enumerates system info in registry
                                                    • Suspicious use of WriteProcessMemory
                                                    PID:1628
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5759758,0x7fef5759768,0x7fef5759778
                                                      2⤵
                                                        PID:1980
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1096 --field-trial-handle=1276,i,13582988745156910068,7859148202701055354,131072 /prefetch:2
                                                        2⤵
                                                          PID:3404
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1468 --field-trial-handle=1276,i,13582988745156910068,7859148202701055354,131072 /prefetch:8
                                                          2⤵
                                                            PID:3444
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                          1⤵
                                                          • Enumerates system info in registry
                                                          • Suspicious use of WriteProcessMemory
                                                          PID:916
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5759758,0x7fef5759768,0x7fef5759778
                                                            2⤵
                                                              PID:1460
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=284 --field-trial-handle=1300,i,9471709968794295913,4652398350703095027,131072 /prefetch:2
                                                              2⤵
                                                                PID:3644
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1460 --field-trial-handle=1300,i,9471709968794295913,4652398350703095027,131072 /prefetch:8
                                                                2⤵
                                                                  PID:3728
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                                1⤵
                                                                • Enumerates system info in registry
                                                                • Suspicious use of WriteProcessMemory
                                                                PID:940
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5759758,0x7fef5759768,0x7fef5759778
                                                                  2⤵
                                                                    PID:1940
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1132 --field-trial-handle=1320,i,9118646080121590876,4041583092815661156,131072 /prefetch:2
                                                                    2⤵
                                                                      PID:3656
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1448 --field-trial-handle=1320,i,9118646080121590876,4041583092815661156,131072 /prefetch:8
                                                                      2⤵
                                                                        PID:3708
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                                      1⤵
                                                                      • Suspicious use of WriteProcessMemory
                                                                      PID:2484
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5759758,0x7fef5759768,0x7fef5759778
                                                                        2⤵
                                                                          PID:2892
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                                        1⤵
                                                                          PID:1928
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5759758,0x7fef5759768,0x7fef5759778
                                                                            2⤵
                                                                              PID:2856
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                                            1⤵
                                                                              PID:2440
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef5759758,0x7fef5759768,0x7fef5759778
                                                                                2⤵
                                                                                  PID:2628
                                                                              • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                1⤵
                                                                                  PID:2852

                                                                                Network

                                                                                      MITRE ATT&CK Enterprise v15

                                                                                      Replay Monitor

                                                                                      Loading Replay Monitor...

                                                                                      Downloads

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\58d909fa-fd72-4aa4-af7e-1bb28c2a28f0.tmp

                                                                                        Filesize

                                                                                        176KB

                                                                                        MD5

                                                                                        fe45b5ee8d8da16eb238f640ef6a11eb

                                                                                        SHA1

                                                                                        b77b7ab985c5ab4c592b8c08170b1183bf1b2ebe

                                                                                        SHA256

                                                                                        4590e23951da48b89d28dec4f1dd6a11c82f0ea58277d1ae1b3be417d2c0f0b1

                                                                                        SHA512

                                                                                        e06244adcd5c581789aaa6242836633ebf32f5bcab947c787e3e3365d849480cde79130f6061bd000d0f7e764b8fed71309403fa6d281fe6220b0e26468079f1

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\7c9796d0-dea6-4ac0-9b9a-2bf664f68005.tmp

                                                                                        Filesize

                                                                                        176KB

                                                                                        MD5

                                                                                        96b1a6fd3ff38b106fd00aa05346370b

                                                                                        SHA1

                                                                                        f70103161bcdf2e9663c446b1739c4e4dc0f88eb

                                                                                        SHA256

                                                                                        0f37dfdb063d725448826c673f6c6259242e2c05472f57d7b4f487d9e64aba8d

                                                                                        SHA512

                                                                                        c20ddd36842af32869f6a8aef50c14170305a289b8fd8c465bba10f27e23286ac45ec93c386e6d3aa05e9bbf89e70fecd654a15d831a4775ba249f28c99231ce

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\94ea3419-9d33-42a0-a204-e94161305834.tmp

                                                                                        Filesize

                                                                                        176KB

                                                                                        MD5

                                                                                        87815cfe67ae72743f25d9a44a770e58

                                                                                        SHA1

                                                                                        dbc63504f9fe12caa23d150e8790370c7440baf5

                                                                                        SHA256

                                                                                        bdcb4946e0af78f55c3bf2357e41f831b21c40152234f335e507c881d557454e

                                                                                        SHA512

                                                                                        d1a5ee8eb6caa964a94498570e164bbb65958dfb17ea1b754cea1ab3d75a07a720edd4aa4d642a96928ea49da04e53526b82b62205d76d3e4e33a3bdba047e3c

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                                        Filesize

                                                                                        40B

                                                                                        MD5

                                                                                        9b1c99d5245940563e9e81e95c4832ec

                                                                                        SHA1

                                                                                        1bc5970a797d7160879f1ab93559a23b736a2ce7

                                                                                        SHA256

                                                                                        5e5e2d6ab15529a13c5f6fddf4908f82199df64cd0fff65ec624e324f6f20a45

                                                                                        SHA512

                                                                                        6d270d67927d391ddb39f5f2c3bbcbe36add45dc5cbf35099b0876b1b1c91f7ff23389e564bdf583fb4245984cd0a8af8f75ef87695296a8dc1d91269763b957

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

                                                                                        Filesize

                                                                                        38KB

                                                                                        MD5

                                                                                        d4586933fabd5754ef925c6e940472f4

                                                                                        SHA1

                                                                                        a77f36a596ef86e1ad10444b2679e1531995b553

                                                                                        SHA256

                                                                                        6e1c3edffec71a01e11e30aa359952213ac2f297c5014f36027f308a18df75d2

                                                                                        SHA512

                                                                                        6ce33a8da7730035fb6b67ed59f32029c3a94b0a5d7dc5aa58c9583820bb01ef59dd55c1c142f392e02da86c8699b2294aff2d7c0e4c3a59fce5f792c749c5ce

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

                                                                                        Filesize

                                                                                        264KB

                                                                                        MD5

                                                                                        f50f89a0a91564d0b8a211f8921aa7de

                                                                                        SHA1

                                                                                        112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                                        SHA256

                                                                                        b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                                        SHA512

                                                                                        bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        4KB

                                                                                        MD5

                                                                                        cea6d4cbe2b00cc7579c5f14068f8cdf

                                                                                        SHA1

                                                                                        80e5ce2af5b7e62b064f8fe9f262068f84c71991

                                                                                        SHA256

                                                                                        8e1da30c4d170599ba9b01e67debde82c6ac4f20e3f3366996543ca0f5288caa

                                                                                        SHA512

                                                                                        ad58d5fda6bf4259baee6a79a397a903067ec59717ab3a6c48ba21430aa52e4f3630b63df60758c7fb7cb191f89d56e7dc37bc96e3516151de83cf22dc90e55c

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

                                                                                        Filesize

                                                                                        16B

                                                                                        MD5

                                                                                        18e723571b00fb1694a3bad6c78e4054

                                                                                        SHA1

                                                                                        afcc0ef32d46fe59e0483f9a3c891d3034d12f32

                                                                                        SHA256

                                                                                        8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

                                                                                        SHA512

                                                                                        43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        176KB

                                                                                        MD5

                                                                                        7ced7b999b0919184cb0592b58f96fbc

                                                                                        SHA1

                                                                                        7cdb33fc9389a3a690c6af535736b9b753fccf33

                                                                                        SHA256

                                                                                        5ff1fd309b37134ac80fd714b5d33d47291e7a5354521dcd191f59758ed3eecb

                                                                                        SHA512

                                                                                        a784cb8a991c42edd31c3719b55334684cd1e7b6c7d43810d487d7330ad837d1f3e49cbab3dbbafd6c1e98f9c1ffcd5448d9e61bb4c7d4cb2ddc0eda7efd1e24

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                        Filesize

                                                                                        86B

                                                                                        MD5

                                                                                        16b7586b9eba5296ea04b791fc3d675e

                                                                                        SHA1

                                                                                        8890767dd7eb4d1beab829324ba8b9599051f0b0

                                                                                        SHA256

                                                                                        474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680

                                                                                        SHA512

                                                                                        58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                        Filesize

                                                                                        85B

                                                                                        MD5

                                                                                        0e16444393cd322124146935ab837ecc

                                                                                        SHA1

                                                                                        aa1a3e9571e3e067421d940601965220711f24ad

                                                                                        SHA256

                                                                                        1b5de2bf736e2bb182cf64bd8a72bbbd6538a9f33dc8020223b2257bad6f7d82

                                                                                        SHA512

                                                                                        26c461b0493c5e0f26aa196ce94c0c9ea5d892220ebe882af4bf2892469515e9b13056ef7ae0f9c429f45c14f334299ccffa5bab1547b3da0e2fce45131630a0

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                        Filesize

                                                                                        85B

                                                                                        MD5

                                                                                        916d4f5f8e2c8885224d1575807f6676

                                                                                        SHA1

                                                                                        bdf182d48eb1c332d8438a30e19146ec1b5b1012

                                                                                        SHA256

                                                                                        35b72abbb267230a52eb2fe73a32485fbf6dab0e4dcb5a9f56a5b67ff476973e

                                                                                        SHA512

                                                                                        89fde148ce52b52c8bdd8f321cfad0cdcff6f265d3d5c722b577bc8d70e7e6baf4809c5a5d394fda20ffc8d3ddaf5ab3bd84e11dc0c9933dabe037180ede661d

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                        Filesize

                                                                                        86B

                                                                                        MD5

                                                                                        e9e365607374115b92e4abe4b9628101

                                                                                        SHA1

                                                                                        d5054ea9b22317dca83801eb3586017bfcc0e2a8

                                                                                        SHA256

                                                                                        5cd2c4d9f13524923046198c92213691539407e04fa520cdae9eade1bad3d91d

                                                                                        SHA512

                                                                                        a84d65ed53e43883e5ecb7848fbd48f5305a63e6975e6af480cf85532879720061106be54f2a5888ebc3569f7123081a0e6eb48ccb8d7dba3e1da1c8a3c50401

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                        Filesize

                                                                                        86B

                                                                                        MD5

                                                                                        cdddc745a8c954dc438c931889999bdb

                                                                                        SHA1

                                                                                        7908f975b6815460caa2bc3438efbd8fc8d36211

                                                                                        SHA256

                                                                                        3dc9043838386f5363ac96a01477cf3163b5118b80191576a11b32ce9894314c

                                                                                        SHA512

                                                                                        3d2d4852aa2ac6cb0b9b6cbca9f04366afd48d362d869be877ef324c16d72ff119b5842891baa2b6b99df2de2db8d3be5c23f0f97f8943bd74195996bcb66a0a

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                        Filesize

                                                                                        86B

                                                                                        MD5

                                                                                        67408267ef01ed6b9372f04c029b602a

                                                                                        SHA1

                                                                                        8b7c489754731f399077b899abfe55475ac2abe7

                                                                                        SHA256

                                                                                        b5aa30b0d3e08f80f60effa00fe335d2295fa494b36f33a2e8d8c66e0a34234a

                                                                                        SHA512

                                                                                        c980c28555803b9043f863d21427aba9611bfe49296a8409e4d15759631dea613f40d860d6600dddce2610ab7654a69ffb2abde0867ab2e17b547e34897e1a41

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                        Filesize

                                                                                        85B

                                                                                        MD5

                                                                                        265db1c9337422f9af69ef2b4e1c7205

                                                                                        SHA1

                                                                                        3e38976bb5cf035c75c9bc185f72a80e70f41c2e

                                                                                        SHA256

                                                                                        7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc

                                                                                        SHA512

                                                                                        3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                        Filesize

                                                                                        86B

                                                                                        MD5

                                                                                        961e3604f228b0d10541ebf921500c86

                                                                                        SHA1

                                                                                        6e00570d9f78d9cfebe67d4da5efe546543949a7

                                                                                        SHA256

                                                                                        f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

                                                                                        SHA512

                                                                                        535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                        Filesize

                                                                                        85B

                                                                                        MD5

                                                                                        8549c255650427d618ef18b14dfd2b56

                                                                                        SHA1

                                                                                        8272585186777b344db3960df62b00f570d247f6

                                                                                        SHA256

                                                                                        40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13

                                                                                        SHA512

                                                                                        e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ec50bd23-1a68-46ed-a68e-8098084e97ca.tmp

                                                                                        Filesize

                                                                                        176KB

                                                                                        MD5

                                                                                        864d9e69001dcdf7fdbb949f2bbab586

                                                                                        SHA1

                                                                                        f4854e5942470a1e0fe12b68a53979549d8a9972

                                                                                        SHA256

                                                                                        2446cc080ec6c7a7d937673bf8c245681076bad6ab2ad260e8cd943d1d5ddb94

                                                                                        SHA512

                                                                                        999d0e1ab8d2da395253724be7b1a726a98e08758ded0874eee7013d0362faf1647107964361ebb1cc64768a449329d1e8a286c57ef960de72cfc412c5bec452

                                                                                      • memory/2916-1-0x00000000718CD000-0x00000000718D8000-memory.dmp

                                                                                        Filesize

                                                                                        44KB

                                                                                      • memory/2916-4-0x00000000718CD000-0x00000000718D8000-memory.dmp

                                                                                        Filesize

                                                                                        44KB

                                                                                      • memory/2916-3-0x000000005FFF0000-0x0000000060000000-memory.dmp

                                                                                        Filesize

                                                                                        64KB

                                                                                      • memory/2916-0-0x000000005FFF0000-0x0000000060000000-memory.dmp

                                                                                        Filesize

                                                                                        64KB