Resubmissions

04/11/2024, 20:55

241104-zqy11sxbqe 8

04/11/2024, 20:52

241104-znv7caxbmc 10

04/11/2024, 20:32

241104-zbrcmaxclp 8

04/11/2024, 20:28

241104-y9ek2swgrf 8

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    04/11/2024, 20:28

General

  • Target

    sample.js

  • Size

    66KB

  • MD5

    cd1b57f91a68cc5b241ca6b07499aa0f

  • SHA1

    868e51ad2a98642c5a91d2f0b4d65cd6bf8f97f3

  • SHA256

    7909ad298eba1b0e68c4e7a905563960e39bf5fdc324663e91dc9bf1af7e4565

  • SHA512

    c61b85472831fc0e115f75106d8fba08d83be592e7e9ec567eacd45c146fe9e1d35c5d970642687dcff9f6452098ab13eb952057e42c79865c8e72138fc3d8f4

  • SSDEEP

    1536:a69UFLCCwNieu/behNFZuSuWtWWxnqio1HSEpqc2SkASNWjII6ZsnJVrYa5vfu6c:l9UFLhwskqio1HSEpqc2SkASNWjII6Zx

Malware Config

Signatures

  • Downloads MZ/PE file
  • Drops file in Windows directory 4 IoCs
  • Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs

    When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Command and Scripting Interpreter: JavaScript 1 TTPs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 23 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 37 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\sample.js
    1⤵
      PID:904
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Drops file in Windows directory
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:3960
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcc030cc40,0x7ffcc030cc4c,0x7ffcc030cc58
        2⤵
          PID:4984
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1832,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1828 /prefetch:2
          2⤵
            PID:584
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2088,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2108 /prefetch:3
            2⤵
              PID:2768
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2200,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2176 /prefetch:8
              2⤵
                PID:2020
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3248 /prefetch:1
                2⤵
                  PID:4640
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3216,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3304 /prefetch:1
                  2⤵
                    PID:4516
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4464,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3588 /prefetch:1
                    2⤵
                      PID:1532
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4612,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4596 /prefetch:8
                      2⤵
                        PID:4956
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4620,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4748 /prefetch:8
                        2⤵
                          PID:4860
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4852,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4908 /prefetch:8
                          2⤵
                            PID:1476
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4932,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4948 /prefetch:8
                            2⤵
                              PID:3288
                            • C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
                              "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
                              2⤵
                              • Drops file in Windows directory
                              PID:3872
                              • C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
                                "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff6fc034698,0x7ff6fc0346a4,0x7ff6fc0346b0
                                3⤵
                                • Drops file in Windows directory
                                PID:328
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4304,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4772 /prefetch:1
                              2⤵
                                PID:2088
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3240,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4424 /prefetch:1
                                2⤵
                                  PID:972
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3296,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4396 /prefetch:1
                                  2⤵
                                    PID:4340
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4344,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5112 /prefetch:1
                                    2⤵
                                      PID:4296
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3500,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5196 /prefetch:1
                                      2⤵
                                        PID:4172
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5424,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5416 /prefetch:1
                                        2⤵
                                          PID:2328
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5532,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5548 /prefetch:1
                                          2⤵
                                            PID:4652
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5800,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5820 /prefetch:8
                                            2⤵
                                              PID:2684
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6004,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5992 /prefetch:1
                                              2⤵
                                                PID:2092
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5508,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5456 /prefetch:1
                                                2⤵
                                                  PID:1580
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6228,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6236 /prefetch:1
                                                  2⤵
                                                    PID:3196
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6352,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6404 /prefetch:8
                                                    2⤵
                                                      PID:2004
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6148,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6212 /prefetch:8
                                                      2⤵
                                                        PID:568
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6628,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6528 /prefetch:8
                                                        2⤵
                                                          PID:1372
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6524,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6212 /prefetch:8
                                                          2⤵
                                                            PID:4752
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6596,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6592 /prefetch:8
                                                            2⤵
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            PID:2200
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6212,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6496 /prefetch:1
                                                            2⤵
                                                              PID:4884
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6580,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6576 /prefetch:1
                                                              2⤵
                                                                PID:5000
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6748,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6380 /prefetch:1
                                                                2⤵
                                                                  PID:4948
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6828,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6848 /prefetch:1
                                                                  2⤵
                                                                    PID:4872
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6856,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6984 /prefetch:1
                                                                    2⤵
                                                                      PID:4440
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6528,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6544 /prefetch:1
                                                                      2⤵
                                                                        PID:1924
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6972,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7324 /prefetch:1
                                                                        2⤵
                                                                          PID:3344
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6616,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6420 /prefetch:1
                                                                          2⤵
                                                                            PID:4900
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6296,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6316 /prefetch:1
                                                                            2⤵
                                                                              PID:1668
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6584,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7236 /prefetch:1
                                                                              2⤵
                                                                                PID:5920
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7748,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7768 /prefetch:8
                                                                                2⤵
                                                                                  PID:5944
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6400,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7908 /prefetch:8
                                                                                  2⤵
                                                                                    PID:5952
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7736,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8048 /prefetch:8
                                                                                    2⤵
                                                                                      PID:5960
                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8168,i,8852426465470563647,12249765905441946694,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7252 /prefetch:8
                                                                                      2⤵
                                                                                      • Subvert Trust Controls: Mark-of-the-Web Bypass
                                                                                      • NTFS ADS
                                                                                      PID:5180
                                                                                  • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                                                                    1⤵
                                                                                      PID:888
                                                                                    • C:\Windows\system32\svchost.exe
                                                                                      C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                                                                      1⤵
                                                                                        PID:4276
                                                                                      • C:\Windows\system32\AUDIODG.EXE
                                                                                        C:\Windows\system32\AUDIODG.EXE 0x00000000000004EC 0x00000000000004F0
                                                                                        1⤵
                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                        PID:4156

                                                                                      Network

                                                                                      MITRE ATT&CK Enterprise v15

                                                                                      Replay Monitor

                                                                                      Loading Replay Monitor...

                                                                                      Downloads

                                                                                      • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                                                                                        Filesize

                                                                                        64KB

                                                                                        MD5

                                                                                        b5ad5caaaee00cb8cf445427975ae66c

                                                                                        SHA1

                                                                                        dcde6527290a326e048f9c3a85280d3fa71e1e22

                                                                                        SHA256

                                                                                        b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

                                                                                        SHA512

                                                                                        92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

                                                                                      • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                                                                                        Filesize

                                                                                        4B

                                                                                        MD5

                                                                                        f49655f856acb8884cc0ace29216f511

                                                                                        SHA1

                                                                                        cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

                                                                                        SHA256

                                                                                        7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

                                                                                        SHA512

                                                                                        599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

                                                                                      • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                                                                                        Filesize

                                                                                        1008B

                                                                                        MD5

                                                                                        d222b77a61527f2c177b0869e7babc24

                                                                                        SHA1

                                                                                        3f23acb984307a4aeba41ebbb70439c97ad1f268

                                                                                        SHA256

                                                                                        80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

                                                                                        SHA512

                                                                                        d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                                                                        Filesize

                                                                                        649B

                                                                                        MD5

                                                                                        1ff6daa8a95bd88c71919b861d4cbda3

                                                                                        SHA1

                                                                                        359128141a0c5633c5635708443a7c859446152e

                                                                                        SHA256

                                                                                        6ea43b0096da8c4361ae6a7f4dc0080431a78089b481403d31d0f38ce62d4b78

                                                                                        SHA512

                                                                                        ac5c40550b1cb9e1f38890584872cda398669caa3c14f6ee86e1f3b1ecdd3943ff23b2f5ff8fa4d1911d1502ba31fce954a463496b20882d06b33a7f203ef181

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000059

                                                                                        Filesize

                                                                                        20KB

                                                                                        MD5

                                                                                        87e8230a9ca3f0c5ccfa56f70276e2f2

                                                                                        SHA1

                                                                                        eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

                                                                                        SHA256

                                                                                        e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

                                                                                        SHA512

                                                                                        37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005e

                                                                                        Filesize

                                                                                        18KB

                                                                                        MD5

                                                                                        8eff0b8045fd1959e117f85654ae7770

                                                                                        SHA1

                                                                                        227fee13ceb7c410b5c0bb8000258b6643cb6255

                                                                                        SHA256

                                                                                        89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

                                                                                        SHA512

                                                                                        2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        7a4fd53726403e32091a7067415a0d31

                                                                                        SHA1

                                                                                        14c88e46efaf18d01f7b594bffb89d0ceaf56e37

                                                                                        SHA256

                                                                                        b5a49c68813b36e958b5af18e0572ab8c68dec96079dbb57437b476a0e6be15a

                                                                                        SHA512

                                                                                        50f0c081194af9b0c4b055be467dd583de0bff23beb0ff01fb5557410015d94f887828c9702329cb097f8ab235cc49acdb032deca3533489dd50bb35b92018ce

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        557642b4b3d1720686945aeacf900700

                                                                                        SHA1

                                                                                        ae4c132be4aa70fbb6abd68bfe4d22ffad2af73e

                                                                                        SHA256

                                                                                        6e2419909c8b703e9f32b6384832158d8ea7a3860d70b51a19fa704f4a1e6ee7

                                                                                        SHA512

                                                                                        d75fcb296b7829a2b0fe37a237fd8c0ac97e076140c51b755c6ba52f2d7cecbc27749a5d206e46023760d465b6f18107c8011033399505420a50862fedb1580d

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        8304d5009cdc685e19cd731e84d32f29

                                                                                        SHA1

                                                                                        2b32253115d33aa60a7af6c58e236438b16ba88d

                                                                                        SHA256

                                                                                        0ea14c8f9871e1e9454da975d255c77b608fd042aaee014706d15c6ed1e29ca4

                                                                                        SHA512

                                                                                        6b1d610edb61474eb0823ee88e9b2b091646c7779a7ee747d0ceb28b0873052ba306f5ac748b8a4c6b197af031ac26c411aa4238feea6c34474fccf0a5de56f5

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                        Filesize

                                                                                        14KB

                                                                                        MD5

                                                                                        916c2e369c302e142cc7208b203f4405

                                                                                        SHA1

                                                                                        49e8ffc76a709a92d2cedc2275044d43a0f5d76b

                                                                                        SHA256

                                                                                        a6cd3ee9507b93f0be0417922ba4cbf7b1b63ac0cdfc60abd694d9c0c0970d90

                                                                                        SHA512

                                                                                        49b5052fffa775741748d94d29ebd657d173e153525667c327869791ee979b7f56dd35b157de7e2845d7809087571fb50f41052904d89abe7fafc80de1be87ff

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                        Filesize

                                                                                        10KB

                                                                                        MD5

                                                                                        8cb19b437fc8990278db2afec35647e3

                                                                                        SHA1

                                                                                        ff4a139941bd797c7ac6f1ff0689a758f71d64c6

                                                                                        SHA256

                                                                                        26705d15e6418a2802f2117221fa9979b1ee1f080cc3fa347f268c65dd46fe18

                                                                                        SHA512

                                                                                        7a04dc30c7acca5ce5216d1362cfe755057b53a28658ff75e7802b82d5034b9c6d81160b246ba9dd058b6144decb53123e1c1f2e596d1968f5ba33b9341fa6bf

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                                                                        Filesize

                                                                                        2B

                                                                                        MD5

                                                                                        d751713988987e9331980363e24189ce

                                                                                        SHA1

                                                                                        97d170e1550eee4afc0af065b78cda302a97674c

                                                                                        SHA256

                                                                                        4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                        SHA512

                                                                                        b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        cab00d5419160ca9e8f9ffb95dcd97d3

                                                                                        SHA1

                                                                                        a232e6f8631b135b1cec3c272a26a7a997acd665

                                                                                        SHA256

                                                                                        819660ec3e2bd8ad52e5ae43a6302bd2ab4568a32891f6b13ba8e681c0d9b320

                                                                                        SHA512

                                                                                        03c03ed35d9bf6c5ed0af932baca0570eb8854c4ddffa18fd2239f6c3b2605c14dcc84f5d9a1316f8a9dda55b1aaea16e98e7db4913adb3d57be5da2c1d834b7

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        356B

                                                                                        MD5

                                                                                        46958aa39e91e47ea81bfdc77839b4ec

                                                                                        SHA1

                                                                                        291d51bbdb797f171cd6ef48d12a663a767ad6e6

                                                                                        SHA256

                                                                                        5826c2823044250dc5787df66198da2b3ea016acc9b98923d3901f8ec304f5f5

                                                                                        SHA512

                                                                                        4dff87942a83faee921049c537f1d9c24fe672ab6c0546f4cda160ac8aa3008bcf7afecd085953a92631e17e1cdce882ea13218622925c3380d4d854f905d23a

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        e691781ea7e610470b68fafccf516785

                                                                                        SHA1

                                                                                        6c1f28747ff79202a826c9668702184caef343f7

                                                                                        SHA256

                                                                                        66051a460ec202f8fa6bf1eb0ab0222462022d7eeeae3978a9a8f70657f8af38

                                                                                        SHA512

                                                                                        181c29d8bbebf99d3a6b883769d4c82936c722632d744f17ef63bbb61501c0d27e72c3fa8319ed331f58291d4b7c4052a3a57391b858abba7ca3f61cdaac8348

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        41383e8645524c98a02eec0d771fefa7

                                                                                        SHA1

                                                                                        dec97abf5bac03ab8b956d7de4fa39fb22938ec3

                                                                                        SHA256

                                                                                        ce22353443db36a4c41c607d57d27ddb5b8176641bef485fedbcb5bdc776bc9f

                                                                                        SHA512

                                                                                        c6317f54b35d3fd28af2fe83183f73c53055cfc2c6bda18015e956d5c0495e5ef2119bd674f1d842110971c7f02c76603b119a81cfdb599fe0bf84d9360c61c8

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        ef01ad87573608dc2c746c6ad4992607

                                                                                        SHA1

                                                                                        1c2cc73284e035ab85097315a04debb328b13d91

                                                                                        SHA256

                                                                                        df6103d73d1fb21310e574c851d4225ce9ca381c4dac20e66e0a9cd5fd37fe95

                                                                                        SHA512

                                                                                        b5703e65ce08f38e0a32b9a62febfafe8daf36cfd21b52f94b36b88274db1b465519bcb52f86a6c7a8d44f3d250b66b0e26744ab4d862cb7debe56edf397ffeb

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        0b7a94fb6676915ab911a1c3d4e08ad2

                                                                                        SHA1

                                                                                        77c824ad1e6e9d6ccd227fce85442cffe6800b7e

                                                                                        SHA256

                                                                                        9acc251f943e7920c9bcae73cba5edffb9d1ea7b17b5d09e86da53b9ff0cbdbf

                                                                                        SHA512

                                                                                        7f71666b525e214cb95a671112bb399cf08a4c578e5e0d7658bda26e81f9e9759e2bda9aacbfdad667b84768b1bf60e40117f27519f7f5afbb45bf3d1dfbe52f

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        ab6990752caf929db2abf9764a5ece77

                                                                                        SHA1

                                                                                        410067fe9d4084a42fac77f5daf9f4f6e929249b

                                                                                        SHA256

                                                                                        f80004102923beb739eb5870294ccde4bad9cde2c24503b4f09f7db9ef855d06

                                                                                        SHA512

                                                                                        924400ebaa0b9d5710639c23f8c16c8d722465b9cd58d4d98e07eec3c5ac4578ff7fe44fcc77052fac9bb27873003084f4708c9e230f9749a2051715adfb684b

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        98283326f047da7f72e4f9e38e8b2711

                                                                                        SHA1

                                                                                        1c017bf919b19adaa4364a999cc5858e742d520e

                                                                                        SHA256

                                                                                        a16eab024defd7b8fbec1af552ebe901f9b26a12b789e0bff13c67410b660c9f

                                                                                        SHA512

                                                                                        6df8a01d2de8bbc2806b7dc3eed472f5521e3da1cce5d9381ae1c8f7d6585ffe568634ee38dfd12f472df4e35cbc9fa434f1515bf0be794812e13c1af3ca84bb

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        86a31ac617a70c72b8d638c09e906e99

                                                                                        SHA1

                                                                                        1c4bf83592c32013013d50e7291359a3b44b2fa4

                                                                                        SHA256

                                                                                        574b138ac14c1f36e89c7a387e503c6c910d613c2eb828b991bfd6baf487d1f8

                                                                                        SHA512

                                                                                        5e0fec259a75191de63334bf72e6f44ba40a83d943aa9c6a5afd145e4fcfdb4a1eb45f13163129fd8423758de07c0598e2d6fff02efc05179dd2b244dcc479bd

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        a8c50896b82f9e8c6c568f002747d7a7

                                                                                        SHA1

                                                                                        abd111b335ae37399e8e0c60d2a777e9dddb94b5

                                                                                        SHA256

                                                                                        da0663307e1561e43aad46e5f43e610e06853c6c677a9fc5c7520d4a7b34af3a

                                                                                        SHA512

                                                                                        767398e93d59769101dc0673e11a6465d7dd6b6894b153146f4d39c0d68ad4fbd69e420370f013c29ee2e9e4a8ef12f1ca4555e230f742c9f20026fbaf35afb7

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        10KB

                                                                                        MD5

                                                                                        ac3cc8616583b3b18499ac19a16d18f6

                                                                                        SHA1

                                                                                        72b901a9958791c272991e538c9058e483878ad0

                                                                                        SHA256

                                                                                        6d85f664c3ea6833549dc93490192aa9c3af7ca7b4ab720222b31ef1cf532c83

                                                                                        SHA512

                                                                                        177f79fe85cae38ef561498bce1185e1a94e43685d3a4cbb9489fe641ab20964b375e659957d0e13e8a22df2b4535dde75a37de738ddd21a08d897109947ad7e

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        10KB

                                                                                        MD5

                                                                                        726f2a49e6f2170bc305ee823269cc0d

                                                                                        SHA1

                                                                                        d14c845e7326b4a719074224ad60d2d8b59b38ff

                                                                                        SHA256

                                                                                        70aa1571f4fbbbe77488bba6c9ba99cab8e1762c63fc0ec632b69c82a2ec784a

                                                                                        SHA512

                                                                                        305efcd8edceecdaa38333bab39257fb82d130ac5ea27d0a906b095bb87f081a045447bbb361d1e90d5f74b8aa9d19f3133f7af6dcdc401bbbc4ea338ff8344a

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        10KB

                                                                                        MD5

                                                                                        1865f04b32e2beaaf7ccfade9a1b00bd

                                                                                        SHA1

                                                                                        c6ce35716319957ef3df01f44eab4816fc0c0923

                                                                                        SHA256

                                                                                        e8391d3214b02b0eb93f3adccd069151c7d377604b25e015d2153467fb7de61d

                                                                                        SHA512

                                                                                        a127f11d4f1c388da29b743e72bf6ef216b77558a8be8948f4624bc50e13bd7d57d8389e9686e5e8a2a771a34f9a642e567f13ee64ad87f54e82e30bfad92db4

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        11KB

                                                                                        MD5

                                                                                        d1982795f5a063a1b481f9cf67db2071

                                                                                        SHA1

                                                                                        27e6af0a0e0ff113894d1f2472b74be18b018d2f

                                                                                        SHA256

                                                                                        e51a21662b75aaebab490aa1501779f2c927b11caa096a1591917b083620cdf7

                                                                                        SHA512

                                                                                        c1037b4cb0fa62a4649e09f0ba5c320de393cc7e0409ae2fb7d1d293b9dba45189d838f7b1b1fc889d87905d7f94b4561783ce658577b41ae783e76144cc757e

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        11KB

                                                                                        MD5

                                                                                        ffbc8bba28a948678e02acabdd7fcf99

                                                                                        SHA1

                                                                                        bf063f9742450759e2ee6808054e2918fb53687c

                                                                                        SHA256

                                                                                        f4b7c2144e7c3556ddb80ad92350487ccff5bc4421efb4e1a721404f37faad7f

                                                                                        SHA512

                                                                                        f9ec25ce8d90de767107db04f0182bec96b6dd8be058671dd20f79c8a718a06db07152556f5fbc8d2dac65c76472b1d1024ba7e0331a2b5d132a4f2d0d0c2166

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        10KB

                                                                                        MD5

                                                                                        edb790214730088ecdef5d692e585131

                                                                                        SHA1

                                                                                        6c6ac3fc36d9033785288e59cc3d0572f5e7f9dd

                                                                                        SHA256

                                                                                        29bea714c01c4490a4b2dea3d9b05a75bcdbc7cd674ad9ca2c2e02da251fba57

                                                                                        SHA512

                                                                                        c4369058244e74914326055010a50384f3964b5a71f45116cc595c39149ee02e7b5d1a5d0a4804d0694e0ab94228362ca4c50372dcabe4a9b857c01c36505bbc

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        10KB

                                                                                        MD5

                                                                                        e0cea8c518bf9e7d2e6a35687ffa628a

                                                                                        SHA1

                                                                                        7cfd787d64609c47b181e8ffd5da69809e8f054d

                                                                                        SHA256

                                                                                        2b0715bd348c4779a44e457fa42391bab157fe9b17de8655f2ab5fcc5475f439

                                                                                        SHA512

                                                                                        4cbdb5de93e3e2af425d470efe4b0d8147335e52ac1a7cb212f3ee9523e28558306cbd522d336622551c0c04c2cbbec095756a49762af67c78ea43717b7b4ea8

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                                                                        Filesize

                                                                                        15KB

                                                                                        MD5

                                                                                        2c3649e0012f971576bf35e1fd4b6676

                                                                                        SHA1

                                                                                        f4614991f10e7ea867e1f86a5a7805763d07d506

                                                                                        SHA256

                                                                                        0ac4a78d6cc14bafa9bb117e3bb88fc99d8e4435fba4144183f95c44fcf030be

                                                                                        SHA512

                                                                                        4db43a07ffda7b81a4ec8d7272fe7a7a897721aefbcb608653935461d6d6d44ea5d4d01e92ca8e86ce1c38ea892a8e66bbc197f51f2f8bfab323bec613fbe8a7

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        229KB

                                                                                        MD5

                                                                                        47ed831329c1b2318dbc4ad9a4fd75ca

                                                                                        SHA1

                                                                                        7bab3131da0a1464b67cdc9e7ef2241de062d3ec

                                                                                        SHA256

                                                                                        01ea63915857a96ae959b112f5b94deda8666939e909b9f11aa1fa6248ebc47b

                                                                                        SHA512

                                                                                        ed78f85097860dd866b764a30b2023c4f9bb1f6bc88fbdf8be5435742ea7ffc415c9cab0b6d3991bd3d1c183dfa778f6f50b4f128c140986890cb696de43875b

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        229KB

                                                                                        MD5

                                                                                        9f8c74166f489309efc8445d751ee5d5

                                                                                        SHA1

                                                                                        de850344be601c0f17baff012a07714907f300d6

                                                                                        SHA256

                                                                                        4ae4dc3a23b78c75bf495be00c06bdaa95bd712a211ef4d6441a82c4f65c8d73

                                                                                        SHA512

                                                                                        688d0ee6a29a0a6b38ed122ee7e2754b66e4d4c51ba8bbac4d06b41eaf0e816d49c4e8d3c704c07e29582b52a53b78d2d506316a2e700d8cffb908520ae9a918

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        229KB

                                                                                        MD5

                                                                                        ceef2679ee074b3d10d168469e6dc649

                                                                                        SHA1

                                                                                        6ac25de95e9d7751216274a5eb821a3e954a8ae8

                                                                                        SHA256

                                                                                        1627529561b9208dadb5b0b2d6930518d5eaea8fa74c77e36b2af29209ec1de6

                                                                                        SHA512

                                                                                        aa95d9879f4b452e139b5436828b2814b147e2187a37c84d69d20b9343d80b3c3052ad0546d1a114a013c814e8402869c7f763367e2af6a73f63251c28f8fdc9

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        229KB

                                                                                        MD5

                                                                                        e416d248aeda8181ca6445dadb1b108b

                                                                                        SHA1

                                                                                        fd5cac5231248db9932a0dd764d43bd204d80c27

                                                                                        SHA256

                                                                                        1eff1fb291769166bbf1418ae2480151923bb1db36446a325b70ddde5eb2382d

                                                                                        SHA512

                                                                                        b8443de2f2887cf41a29bb6320a0371f49a613014d694975820b0c885f8ef95796a35b2ee296fd8d1ee307bb1ff45b5d0c8b4ef04f8091da6c00df99df108b01

                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                        Filesize

                                                                                        229KB

                                                                                        MD5

                                                                                        53fb0721f03f0fd403de49e24d4b1d5b

                                                                                        SHA1

                                                                                        71b2405bd00f23355824ef581d77cf3dadded72b

                                                                                        SHA256

                                                                                        6da3337e2834705b7db18406e2f9dbe80d29dc0b591c5e2134c13a745f521bae

                                                                                        SHA512

                                                                                        90e4b589a909158b2409fa14a7f3bf552ee43175658c853f34605a43a853ffb6527649523f73ca6015039ef2a64a9a4857a34b7c8b15f4d24956d4886997840b

                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

                                                                                        Filesize

                                                                                        2B

                                                                                        MD5

                                                                                        f3b25701fe362ec84616a93a45ce9998

                                                                                        SHA1

                                                                                        d62636d8caec13f04e28442a0a6fa1afeb024bbb

                                                                                        SHA256

                                                                                        b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                                                                                        SHA512

                                                                                        98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

                                                                                      • C:\Users\Admin\Downloads\OperaGXSetup.exe:Zone.Identifier

                                                                                        Filesize

                                                                                        26B

                                                                                        MD5

                                                                                        fbccf14d504b7b2dbcb5a5bda75bd93b

                                                                                        SHA1

                                                                                        d59fc84cdd5217c6cf74785703655f78da6b582b

                                                                                        SHA256

                                                                                        eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                                                                                        SHA512

                                                                                        aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98