a2706ced712d733502af5ba0f15945a7c9744aa2fb1d9d98cc7aa3c128c5b523

Resubmissions

27-10-2024 06:37

241027-hdl29asnap 10

27-10-2024 06:34

241027-hbv75ssrav 8

Analysis

max time kernel
54s
max time network
189s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
27-10-2024 06:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

The-MALWARE-Repo
Size

298KB
MD5

07c71f38ba70d3cd08780578f673366b
SHA1

91920288a31959a00ba02ee68dbe64c874203e01
SHA256

a2706ced712d733502af5ba0f15945a7c9744aa2fb1d9d98cc7aa3c128c5b523
SHA512

56b93f6a9f77f715bca4b4fa07bfde2adf7440d8b01b8048bf1eb7cb6b446e15d0b4eaa9299dd001e3ea33d4c9fd30761334aebbccd9eb55528eeb50297b3cf6
SSDEEP

6144:yLouSpOL/saqkPV9FemLtcsDSsmwF9VvZJT3CqbMrhryf65NRPaCieMjAkvCJv1N:AouSpOL/saqkPV9FemLtcsDSsmwF9Vv4

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 8 IoCs

Web Service

T1102

Processes:

flow	ioc
84	raw.githubusercontent.com
85	raw.githubusercontent.com
70	raw.githubusercontent.com
71	raw.githubusercontent.com
72	raw.githubusercontent.com
79	raw.githubusercontent.com
82	raw.githubusercontent.com
83	raw.githubusercontent.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid process

2756 chrome.exe
2756 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe
Token: SeShutdownPrivilege	2756	chrome.exe

Suspicious use of FindShellTrayWindow 50 IoCs

Processes:

chrome.exe

pid	process
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

Processes:

chrome.exe

pid	process
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe
2756	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2756 wrote to memory of 2396	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2396	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2396	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2860	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2712	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2712	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2712	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe
PID 2756 wrote to memory of 2676	2756	chrome.exe	chrome.exe

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo
1⤵
PID:2052

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7e79758,0x7fef7e79768,0x7fef7e79778
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1108 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:2
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2296 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:2420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2336 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1388 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:2
  2⤵
  PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1392 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3452 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3448 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4000 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3920 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3952 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3804 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:1076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3624 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3736 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=1876 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:1756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3884 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4144 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2780 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4156 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4176 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4164 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2588
- C:\Users\Admin\Downloads\WinNuke.98.exe
  "C:\Users\Admin\Downloads\WinNuke.98.exe"
  2⤵
  PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=3956 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3544 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:1300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=3620 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2484 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3784 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4164 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4448 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4208 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3500 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:1536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=4276 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:1952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=4480 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4592 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:3008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4612 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4160 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4704 --field-trial-handle=1368,i,7715645576730997041,16526181384868084617,131072 /prefetch:8
  2⤵
  PID:2424

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:640

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:696

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f4
1⤵
PID:1472

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7e79758,0x7fef7e79768,0x7fef7e79778
  2⤵
  PID:1656

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:2344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7e79758,0x7fef7e79768,0x7fef7e79778
  2⤵
  PID:1072

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
9b1c99d5245940563e9e81e95c4832ec

SHA1
1bc5970a797d7160879f1ab93559a23b736a2ce7

SHA256
5e5e2d6ab15529a13c5f6fddf4908f82199df64cd0fff65ec624e324f6f20a45

SHA512
6d270d67927d391ddb39f5f2c3bbcbe36add45dc5cbf35099b0876b1b1c91f7ff23389e564bdf583fb4245984cd0a8af8f75ef87695296a8dc1d91269763b957

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\3ca3a7bd-66da-415b-b4c2-ae75bfaeb857.tmp

Filesize
6KB

MD5
5d8de6a21a160dbdc1cded072ff0587a

SHA1
27ce0131b9aa3e20d739e40d3a17272fe6332c32

SHA256
7fbf77a07d3f4afaee3f73d7baa0c8ca4501c071ddaa69fd4216327d5443f24f

SHA512
55b3f3a62f7948b8cae5ce60b0f30c02ca0fb432d0d2680470d2fae7ef9ff7b216704c27bc30dd89d0ef1c9287baffc6775938d07dbc809938cbdb2231117ca5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
37KB

MD5
c67ee59476ed03e32d0aeb3abd3b1d95

SHA1
8b66a81cd4c7100c925e2b70d29b3fdbd50f8d9b

SHA256
2d35ec95c10e30f0bddbfb37173697d6f23cd343398c85a9442c8d946d0660e3

SHA512
421d50524bd743d746071aaad698616e727271fdf21ee28517763a429dcb6839a7ad77f7575b13c6294dc64d255df9b0a64eb09c9d3b2349fef49b883899d931

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
20KB

MD5
2766b860b167839e5722e40659620a47

SHA1
47766dc72bcace431ee8debed7efcf066dcd2b59

SHA256
725a5e52a501bcd107624aafa44a857c00d02286fde07be774afeac2efed68c3

SHA512
a97f77977518ca755e9460cac34e0b5358ba98b3624c53f0e1ef7b947e62a6f3f99caf2852fb3132c822525d88b67b9c1ed778b3e40083d9df36028c85f73ae8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
37KB

MD5
c130e937317e64edd4335e53b17d55a2

SHA1
51bfff9dee11ab5a8c43198c0d6178799ed9433b

SHA256
46025a134ebdd6c6464ff422818e60938fc41af735f7951f4febe29f57612a49

SHA512
68e5fa69101a7347028ad30d7c004dafabcbd8f8009df90d0471b19a36741075d72da56a2b1693c2067902630584bda5536f0702302db5d69f407424d4a964de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
18KB

MD5
2e23d6e099f830cf0b14356b3c3443ce

SHA1
027db4ff48118566db039d6b5f574a8ac73002bc

SHA256
7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885

SHA512
165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
19KB

MD5
9f35ba270e9ea92ab439941460109ef9

SHA1
699dd11d06d2d5925cc91c2df7e4fca4acab56b2

SHA256
344f84869c6a5fea3a0ba409a9716b2d5e83b27bd295603d72bdfd6f8af98f24

SHA512
8660fcca9cf7ca63ccedd93e9606b5362babb0d2b7525248d2530a1656043aaddfbd71d4e21cefbc1669f97efc2e54f6f5e60a2da51084997dcc56f02ef4e750

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
18KB

MD5
7d5eab356faec5b5f4d54a6aaa773bed

SHA1
25b586f3c878feecf21a0e7456990d9882e818cb

SHA256
0d2392b48ec59632d23269b239b2153ed66943717a0d3711628fc2dd52a2119e

SHA512
7c7649ecbfa3deb35a6f08134ea3703a639f957a254454f228f4ded47b6c5a73f03a34b8368d789a2b92aa7a9a979c9aa1fda64fd5531a404d3b2f8997dc54ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
63KB

MD5
b470641c453d5e71c3d924ab3b79a455

SHA1
927594c292bb654e40f1154a40c9948647a9b9dd

SHA256
ab60625b7a253e84b7631e65c2a5fb70563f9e60f2c9faf93af5ccdaf38cf8e8

SHA512
b8173c986ef7bf4b2890aa9bb5a8c4c099dee5f47bdd1ab361a13a1ac47d97cdb26b711ebf8dcf469fb9da777e7bf4e3710a0730b7328c8d74ab3062ebd770dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
89e768c53072386b1c16509e31b06969

SHA1
a6cce523d30efab2a56fa34c6ee93ca1fbc597bc

SHA256
a4efbd07b7cedcce6c217654088c83c444b076d68554b19d429176ee50ee44aa

SHA512
808a359b6c47544e9d27575b21198b7041393a5c75f0e1711e66e50bcc5dbe54e89efa93d4bdff339b08671984cfa9d6bb21c21121bd482c309c9a52444a052a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
bc4d1427090445580d68aa65689ce1cc

SHA1
70452c613367ec978c6169925cdbb0953684ec3b

SHA256
36f68f3a22ec1b72d7f0558f200ed2c9aaba038455f9f0113d851739f7ca619e

SHA512
7c1d5d2e3dc46bdc329ab797a60362ddeeb66e7c8d653abe36f0228e3d5739fd49f140b7968dc6121a34375612baf259f6892d6bc7222727b13fdece87ba5973

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
02bbcd331f9316b10a3f635af319077f

SHA1
7bbf6d078a4c2dfc86a19322a8bc645f914fb664

SHA256
58fa4882bdc10835c508a2a9bb98ff9f74f6aad70755e016f4ddda89d5ca21fa

SHA512
6a482e4346395f99b21c4e2be5e5e5b19f99e37886cf21784e845b2a71248712606b157daa3b1851b786da3d527f6faf1997e2ab3701506840625c82c3ea6980

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
940673a1ffa66eae09cfb222c4c62f29

SHA1
986d371b569337fd9a39dc2a3502e696bf2d6829

SHA256
7c6beafb2b4194da801e4a020db1836618e9fdbb842b5723390eebd8ce4de311

SHA512
1e903e19275987e8f686f6973ad18754cbceb9339b39ed24f758a9814078a521b0563cc801de1736e69ef2b0185a9b7b2bbc3de64ee28526a2314a801a18c433

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
853B

MD5
6aa4d84dd4404980596f3705bc4b3c38

SHA1
60394462aea957aed0387998b4d18b9e9ade733f

SHA256
0a7d014281a7168f325f10b1460b447fae6bb2d3f5d50c2d69edd4b230dcb92f

SHA512
45623d928330df96389ce62a9a73602966726d1ca8a5ecf1689ec6cab67fdcead6d36783e107d0a07cbe8e7c7c72858bb4d67517622054643006ab90e40e2ba4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
0cbe0f5b9f5cc7b96a854730fc160d7e

SHA1
7b2663fe934c9d38a76dea0f9a1223156e0b1a67

SHA256
e847ad5298807091fc0b3e1f1a3c1b51323bc5f763fdd802ff69c230085a9552

SHA512
e86d578c638a8bc83e7086e88a550e201e8bcf16a5765c6f137013f15e1dae258ef0636d8fa71fd951dde667ef1fb38fecd940a92db67c971068abb5748ab5b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
853B

MD5
581f3c851ee10bc11910e8e156593d39

SHA1
e0101faf3b83166422842949f3f5ec4c4d79bb5a

SHA256
53db06f6010be7b807dbbd18c13e876e29fde0a0904094d899eab1b273a5cea4

SHA512
ceb4ef2ce8f05665f1dadfe47d1bdf79e1d6b320adf4ca5986969ee41f941adea79301f9b51452f6085a15f40f9010caf0bea83a50dd9f06e526cb536f310df2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
847B

MD5
c5ad35779ead4729df09d1a38547a8f4

SHA1
a5d0be4fd068322b2190cf916f84fa765e1c25f6

SHA256
4a089aa22d8f55cced65328a8554a21b9fbe832036c43d7d98b4fdd77fd575df

SHA512
0fbbc95cd9321edd751d32e3d3d4caeb2d5facfa24c1b2dc8732695aa79163a1fa7272597e31cab21c1ddbb132bcc69e847e34d84fd29cd54089234a01d4b6ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
32fbfc5e4ee0660e5b536a9946fe9809

SHA1
de366a82a7bf9cc1b7e1b68d075e3fcb265544fa

SHA256
f23d02a484e5e44082408d942dc4beaa4a45fdca62abc2835cc6c816a4408f53

SHA512
f001e01bab94ada026c804b54337e299b21d3d78f47db1bd87346a4f542672907492fc77a1b9c8684871f0434c53bf5404b413fc1db436d79533836424e79bb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
853B

MD5
250bdb5cf0ddbb78aee2d5dff4653b7e

SHA1
09ebc82833ae0842f3901f0d25b562ff0032cb0e

SHA256
b4ddfca520ea1abc73c51577e37f9bfcfb824d5c9b1d6b41ec4e1c746a50cc4f

SHA512
56ad3e66c01b1e51a59785443f4eff873d5e6b9227b26a9f47d93001ebad0a9aad95a12d7a68024af85a72b6117fb3b8a8c1ee0e7b2adc5ac29be1847718e7c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
849B

MD5
8ae9fc9898c1f357d90fbad623bbaf0c

SHA1
4e447cbd342ca789a28415732d7b57fbfb9eb170

SHA256
bf55cfe31730ab5f65430c81cc2ae3bfaf5c5b1cc961a76d99b5f6000d7672d8

SHA512
c169982d2c301b2121c027b4fe8c4829504bf0cda4e2d5106399af165c261bb753013e8322daa9dd662c987e1e67f3f646c8d28066b2a0c40186d51ffe999f0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
aeb1db1258529dd4c39b2fac85af3059

SHA1
07e6c33dfab5952ecafbe00d8810c2f8835e2f66

SHA256
e1e98e49bee90de3c7dc971810c3b6bd353e89a55b2d72caca316441a41dfb3f

SHA512
d6ab9be286bd497c65c4a11a3e5d0efe1b7831d06d1c3c8ce1fbe3791d62199c61f661297c410f7b0de1535568bddd6551ba3a7464d86048f8898e9afd551ac9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
720fa1541ebfb3a81dca93d1b648533c

SHA1
ecdda39c7334e4f119cdea6e106360637306fd79

SHA256
cf46c9af6472471a1fcec7fb5326c080da69c49ad28fc30f5c5a1d2f965d184c

SHA512
aa8516c78c521ffd7c8d1904622514ea5afd0b45d873c58e781900ce1dc9daa40c4bfbaf21a8dea64f53a5e969f9a21f37001d1435fcb18e51200984331640ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4a18341e3db1e5638ecf2e53e579d629

SHA1
a6f83df4722889aa708fc832b0c9b14d143f65b5

SHA256
07652ab5955a3c64aa8b840ee662b28553fa65b7e319f43f5d3e21eb34c60500

SHA512
ccb177b941711ee08513747ccad7875eba8cdcd36852f22d071affad3ad6056e6597d22faeaffba94ebf1292b4e294537c00f5940adcc372c5760d410f7039b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
85782e504c416a699774f1900725d729

SHA1
5e7511a5f08f95442717651fc6a37cff22163447

SHA256
c882722b580dac2a14eee453b579859f1a2d3fd28d0411bed7a15ae2dd30ec95

SHA512
6d31881a43ed7385e49d161d190cc6e201dddbc60eec60b8c6fbbe4200d6d84818587de7c811b53ffc8ce12831babe5669e776e45e9739969def1e37331bd36b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
d81f0968a312291573983f388443d024

SHA1
189a70c7497997353b1dfa4397ee3938e4f7a0c6

SHA256
81e75e2ad28f269e0a5af2e9c2feb4114f28a1d9a25bdde2d734050eab37fd59

SHA512
589a5ff0173239eec39696f4d58ca54b076c71d798450f2fdcba3d36b46001708c6557e89f706acbd816ccdb6815602f9e65d2a6e39cb3712f561e08efd16314

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
8be036d39ba3db288c28c69fcff3de77

SHA1
4bc2e12fcf697e56e686b8e34d76842de4f98c81

SHA256
b6c088d63d03617911b11d598bec71d4a5fe67639ef4506e3cdf69b590390e52

SHA512
3a945de1d43afcf76621f064f43b65ecfbf7dae980db32f373380781f7fc79bde9484339d66ba7dcb18b609b1920320483ca6e098b9987addc09c5cc2cef5e36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b60a0282-829d-4539-b66a-880f0d5ae382.tmp

Filesize
5KB

MD5
e9a26684e17207c779bcbdef5e173522

SHA1
551bc5128d12d0cb8a42f76e075831930d17a142

SHA256
60c3017b5bdb0437b3a3321039586d4dcea7dc2c670f9845ee823cccce74335c

SHA512
2edfa1fdbba7398be84a998cfec70bd33913e0065a059cf1c1626d652d16d826cb75d2740ca27544bfd1df7809ddc6941bc2034e76a4ee3a223796af1bf6675a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
352KB

MD5
1ec351fd59a8a82929bb07412070f543

SHA1
8735e366e492f0fcde359af5f696ed74704ffbd4

SHA256
4cd898d0384ffafdeee374b5608d3dfa38b9258916a050068449fabdb28436d8

SHA512
e3348e94dfaa785d84c78d15fa11d23f91cee16af4b3315b0f8fedbd9cf26e1e8bddbb094409b4036f7efac97dafd99e6f5e8ba4e62b2be096e7e318f9b18288

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
352KB

MD5
429a4c6d9e84624c23c5b1bb1abeb87c

SHA1
aaf85f63912bffb8b7125623c33a4c362cfd0daa

SHA256
e35d275882c728af1991c90b1737b384fd0ca0b71441fac81091c9e3b78a92e0

SHA512
51539e4aacec9c96ffa01f29ccc03f4f1de3340e1f043b1f0d9dcd891e7563f74126eb8d559b891070e1fee2fff47f28d5d545e56288f281b5e42f24fb557738

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
352KB

MD5
9a8980be00a8446c0b0e7e4b248ca8d8

SHA1
7b25776e6f1e0bb6dc472741e27393b3d058110c

SHA256
c3021ebeda3f96714b5fdea6fd0250252d496b821481e09fc4a74d9eb0327250

SHA512
a096d76376f63adf9db0a84061d6441aa1964a122af206eff0d98990a3cce13e33a8e920e5a9ad60d7fb7270973485beecfc28217b8953b5f75ac1e0017ca33e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
75KB

MD5
cfa4d6ead25d36458ed10583d0824d62

SHA1
540c1ca3e811d160d6e587f509a4e1fe1471ca58

SHA256
2dfbc0cf9ae5859dab6af074c416c67dd6fb96c327eea2f5cfb78b8744546911

SHA512
06295e030b40b7bf84a1babf1cac25850328d4b7ff22c9c52caa3ec89b13011d6bb520e92740787f6573e166a80170bba46b98658d820de78ace291a525ec4cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
2daeea3ccb3da73f1d47a9d7a0300d3e

SHA1
9f5635b3b234464e9178a171249849350778e891

SHA256
540bc8ca2fb75e471401f81246b725a24ffcfda8903af497e051caa810b00a7f

SHA512
58c0969b781a472d0376db9415700bedfa19050a19f69976beef4fb1c65ed43763ec146ed97393ecbc639785fac7ad77cee1976fb40e877481f5f04df0c552ba

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabED00.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarED9F.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit
C:\Users\Admin\Downloads\MadMan.exe

Filesize
2KB

MD5
a56d479405b23976f162f3a4a74e48aa

SHA1
f4f433b3f56315e1d469148bdfd835469526262f

SHA256
17d81134a5957fb758b9d69a90b033477a991c8b0f107d9864dc790ca37e6a23

SHA512
f5594cde50ca5235f7759c9350d4054d7a61b5e61a197dffc04eb8cdef368572e99d212dd406ad296484b5f0f880bdc5ec9e155781101d15083c1564738a900a

Download Submit
C:\Users\Admin\Downloads\WinNuke.98.exe

Filesize
32KB

MD5
eb9324121994e5e41f1738b5af8944b1

SHA1
aa63c521b64602fa9c3a73dadd412fdaf181b690

SHA256
2f1f93ede80502d153e301baf9b7f68e7c7a9344cfa90cfae396aac17e81ce5a

SHA512
7f7a702ddec8d94cb2177b4736d94ec53e575be3dd2d610410cb3154ba9ad2936c98e0e72ed7ab5ebbcbe0329be0d9b20a3bcd84670a6d1c8d7e0a9a3056edd2

Download Submit
\??\pipe\crashpad_2756_EYBIMDLKVWQHLSIK

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit