Analysis Overview
SHA256
98fa8be248d9c773ddab208fca3ef2cd61a7b7fe6a00dcebe688de48ab6518a2
Threat Level: Shows suspicious behavior
The file tetris-effect-connected-free-download was found to be: Shows suspicious behavior.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 22:00
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win7-20240903-en
Max time kernel
46s
Max time network
150s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\tetris-effect-connected-free-download.html
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7239758,0x7fef7239768,0x7fef7239778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1408 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2268 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2276 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2868 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2984 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2008 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3432 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2392 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3524 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3752 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3936 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4136 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4436 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4596 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4156 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4256 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4156 --field-trial-handle=1360,i,8378010482565482017,3058574592739888348,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | steamgg.net | udp |
| US | 172.67.212.202:443 | steamgg.net | tcp |
| US | 172.67.212.202:443 | steamgg.net | tcp |
| US | 172.67.212.202:443 | steamgg.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | jouwaikekaivep.net | udp |
| US | 104.21.12.178:443 | jouwaikekaivep.net | tcp |
| GB | 216.58.204.78:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www-steamgg-net.disqus.com | udp |
| US | 199.232.196.134:443 | www-steamgg-net.disqus.com | tcp |
| US | 8.8.8.8:53 | discordapp.com | udp |
| US | 199.232.196.134:443 | www-steamgg-net.disqus.com | tcp |
| US | 162.159.133.233:443 | discordapp.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | eekrogrameety.net | udp |
| NL | 139.45.197.245:443 | eekrogrameety.net | tcp |
| US | 162.159.138.232:443 | discord.com | tcp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| US | 162.159.138.232:443 | discord.com | udp |
| US | 8.8.8.8:53 | my.rtmark.net | udp |
| US | 8.8.8.8:53 | yonmewon.com | udp |
| US | 8.8.8.8:53 | sr7pv7n5x.com | udp |
| NL | 212.117.190.201:443 | sr7pv7n5x.com | tcp |
| NL | 139.45.197.236:443 | yonmewon.com | tcp |
| US | 104.21.27.183:443 | my.rtmark.net | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | disqus.com | udp |
| US | 8.8.8.8:53 | c.disquscdn.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 151.101.0.134:443 | disqus.com | tcp |
| US | 3.165.148.81:443 | c.disquscdn.com | tcp |
| US | 8.8.8.8:53 | tempest.services.disqus.com | udp |
| US | 8.8.8.8:53 | referrer.disqus.com | udp |
| US | 199.232.196.64:443 | tempest.services.disqus.com | tcp |
| US | 199.232.192.134:443 | referrer.disqus.com | tcp |
| US | 3.165.148.81:443 | c.disquscdn.com | tcp |
| US | 3.165.148.81:443 | c.disquscdn.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 151.101.0.134:443 | disqus.com | tcp |
| US | 151.101.0.134:443 | disqus.com | tcp |
| US | 151.101.0.134:443 | disqus.com | tcp |
| US | 8.8.8.8:53 | cdn.viglink.com | udp |
| NL | 18.239.36.121:443 | cdn.viglink.com | tcp |
| NL | 18.239.36.121:443 | cdn.viglink.com | tcp |
| US | 8.8.8.8:53 | links.services.disqus.com | udp |
| US | 199.232.196.64:443 | links.services.disqus.com | tcp |
| US | 8.8.8.8:53 | tzegilo.com | udp |
| US | 104.21.11.245:443 | tzegilo.com | tcp |
| NL | 212.117.190.201:443 | sr7pv7n5x.com | tcp |
| US | 8.8.8.8:53 | flerap.com | udp |
| US | 8.8.8.8:53 | fleraprt.com | udp |
| US | 104.21.27.183:443 | my.rtmark.net | udp |
| NL | 139.45.195.254:443 | fleraprt.com | tcp |
| NL | 139.45.195.254:443 | fleraprt.com | tcp |
| US | 8.8.8.8:53 | datatechonert.com | udp |
| US | 8.8.8.8:53 | s.click.aliexpress.com | udp |
| NL | 37.48.68.71:443 | datatechonert.com | tcp |
| GB | 23.204.229.34:443 | s.click.aliexpress.com | tcp |
| US | 8.8.8.8:53 | www.aliexpress.com | udp |
| US | 8.8.8.8:53 | assets.alicdn.com | udp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| GB | 2.19.168.132:443 | s.go-mpulse.net | tcp |
| GB | 2.19.168.132:443 | s.go-mpulse.net | tcp |
| GB | 23.204.229.34:443 | assets.alicdn.com | tcp |
| GB | 23.204.229.34:443 | assets.alicdn.com | tcp |
| GB | 23.204.229.34:443 | assets.alicdn.com | tcp |
| GB | 23.204.229.34:443 | assets.alicdn.com | tcp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| GB | 2.22.44.135:443 | c.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | bottom.campaign.aliexpress.com | udp |
| US | 8.8.8.8:53 | ae.mmstat.com | udp |
| GB | 163.181.154.240:443 | bottom.campaign.aliexpress.com | tcp |
| SG | 47.246.110.45:443 | ae.mmstat.com | tcp |
| US | 8.8.8.8:53 | ae01.alicdn.com | udp |
| GB | 2.19.168.40:443 | ae01.alicdn.com | tcp |
| GB | 2.19.168.40:443 | ae01.alicdn.com | tcp |
| GB | 2.19.168.40:443 | ae01.alicdn.com | tcp |
| GB | 2.19.168.40:443 | ae01.alicdn.com | tcp |
| GB | 2.19.168.40:443 | ae01.alicdn.com | tcp |
| GB | 2.19.168.40:443 | ae01.alicdn.com | tcp |
| GB | 2.19.168.40:443 | ae01.alicdn.com | udp |
| US | 8.8.8.8:53 | acs.aliexpress.com | udp |
| DE | 47.89.80.17:443 | acs.aliexpress.com | tcp |
| DE | 47.89.80.17:443 | acs.aliexpress.com | tcp |
| US | 8.8.8.8:53 | aeis.alicdn.com | udp |
| US | 8.8.8.8:53 | us.ynuf.aliapp.org | udp |
| DE | 47.246.146.191:443 | us.ynuf.aliapp.org | tcp |
| US | 8.8.8.8:53 | pixeldrain.com | udp |
| DE | 203.23.179.11:443 | pixeldrain.com | tcp |
| DE | 203.23.179.11:443 | pixeldrain.com | tcp |
| US | 8.8.8.8:53 | 3802ey.tdum.alibaba.com | udp |
| CN | 124.239.14.252:443 | ynuf.aliapp.org | tcp |
| US | 8.8.8.8:53 | stats.pixeldrain.com | udp |
| DE | 78.47.86.208:443 | stats.pixeldrain.com | tcp |
| CN | 124.239.14.252:443 | ynuf.aliapp.org | tcp |
| DE | 203.23.179.11:443 | pixeldrain.com | tcp |
| DE | 78.47.86.208:443 | stats.pixeldrain.com | tcp |
| DE | 47.246.146.53:443 | 3802ey.tdum.alibaba.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| CN | 124.239.14.253:443 | ynuf.aliapp.org | tcp |
| CN | 124.239.14.253:443 | ynuf.aliapp.org | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
Files
\??\pipe\crashpad_1880_KJSHQSOXHUPNSCHR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dc2077975449465d88e6fc4c1653806d |
| SHA1 | 7f9ee58348b3dabcae6cc65fc28b45191f82b7c5 |
| SHA256 | b9cf87e60265647981b55b031850adf48a5e8935e6d1dc2a09781b7bd06787ad |
| SHA512 | 1c9ea5497bf5ab74fab4341850a5aab3b994d3442423fa3538ae7bfd806a76ecbd8cfc8b416beaf0da4c029cf783f35d1614816d4adadd095834de5f94ae30f7 |
C:\Users\Admin\AppData\Local\Temp\Cab4AE7.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar4B09.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fb464af6c1922c6dbeac470666df7390 |
| SHA1 | 817be81d3e459d3726443ccaddcd82d6acf1d083 |
| SHA256 | b3dad4d09cb65a6d541ded851a34e1361372975796506c731028c28c84d6f6c3 |
| SHA512 | e513378f83bca81599a1d5cebf2781b2fb38e6ce193f39808c203a6a8c7ee618f2312d8cc334d6c685fe7a10c27636e46f6b60c4719fa6b6dc80d5e20076488e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf774e30.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9900f10d6754d344d028e1b9fa64480d |
| SHA1 | 44a91710e8f34386aa666f6feb136663ec99b8df |
| SHA256 | 8b864853035fdf8ef1bb16f743030a755100fb32a7dd9b08c4acc03bd395999c |
| SHA512 | 0dee39b4a6c00e767e8f5774797507558d14bd285fcfd721b3360cb896057ed369f133f3072d082ea04b0ba64978e960ed409f58fc9e119b4265333a595239fb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f549e41e2db785a555f69ad652484e97 |
| SHA1 | 9d18517a4cafd938e0bae7979a604d6fa5878bcc |
| SHA256 | 83b5700155448f5d65b7eddf86ca54de10dadc3400da31eae395b0137409b948 |
| SHA512 | e6103531829e265897d9720abd4ea53b3409a5f0c9658577c34672d24ae01d3214f3c49070b52ca7dbe0ce8b5c8246249164fe0f71aec8d2c4681cd7f0098c23 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 69dd7b9953b7ae5659fffeace0dca401 |
| SHA1 | 160c9ee6907bdce42d704ec503af8d01278c3fa4 |
| SHA256 | c3791266c358d685a90c3873e1631e7b32153dbde9d13f7b009f0d3bdedcfec0 |
| SHA512 | c962e1258c91223282159211d277a898877ce62abf397bb2ff01aa4acb08d36a21b6c40c2316bbf5e607b490c34773ed0e40690700481f34acc0979ee9b9803e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c9d42dbb9ca8378452ffcf8e3e35719 |
| SHA1 | efe3b8f2824925b431dfb68262f9c3f26724be0e |
| SHA256 | 2d68d8f5232a70d034dca656b801792a4a41a6dae0de0348e96bce48f9a8afc0 |
| SHA512 | 53e1b39ca06430882c4e396ebd7c03056f7d74c3c392d636851fc4ae731985bdb68e0aa6507df79a50d2f89d213d5468c655e33359f1098553b1e75209a79683 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d8d58c67c0674d01bc454b4094b5ae7d |
| SHA1 | 07ea8de2b7fc852b1858d2920cf2c783460e585a |
| SHA256 | d92eca8b027061505005a7929bef4265644535b76882e3197cdcc1ceb19759c5 |
| SHA512 | 0638dda3d06f46c75b45321e96a455d4c82824a19a65471ca19099793b492a694fb90487001180dbdb98b5aea81273c81520c6b5fa3b0a92bebb378b5a4e2dcb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c45ce66b301a072a8edd8063ebc3e014 |
| SHA1 | e4e975c3eca29511c882433a08e7596ec4f69e80 |
| SHA256 | 5d9f6845866ce8d343c0d66db23bda1621e923dd07f621a05db9d124a7f31f6e |
| SHA512 | d34e0ba40db0123239476fa7bb711b68b9ed5fc55ca692c01f86b45509aff3d50389046292dab7deba46f5a03889228d2d13178184877bee9f87bf2a1e60a395 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b4683ec3e2c9462a83108bc4c28f5236 |
| SHA1 | f9c8b4898c8ccb99f99546e26a04d26f54bee869 |
| SHA256 | 8392b321673199cd93bcd557eb7167cc2cf9afa1012437aad4abcc7f2b450edd |
| SHA512 | 5a3632200337c678224fb2d73f2607e86669057592271f521e27da4be7df20351a45afa3b6e4bcf4b581262698f09a27b9f280bdeff957c9e059f3703d1967c3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | d31a45ec315047f31f6de8c212349253 |
| SHA1 | 78336aedd8b9d598ff61e8ec3051ede080130d72 |
| SHA256 | e7314a9cc43aeb9fcb0f639d5b3ff66b8873c7e14b0fa94cb3d95ea6ce0a1b2f |
| SHA512 | c9334f4355d3e76538767a5bed987beb40d0f8108255d1112a42f166807530c1678b41193e154a5d9556f74392a3eec7ac9b378b2271eb8fcda537f5a7df020c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | c5dfb849ca051355ee2dba1ac33eb028 |
| SHA1 | d69b561148f01c77c54578c10926df5b856976ad |
| SHA256 | cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b |
| SHA512 | 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d5aa84a0917c034ce073089181b56947 |
| SHA1 | b0d2585891d2bc2bc7761df3fb2d88d64b82cc82 |
| SHA256 | 4caa956b816f953254545daac0664f7875dd5daa79f8f04e0773b2edeb9b7e8b |
| SHA512 | d1ce92b1134856aa49aa265cbbbffc8ebe4b8c7b7d903edd4a37159d10f295aa31a529afe12c5694b69b8b99feefb9f844ae63bff42a7101bed843f3d3b68808 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8df816d6e056b1f28ca9679545a1791a |
| SHA1 | 8eb7ee9c7ec71b3b527fcad298db09947776ea3f |
| SHA256 | dd63ae8501d84c8516cc92aea88754104f943a127cfe87f0c87a3311cf25d07e |
| SHA512 | c61aa00f42a27ecc25021cfd0ebf722f045c5a095852cc0f0ed7886f1df8354c06eefa5f6ca22cc382afd1bff0679ce303e2ac07c714ddacb6085b6c72e0c436 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1c23fbdc10aa87f76807535b2199ab7d |
| SHA1 | f26287f5289b0a74c8d0bed0d4b9c57cac8b9682 |
| SHA256 | 19ea0126179a6e445af52b7ec5ea667ea0aaa7296cbb869e75ab4819ec04ae39 |
| SHA512 | b8b51d067b95352088b31a37769b842afbd589af2042b3f9c6d635d6d4b2908595c9e20cc48fbedb7209c8db6446e0ad4819c44bda8c9530dc6b54b60fe296e0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7f22ed0d1c5b1fea15ee22c499f7dd81 |
| SHA1 | 8b31134f096a0a4a5b1d9e9dd8b0d606235f9f64 |
| SHA256 | 7305a0164e62457962518fd3c5a0b3bcf49c3867d2dba76b9615ce7a55e0fc64 |
| SHA512 | cb516f6f0790b0c93ba3352a9b78bb102905640392651675b6c7c4783ad18e79867861c6ecdd63d33d789faa3e3414dad7a681a0117bd11153cb18b6bf40072a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b89111173236b3167bb99519e99f815b |
| SHA1 | 6e2a4e001ff13a5f4ea6379ed413c7f994fda3d7 |
| SHA256 | e4048e5e8918d17c66d2a439739e0e1007dd8dc81ff2e3988c62c1b805b5e3bb |
| SHA512 | df1c0b3b47cfe8031a0ad051d74aa1023d7a4f26893f8a9e783e2e156fda2ee841bd8562dfb90729b15b4ec08654f5778968295554fe0dc81e342fa433578fcc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f5d5d6fca83e7aaa1592e738fca824ed |
| SHA1 | c3d6dc5070f04cf235111ff3bc1d258d6f1e999a |
| SHA256 | 01a08b4bee1bce7c78dd470e2d1492111621614f5192d0891164f86affeee174 |
| SHA512 | df3e4972f345daee8b9822e68202a844a259ba36f8221a9ca676ba7eb9f4e64efc1742cd77ccac51202770c25a47bc487644eb53b9a561f4db307fe32f90837a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | bafb69ddecb0503549048360c1a6f021 |
| SHA1 | ee6788ad050e1c878a212f0e5834646e032905c1 |
| SHA256 | 850d9ce56057fbfabefb2f70be51265e6b8b909c473385dc0e0aa0d3ff5a33e8 |
| SHA512 | 64900d924e569d34f46858d62b9c88b08eaf937d9fc62830548042bbe78c1745196a85bdfe36bf53633f212dd0cce0cbe799f6fa0e59279f8356c3c42a59ff9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 01cc7b069d01bf9d78c66cb16bd9f034 |
| SHA1 | 273a455855e931f680a3ce94b5d6f2bece938c9e |
| SHA256 | ab55c81beb313e9499765c6b81be452cb30006dda5705cec1e8128b833267aab |
| SHA512 | 1fb1dca3bb4bf87da1e2cd1ec20eb64d118190b9ec8f7c0a730e61f2cffd914f58adc50a80304b7959354837840afc204f39f14c3075ad9053fdea4b61ee2f6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0a5e90ec36ce7e68f2b55b9b852a1f97 |
| SHA1 | 623ea93ec2c107cbaa19d0afcef99300ede745f0 |
| SHA256 | 5e49af3648dbb79b7e9351d5b229594cca6443e89b8b8a1a5c6a3a7dba00440e |
| SHA512 | 6ac71870781805787d5711e5bbbbaa2274df298ae0cc62408b5d47eff478e6c62fb9a3fbc25900c275ab6f7f78c77dbf0b8f0b195a13710c2dbd57e8213e5d40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7a166bee15af3fb2f3c4d9137260bf09 |
| SHA1 | 0d2efaee8b4710fc142e473980c6d5cfe35390d2 |
| SHA256 | 844ba3f923aef18ce274be9230348e8fe8accefdc933248fee82ebc50e42a97d |
| SHA512 | 11d48030895274d4787b0fed760febb14e706eab6022973077c85ed6b7a2da128854b7b01f4a7a2715a260ca013abb14ac91b4c3c85fd1a83633496d67a4abb8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 619babadba191f354e5df2bfc06d1dbd |
| SHA1 | d6ee58c595bbf7666b2bcd421f8ff375d273902e |
| SHA256 | 640b4da0ad305ce260d948233197a288c07b12488aa45b7696a4daa5c341c590 |
| SHA512 | 12fc3040b8da4768d96e2784d8bf2783564a97ad9e89ffb92a69148f82c2eb4c13212ce0d88262427e321c7c13bcad0d37d54f5959fceee6bf448da2839a9cad |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756632721028102" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\tetris-effect-connected-free-download.html
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc5f30cc40,0x7ffc5f30cc4c,0x7ffc5f30cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1636,i,5732417236483169626,14302720022203873639,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1896 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,5732417236483169626,14302720022203873639,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2160 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2228,i,5732417236483169626,14302720022203873639,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2416 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,5732417236483169626,14302720022203873639,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3164 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,5732417236483169626,14302720022203873639,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3204 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4032,i,5732417236483169626,14302720022203873639,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4568 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4404,i,5732417236483169626,14302720022203873639,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4792 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.65.42.20.in-addr.arpa | udp |
Files
\??\pipe\crashpad_4840_YUBLTPOEBLDJWYAC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | a2ce2dac4c6ca0e476133d60b6b9a2db |
| SHA1 | 2650e098038581f15b636ab43f829d1611b57c5c |
| SHA256 | 886d365e4a05a0e4e22051eee7162fee909efd56ad9e2b273ca1f027960f27d3 |
| SHA512 | 42ca268551136d460cf9bbbc5d60a98db3ecc36fc6e11e39f55192d4b9ef508d5f90740d95dba16a010323b7a148d55199b517a21733087d73981b5e0710fdc0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | da9e44829c4661cb1f415bff7d0e66c8 |
| SHA1 | 8e3475d8d99294dab7b013ce9880fbd5505f658f |
| SHA256 | bec24d52a2420621adf647a92e11348c8d13b7d6ba4b51c55652702572f2cfb3 |
| SHA512 | 73400e34a4c644467e0575b3b4bf8159a2f423ac0b02d6f55dee0a917dfd87196631599f14ef343e2d506f0b456361a62ff1fe448f691db74cb0d21c55bd7646 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 51300042ec97270f05b27175071fa8c7 |
| SHA1 | b1d037cbe6723744244a27178498dfa1d3e4368c |
| SHA256 | 0164bcce4508ac1856b2169d4766fdfebb32a6e5f8fda100f0c76a7a58d8b731 |
| SHA512 | 38dcf426147c355acace299b75d432c5b072fc1ed8957632a7bc3f992e782e4df92c1544d00989b7a67424b4a8d2f7234e479a72cb456a0258a108347e977099 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 41afccdfdf875abf9efe0abb94642638 |
| SHA1 | 7a0846403a2f3e9b5c023c9b68a388ec902a0959 |
| SHA256 | a5ab2d6215bf05349b9ef3c78dcbcb57a7d36fa5a0100ae1899c0f28e633d485 |
| SHA512 | 455dfb9742d8af746ea8fce1bfaff02c94669961135e855fc18b1c227e9d3659552ec16e19a46265ac1bc328c252ef4d9bf6becdf5bbfaaa3d76082ef72e1ce1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b2d6de5eb6310eea5230302ae96ad9c8 |
| SHA1 | 69abd1fecd1edf811683296e3a3c458b6598a975 |
| SHA256 | 3a9d224d8a5be0761b12a42c15f4217673fa9897699f272187b0f79dcc04c754 |
| SHA512 | f315d14fd0f0c41795b18aeeb2316f3c7b2cc9ae02d171efeb6be30e3006c04e1b9188b6b29acbd2edf083c42e552c14636e0f097e6637b48668bd12d3ba6bc1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3ef8b0b6ed1a8d567ad71c238d1d766d |
| SHA1 | bd2283042bf887e72cb961828ee45a15b53ffafa |
| SHA256 | 2231920b311314d479ff3c2ab193c326dd2380a878f1e7f14a9c6c933e6336a3 |
| SHA512 | ad1ca4cbf8b981fbe1fcbc6fa039efd37e7f6039b37f1a2f5bb361afd5ae3909b3b11027a9b414bbf5ff69f7cc34f3665f9fd791b5e48f817f345735988e891f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 21ed4dd8c7927fd53aeacd30e64bc6b6 |
| SHA1 | 8ab6f52880dd91e6b2647bafd3d795b1a152bebe |
| SHA256 | 2a3a833b8ed772383b37711aa1799c9635c1b7d016967296ce5f17a274279ac1 |
| SHA512 | f57133daae59223125ee9bfa93289decff5e682299609773e0da8944b11ee7d452cdf2f79fd089045cddf8a0d107fc45481a88478cdee0ff4cfbd77a24636f5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4cc685420a7457f0a4582d76c19d6e4d |
| SHA1 | d8986720aaccbab46d25d672efa2b35d9c47524e |
| SHA256 | ab3c973eb49a4d6de5c7a31f3a3367ba8aad5c76722f9965b4b48b84eb7f4e35 |
| SHA512 | 8cc70dded454d5f6646db42d54489d4df47e1f62f7b5040b8638dd1f4040b7c6fb21fb7e3ef32bb9002a82353d0de504e7b237c089ec8bec9a90cb63ab087fa5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e4d21b23cda1ebca45b3c8d8dab8b9b0 |
| SHA1 | 0e1f39cbb173792f5416da3a6b0ed030a12b5f85 |
| SHA256 | fb76237076cba610ac5edab8155c442c15b199c7c3abc70b05878652ff2e883f |
| SHA512 | 8571c3e135640882ab21c7e26f0e3ec08e5e023d7a428c7d0fff40e238c6e13d68734eaaf59f56e1e610e258aea3fad388f2627bc19e038c55ed28abd4b8494a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1afa72db-085b-470d-af30-d23ad43e0a06.tmp
| MD5 | 7a189226f80900514333d886e6f92f2c |
| SHA1 | 598c438fe45af3df5931f62207eb154b363c0c4e |
| SHA256 | 3fac46d47ce21b8793865d118a4f6f983f27165313541e47b6ded22c427cd390 |
| SHA512 | e7015ef9823cd26f37a441d50910af071b126f76cdbc30c355840a0742d60b236721589da5a651ee2d0d69f7aa8cea7236cce03f3fe82006f0d6b8befeaf0055 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 90f74e1eb2d463ffe9fe584f18c68169 |
| SHA1 | e69ca31c727167f9c3347cf501e184e52c1b3d65 |
| SHA256 | 714452ed201e544c2e97d8463a280e984e41c7f78728b07b42d9876b95c05e51 |
| SHA512 | a36a66f37237153d33efe8b16c76ad273ff7199bd100f245fad92430168d2d9c5c97712bff8f744a8ea46e957c9255c3a8829011c22bd1c273c7cc629005c7fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6ecfafcb0ae84c99e5f926ba3b925660 |
| SHA1 | d09696698efed069ece7b925982c55b7f0efdbf4 |
| SHA256 | 431b812d8121f6d7257de5775255755309fe025cf68e03e30a9b9e2609079d74 |
| SHA512 | acc2287deda40607b2d9e372b5de736bfa6f10f62b2e36cf389c197ffd477c7eaebffc239515766750f648a6a23793b622f058046804879434d6cf86af40c504 |