Analysis

  • max time kernel
    1062s
  • max time network
    1688s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 19:17

General

  • Target

    sample.html

  • Size

    19KB

  • MD5

    a0d960e790eb958c0268e49cbe02c11a

  • SHA1

    31f89a03a9ed52aa563cef777ceb1c28d1389448

  • SHA256

    9a19ccd8eed0a74fc973cae1023cf0436813f9aa16279761a03c0ad5415c1f85

  • SHA512

    e832bf8e4e6462e83d4dd3ead227d55f05aa820eeeb24a5156f43948cab8e4ecf3677f14e3dd27993a79f655b00a091b9374536b30dd711f217d9d0cd2781ec1

  • SSDEEP

    384:M3My6Wspa1ocy4p4lbGa2MvhpNKZQif2b7nBY0CO/+fN1xCejiw:8tF1ocy4iEapJpN6QlnBY0CO/8LxPiw

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 2 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 6 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 53 IoCs
  • Suspicious use of SendNotifyMessage 32 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:576
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef72b9758,0x7fef72b9768,0x7fef72b9778
      2⤵
        PID:2472
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:2
        2⤵
          PID:2804
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1424 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
          2⤵
            PID:2824
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1592 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
            2⤵
              PID:2700
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2104 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:1
              2⤵
                PID:1508
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2112 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:1
                2⤵
                  PID:2592
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1384 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:2
                  2⤵
                    PID:2088
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3012 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                    2⤵
                      PID:892
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3040 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:1
                      2⤵
                        PID:3036
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3384 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:1
                        2⤵
                          PID:920
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3860 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                          2⤵
                            PID:808
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3980 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                            2⤵
                              PID:2292
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3048 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:1
                              2⤵
                                PID:544
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2356 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:1
                                2⤵
                                  PID:1772
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3320 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                                  2⤵
                                    PID:1800
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2000 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:1
                                    2⤵
                                      PID:2440
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=824 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                                      2⤵
                                        PID:2580
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                                        2⤵
                                          PID:2864
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1600 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:1
                                          2⤵
                                            PID:3040
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4124 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                                            2⤵
                                              PID:2252
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4192 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                                              2⤵
                                                PID:2292
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4240 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                                                2⤵
                                                  PID:2616
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4184 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                                                  2⤵
                                                    PID:948
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4368 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                                                    2⤵
                                                      PID:2344
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4412 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                                                      2⤵
                                                        PID:2352
                                                      • C:\Users\Admin\Downloads\python-3.13.0-amd64.exe
                                                        "C:\Users\Admin\Downloads\python-3.13.0-amd64.exe"
                                                        2⤵
                                                        • Executes dropped EXE
                                                        • Loads dropped DLL
                                                        • System Location Discovery: System Language Discovery
                                                        PID:2564
                                                        • C:\Windows\Temp\{9C17E7F1-F27D-45D0-88F2-9BBDFDCA356D}\.cr\python-3.13.0-amd64.exe
                                                          "C:\Windows\Temp\{9C17E7F1-F27D-45D0-88F2-9BBDFDCA356D}\.cr\python-3.13.0-amd64.exe" -burn.clean.room="C:\Users\Admin\Downloads\python-3.13.0-amd64.exe" -burn.filehandle.attached=180 -burn.filehandle.self=188
                                                          3⤵
                                                          • Executes dropped EXE
                                                          • Loads dropped DLL
                                                          • System Location Discovery: System Language Discovery
                                                          PID:596
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4336 --field-trial-handle=1288,i,10350430663250886864,13986829496186055005,131072 /prefetch:8
                                                        2⤵
                                                          PID:1820
                                                      • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                        "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                        1⤵
                                                          PID:3056
                                                        • C:\Windows\system32\AUDIODG.EXE
                                                          C:\Windows\system32\AUDIODG.EXE 0x7c
                                                          1⤵
                                                            PID:2920

                                                          Network

                                                                MITRE ATT&CK Enterprise v15

                                                                Replay Monitor

                                                                Loading Replay Monitor...

                                                                Downloads

                                                                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                  Filesize

                                                                  342B

                                                                  MD5

                                                                  08a576971f3e59306e8efd5966db93b1

                                                                  SHA1

                                                                  3e1f9ca239c8439025e5a005e3b092a57f05f2ea

                                                                  SHA256

                                                                  4393c787116c1b8c59b15e0ea194e25f11141669b3b9705da064f2fe7cd034c0

                                                                  SHA512

                                                                  5912eb6f350bcb37cc058eeaaa5e1ada70f1ffe9b7e2d00ecab3f0592c4437efab2302691f2a1feb381a6720abbc7caac60b47a7901e22246750620407b533c2

                                                                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                  Filesize

                                                                  342B

                                                                  MD5

                                                                  4656de780cbce372999841000430df98

                                                                  SHA1

                                                                  a4b651000b74882728712595916c2abb6bd45cb2

                                                                  SHA256

                                                                  dafdd443428d0f0dcba2cef50dd736e05e76eae0c1e2d8fe78c287062dc12e53

                                                                  SHA512

                                                                  555a80a7cae13378e707fda15598bf5e01c44bf50a1d07a0db8db57ac3992f82ab9dde15b1fed31606e67ecffb6c104caa168be90d6f3838c0801adb6a1990a7

                                                                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                  Filesize

                                                                  342B

                                                                  MD5

                                                                  c652654db7f581f7362f376e9417420e

                                                                  SHA1

                                                                  d737dbedde0e7ad68cddddcd62e6cdb6063eb434

                                                                  SHA256

                                                                  f2e2632a97a72191a7695fa137af7ef61d8d81d97b0e50e93edca032c8f7e417

                                                                  SHA512

                                                                  953809e42ea201a9f9b4baccb52f354900c358ccbdf6794d25bc24a954793cb9f391799cfc65283eaa28c15263f5d7e839c18bb1bdbff1fa2a39b1a430c46aef

                                                                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                  Filesize

                                                                  342B

                                                                  MD5

                                                                  414e6356881b624bdd2964a3044291e0

                                                                  SHA1

                                                                  b54763bbb18bd4dd2841ca89057457f3f505b596

                                                                  SHA256

                                                                  ff360ef36383f3874782626ff72f438a7ea7d5067c56d5743400511bc7a7e45d

                                                                  SHA512

                                                                  3d14377f2bf692fc5b633ea6e21c3d75871a4f265dea0a6fc2e2088a9175ea2db86ca291969de45ee53473b4166b6d3dbbb3c66d90826a97adaba8e7393888eb

                                                                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                  Filesize

                                                                  342B

                                                                  MD5

                                                                  08ede945ba30dd303f6b18cf3fa99562

                                                                  SHA1

                                                                  5dd28e45c1516fe5dd2198e1a67c894688e74b10

                                                                  SHA256

                                                                  b12d80828c43837a4969a56409b038f11ff701e41e790f95971253e50fa22b22

                                                                  SHA512

                                                                  dfd3dcf9dc8c3264825922a5f8db24669d797a87ae8ee3db5a279f52c6b78a9716de6bb353e4adcfe780780b553ab29ac5172bfac6b360d48e74508f2c8b736b

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                  Filesize

                                                                  2KB

                                                                  MD5

                                                                  691f03f759879def79085b9c0d32055d

                                                                  SHA1

                                                                  70bc5243e883502dccd19edb9d744e587901fa3b

                                                                  SHA256

                                                                  a009af33ece46a74d19e003d355323fbc5680ea93802652373504d8ffc81078f

                                                                  SHA512

                                                                  969068b1e176e0d5294921c12946e9c527c44fb604369d30685ac444bb60aee8597f69270c9d1c4b87628ca8fe292a4c67104a7e105936d89398886637ffc68f

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

                                                                  Filesize

                                                                  16B

                                                                  MD5

                                                                  aefd77f47fb84fae5ea194496b44c67a

                                                                  SHA1

                                                                  dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                  SHA256

                                                                  4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                  SHA512

                                                                  b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

                                                                  Filesize

                                                                  264KB

                                                                  MD5

                                                                  f50f89a0a91564d0b8a211f8921aa7de

                                                                  SHA1

                                                                  112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                  SHA256

                                                                  b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                  SHA512

                                                                  bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\050b065a-0adb-45a3-9740-2bee16bff7dc.tmp

                                                                  Filesize

                                                                  4KB

                                                                  MD5

                                                                  5b2c1067adf7311c007cd4563bebf33a

                                                                  SHA1

                                                                  1d9405911706e49f9ccedc36f4999aefa67e96df

                                                                  SHA256

                                                                  c3110e304f93712ab2a1ae6375be4b6830babbcf8dbe356100f45cc1e7b9f9e9

                                                                  SHA512

                                                                  093d38124b100a7eb20697b33044c10bdf7eb6d43cea9f0f97a8f344a5fafebadd5f3b1c58eb0b4a3495548f2bdb989f8d5ca1370c77c607e6cc3d035e09e819

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                  Filesize

                                                                  2KB

                                                                  MD5

                                                                  a318973e26f1a8993dd88d5607aa70f8

                                                                  SHA1

                                                                  ca253cf06591bfc302563904c1f9a7abccdb6410

                                                                  SHA256

                                                                  4c500166b2efe9880024601032491dd2b0ccc8f32532615f4d081bc3c66daee3

                                                                  SHA512

                                                                  038c3d6429c20e31c72a2d81e7754b6ac2e8802e49afe04ed2016a23638df180355c85d0888a4ffa050b61effa6efb1fd3af1e581ae97ef88486d88b3f33c038

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                  Filesize

                                                                  4KB

                                                                  MD5

                                                                  1e1223bad578e0f31438ad5154c75e18

                                                                  SHA1

                                                                  2128b905119bb4af37d16a0b1754fa2f31f42bc3

                                                                  SHA256

                                                                  7dcc20bf1cd63b3de329e4cc7aeeb50069a943b358c27e69cf101da6404e5204

                                                                  SHA512

                                                                  7f7834fc2d44e8e81059ce601e3afc473a24bd79b5872d99f8a40544da6b1b651c80909c8e6097455bec06a58f0132ab55e84a4b3fb67030e379bc4679360095

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                  Filesize

                                                                  851B

                                                                  MD5

                                                                  8b3346a6c1e662e38244f110b64b3e0a

                                                                  SHA1

                                                                  b2a750c908a8a6ab9656a6cb95b033d061bd4b1e

                                                                  SHA256

                                                                  be7284159826b9f84a1f17cf54b86e0e064c2a9c710063a537ee6b1d6b994718

                                                                  SHA512

                                                                  e9e006b756b1983310945dc883bcb7e0a26c15e498e86bb5f7cd7eb33aba84c405bfafc9f0bee62b2d9d426f978bffd7d1ce81a685d1ae8c58f23cbb7e02b148

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                  Filesize

                                                                  1KB

                                                                  MD5

                                                                  c8cbe39307646859195ed324bb950bb7

                                                                  SHA1

                                                                  c124001ee45011873c7743ba88ea5cf6938f8580

                                                                  SHA256

                                                                  0364f2e05f3b708189eef9269383670ba0847e7c57331b2cc80a5d2d7f518976

                                                                  SHA512

                                                                  7df407801996e95e116b3e77d54f923d52be5a64b7249e361a9e119f51cd5152ecdb636eb2ccce05012c9773498dc677c807c7990447a696bc4a19a8eaa5d474

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                  Filesize

                                                                  851B

                                                                  MD5

                                                                  7168dc6b8cb8631a9d375b993a1f9389

                                                                  SHA1

                                                                  752cc9925806abbd9484ec8a4fdf5853b1ec1706

                                                                  SHA256

                                                                  17db10b7fb419dc8a0f809261217d6e01768632429d5c4cccd0ab4036f801cfa

                                                                  SHA512

                                                                  a77b155713e43d419656678aec71ca1fe20e75b476dec5480b369731023cc9a658963caba3aadee9a661901dc62257640e807385ecd0618584d32832f5b2e9e6

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                  Filesize

                                                                  359B

                                                                  MD5

                                                                  7b7c2d8ff33b467831cf4ff656aeee52

                                                                  SHA1

                                                                  bfbe44c5636fa5d401a6dffdb4f1ee661b05de99

                                                                  SHA256

                                                                  50d60055137ccc061e15f1c165896210877fdb13d715c7ca14722debd5662c91

                                                                  SHA512

                                                                  c47296cad04a5870b16f11696e2cecbc4a40e069c49675a8160c86c603a876a27cada2bd694bb1a66d8bc51b7b92e5ef59f0ad4bd2576378e9d64be57095f466

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                  Filesize

                                                                  845B

                                                                  MD5

                                                                  acf40ac16dddb1ce7ca1ce199ecf1e5e

                                                                  SHA1

                                                                  0563d6a9202ec815f9818c5684473e84ce7d171f

                                                                  SHA256

                                                                  84bbdbb8010e3b7d2e9d7223c3399967e0f517351c1522fe4b34878508a01a74

                                                                  SHA512

                                                                  81d3cd7e6c0e9be1880249d05bbcd6a7ccacd2c59e51b9c353fbc483cc4f4c00a98051ccc5028c6637d6424e8504d669629a9a266d295c63e68998d8f06c7b24

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                  Filesize

                                                                  845B

                                                                  MD5

                                                                  373efce4605a41849d4c320fc6be6b2a

                                                                  SHA1

                                                                  0a3326714d3377bedcc2c28732cfd50156a08ac4

                                                                  SHA256

                                                                  0e2239c16db36a02a72861b5396e8b638e539cd8ca7e80151fdf3ee25c14c873

                                                                  SHA512

                                                                  9731c9b80e4ada3f94c4c55acac1f14607eac42ca2d0700258a8cd16e1b16c8b52a80588aa42b27d1cad0f83f3dbbff1ac1e901c2d213930efb394002bcdd980

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                  Filesize

                                                                  361B

                                                                  MD5

                                                                  6bc6f91e2a5c1f3fd5d0c07137567e73

                                                                  SHA1

                                                                  41127c689363f9263695ade09e453e5787daabab

                                                                  SHA256

                                                                  2a53e59cf6d18a573cc6f57883983818f1ebd15b1e09f7fe53514d70f3162fb1

                                                                  SHA512

                                                                  b6769c628dfed592ea4b7b24ee7cb2c219d47f6445d95a34dd57d834bc270edec28a618281a8e7471538550d8dc914360492c38a47de76fb9aaaafae2999a634

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                  Filesize

                                                                  851B

                                                                  MD5

                                                                  c46107537faa86a28398ad43e1526bca

                                                                  SHA1

                                                                  f118436a8f23be9658e7f856828092a2454ec75c

                                                                  SHA256

                                                                  80783a9d83571a30cc8fe75f51e3856d0ba50aea7923d405fb96d1e780cb6cf2

                                                                  SHA512

                                                                  9032b6b75a062e83140160e0f5824d90266a5df90563ab698c645751978151fab7f2fe120cfa77ad0157982a89e4a9ed869b3e4d8d97968ee95d9a24e7607aa4

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                  Filesize

                                                                  6KB

                                                                  MD5

                                                                  deda5214bda941530e0ea7eec527a4ad

                                                                  SHA1

                                                                  32bbcd9362b4a53ca8c7bbecb2c8aa2e5f1e4734

                                                                  SHA256

                                                                  ef5134320830c4c70139b1c6b1ce92f16d94acc10fd630afd588327b4388333c

                                                                  SHA512

                                                                  c959ece5984f2df4559be9c063aca0bf7d8aede985742c24314ba2bdd4bd4d79b220d5e8b67e1c96ce83f4815326bd0f4e763e14894f1f73210712d82b36f757

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                  Filesize

                                                                  6KB

                                                                  MD5

                                                                  2bf1f07767cfa4e9528d682ab26f9edd

                                                                  SHA1

                                                                  fb59927e893ea86ca8465e4e1f2d93e8aae40e4c

                                                                  SHA256

                                                                  0fb8bc8abbc1108ee543ae409237b1e9abcedacedd14363ba64acd6d76a85ff0

                                                                  SHA512

                                                                  015261a2ecb6e357ea27586346f14a5b5cccc2feb0fce8b0e38f4ed1622d22b49cae1d7f45916d5457d4949ed2e7331a80daa1988a05441e0d7bc87ef67c2a6f

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                  Filesize

                                                                  7KB

                                                                  MD5

                                                                  421cd4bc13b4a9cc1586ecece69d7579

                                                                  SHA1

                                                                  2b6f8c2843e17a607388129a804bf22c233d0fc2

                                                                  SHA256

                                                                  e5670896d3882761db40e6ff610e844a4b309ce2818740465319243d3c03f0dc

                                                                  SHA512

                                                                  8a27d61d7a4751c4f3202f9f7d4ce82ce716ea238114fe285e80894c4399a0d4c4a74dc2f0bc287e6f665ef9ea0f677c20cdea3d57fd2e4094a1a6f0701d81a7

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                  Filesize

                                                                  5KB

                                                                  MD5

                                                                  7f727f38517d5e22178a3c325161bf1d

                                                                  SHA1

                                                                  7eff3d40eb6353a83ee9cf34aef1c9d78a8dc5bb

                                                                  SHA256

                                                                  9f1bd232ac0a230afe3159a3f1c7c939be0965185b671fba297bda5f82c78e06

                                                                  SHA512

                                                                  076177fc4264baa75909a57bfd88e8f11a26314554934f7315eb73120bc0bfba50f8d50ce3530725a8b699c2c3d5d97ddd419508da05b940b0beff5b876a13ce

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                  Filesize

                                                                  6KB

                                                                  MD5

                                                                  679c2a650b80397937eceb1898cef34c

                                                                  SHA1

                                                                  024a6ea9ba1b069f0c8dc36ecee0be835e885111

                                                                  SHA256

                                                                  8b4ea3552e0e9082d7dc3a47e3817a882e14c044a54c9f0ad44fae444e2277f3

                                                                  SHA512

                                                                  c183d8e62e1d54fd4149a0bd5452b69558c3c037c92518ed0256e687d39670915ff7ad1219d4b63567a2244365ef25c3c1be0d1278bddb026296413fb709820a

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

                                                                  Filesize

                                                                  16B

                                                                  MD5

                                                                  18e723571b00fb1694a3bad6c78e4054

                                                                  SHA1

                                                                  afcc0ef32d46fe59e0483f9a3c891d3034d12f32

                                                                  SHA256

                                                                  8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

                                                                  SHA512

                                                                  43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                  Filesize

                                                                  74KB

                                                                  MD5

                                                                  91f5850bb80cfa289e1492819def929c

                                                                  SHA1

                                                                  8cb5b22f885eadb9aea8226e5b4062a0b51b2a85

                                                                  SHA256

                                                                  62dbe7a93dfce2af6185f753893530407a29f3e3475fb808dbea3c21f1024d62

                                                                  SHA512

                                                                  34918f1d4cfde5339ac079d02795d179b5a8ac749a38d0faf292fc1fc29071cb80aed454451dd76bc73629ee61e50ab9e7779180e8f01c9b609e746963576fea

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                  Filesize

                                                                  81KB

                                                                  MD5

                                                                  b8b2c22c08c686f3c6cdb2276aaba85a

                                                                  SHA1

                                                                  39fa3740642cdc997e05b3d8ccb3e7a3169c0d55

                                                                  SHA256

                                                                  731e6ec0c127f070ac495b03b5b04f1d841f0fedaef3650ce1337026cb587ee2

                                                                  SHA512

                                                                  2464600c1dace112163c0d08a92e379f7233ff281449bc1e59caa8b3acb815635b0ba479d09d7fc2781c2ede689db824d483f4aa139f70554f265b69f2c584fb

                                                                • C:\Users\Admin\AppData\Local\Temp\Cab674D.tmp

                                                                  Filesize

                                                                  70KB

                                                                  MD5

                                                                  49aebf8cbd62d92ac215b2923fb1b9f5

                                                                  SHA1

                                                                  1723be06719828dda65ad804298d0431f6aff976

                                                                  SHA256

                                                                  b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

                                                                  SHA512

                                                                  bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

                                                                • C:\Users\Admin\AppData\Local\Temp\Tar676F.tmp

                                                                  Filesize

                                                                  181KB

                                                                  MD5

                                                                  4ea6026cf93ec6338144661bf1202cd1

                                                                  SHA1

                                                                  a1dec9044f750ad887935a01430bf49322fbdcb7

                                                                  SHA256

                                                                  8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

                                                                  SHA512

                                                                  6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

                                                                • C:\Users\Admin\Downloads\python-3.13.0-amd64.exe

                                                                  Filesize

                                                                  26.9MB

                                                                  MD5

                                                                  f5e5d48ba86586d4bef67bcb3790d339

                                                                  SHA1

                                                                  118838d3bc5d1a13ce71d8d83de52427b1562124

                                                                  SHA256

                                                                  78156ad0cf0ec4123bfb5333b40f078596ebf15f2d062a10144863680afbdefc

                                                                  SHA512

                                                                  ffaef212d55e3bdd87e79cbfacebc0612ffc1c8c4b495585392746202dce6332383199f0206113ee95ebb4a76d718d0700e1aed9ad518d43b7569a44f0a39427

                                                                • C:\Windows\Temp\{9551B517-ABD8-44A1-A1B2-3E098CC360AF}\.ba\SideBar.png

                                                                  Filesize

                                                                  50KB

                                                                  MD5

                                                                  888eb713a0095756252058c9727e088a

                                                                  SHA1

                                                                  c14f69f2bef6bc3e2162b4dd78e9df702d94cdb4

                                                                  SHA256

                                                                  79434bd1368f47f08acf6db66638531d386bf15166d78d9bfea4da164c079067

                                                                  SHA512

                                                                  7c59f4ada242b19c2299b6789a65a1f34565fed78730c22c904db16a9872fe6a07035c6d46a64ee94501fbcd96de586a8a5303ca22f33da357d455c014820ca0

                                                                • \Windows\Temp\{9551B517-ABD8-44A1-A1B2-3E098CC360AF}\.ba\PythonBA.dll

                                                                  Filesize

                                                                  675KB

                                                                  MD5

                                                                  9751bbeaa1ccffa70003201b43f727c3

                                                                  SHA1

                                                                  8a6cedbe54a955ef25477c961679ae7482481b2c

                                                                  SHA256

                                                                  b76b8a4ff515ee27ba9da62e64a39b3140fcb35a83d42c5126442c9b4c5d5f59

                                                                  SHA512

                                                                  b9f0474e311635aa13b4c7d234101e2f08206a6853c825bc8772b977427ce7ce33e45b998cf051d5b70148b511c81d8c630b4757c662d0519ffe42bd18f906ad

                                                                • \Windows\Temp\{9C17E7F1-F27D-45D0-88F2-9BBDFDCA356D}\.cr\python-3.13.0-amd64.exe

                                                                  Filesize

                                                                  859KB

                                                                  MD5

                                                                  a9b28dd6caf9f5cef0271e9230fd63a7

                                                                  SHA1

                                                                  1b83a794bf2f657ac17da5443970f59c255a6bd5

                                                                  SHA256

                                                                  e28657d542725e31c0683557b2125b7f031b17cdd36177dbf030871cba83e10d

                                                                  SHA512

                                                                  4ce57206031fa0e43f14a389f3aac2256002631126020829ff429768faa1c729c0e97b2b90e9934e593ea212cbb370c79587eac165c623680b38784f64a6b931