Overview

overview

10

Static

static

1

URLScan

urlscan

10

http://aflora.eco.br/

windows10-ltsc 2021-x64

5

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20241023-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
  • submitted
    20-11-2024 19:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://aflora.eco.br/

Score
5/10
microsoftdiscoveryphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand MICROSOFT.
    phishingmicrosoft
  • Drops file in Program Files directory 2 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://aflora.eco.br/
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffc56d746f8,0x7ffc56d74708,0x7ffc56d74718
      2⤵
        PID:2940
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
        2⤵
          PID:3616
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3576
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
          2⤵
            PID:4736
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
            2⤵
              PID:1708
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
              2⤵
                PID:4612
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
                2⤵
                  PID:2912
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6012 /prefetch:8
                  2⤵
                    PID:3176
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
                    2⤵
                    • Drops file in Program Files directory
                    PID:5024
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x290,0x294,0x298,0x26c,0x29c,0x7ff712675460,0x7ff712675470,0x7ff712675480
                      3⤵
                        PID:1140
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6012 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:3384
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
                      2⤵
                        PID:2356
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2320 /prefetch:1
                        2⤵
                          PID:1812
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
                          2⤵
                            PID:4404
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
                            2⤵
                              PID:1536
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
                              2⤵
                                PID:5292
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,7244256659723834754,11445396925732505034,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3888 /prefetch:2
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:6008
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:252
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:2624

                                Network

                                MITRE ATT&CK Enterprise v15

                                Replay Monitor

                                Loading Replay Monitor...

                                Downloads

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                  Filesize

                                  152B

                                  MD5

                                  467bc167b06cdf2998f79460b98fa8f6

                                  SHA1

                                  a66fc2b411b31cb853195013d4677f4a2e5b6d11

                                  SHA256

                                  3b19522cb9ce73332fa1c357c6138b97b928545d38d162733eba68c8c5e604bd

                                  SHA512

                                  0eb63e6cacbec78b434d976fa2fb6fb44b1f9bc31001857c9bcb68c041bb52df30fbc7e1353f81d336b8a716821876fcacf3b32a107b16cec217c3d5d9621286

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                  Filesize

                                  152B

                                  MD5

                                  cc10dc6ba36bad31b4268762731a6c81

                                  SHA1

                                  9694d2aa8b119d674c27a1cfcaaf14ade8704e63

                                  SHA256

                                  d0d1f405097849f8203095f0d591e113145b1ce99df0545770138d772df4997f

                                  SHA512

                                  0ed193fdcc3f625221293bfd6af3132a5ce7d87138cd7df5e4b89353c89e237c1ff81920a2b17b7e0047f2cc8b2a976f667c7f12b0dcc273ddc3b4c8323b1b56

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                  Filesize

                                  48B

                                  MD5

                                  d0ce2ed4fa7363f95d1f6cbb468c9751

                                  SHA1

                                  ee7472dc5a868e9bd8148c125cacb48c39d06b90

                                  SHA256

                                  4d46e0122f051b699d03cfccaf29b4ab217914f5b3aad36ea6782edd5bd610f2

                                  SHA512

                                  ac768ea35cfa24a7b9b8bb2cd8df6f42b4a68ce52c2a87966f224839b30bc3a9a05eb270b2328aa3ccddd703d8aa48fb1bbf1f932b43651eae6220d6042f9cc0

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                  Filesize

                                  504B

                                  MD5

                                  221ee46b473c3258aaf95d7c42783cf0

                                  SHA1

                                  0faf150c139cbfb2fa5d3996a8e8865650ee391b

                                  SHA256

                                  997a221e8cbf48f5d579a469fa02175bb4331728d0a066eeb7673d05c13529a6

                                  SHA512

                                  a419891b637d024e0d562afe394db9663190a8efb740dbe4d7e34b260d60c403c411bf35cf1e957e0e6ab33326a3c3925e90d3859255d63eeddf56ece13f4214

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
                                  Filesize

                                  70KB

                                  MD5

                                  e5e3377341056643b0494b6842c0b544

                                  SHA1

                                  d53fd8e256ec9d5cef8ef5387872e544a2df9108

                                  SHA256

                                  e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25

                                  SHA512

                                  83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                  Filesize

                                  2KB

                                  MD5

                                  1c933cf0a74523520ac185ee55e87f35

                                  SHA1

                                  96f69f32fe5a6c09016e9f26b3566a05ee2404a8

                                  SHA256

                                  c1ccf2104ac40bcff079fda2fa3bc7fc21c1ec8b9f98e43efc1c7d191816bb0b

                                  SHA512

                                  aa298d4b95afe263f1ce758768af7dae6d1689ad8835ab39a084462946328221832b80a5f76fdf9aa00728260f339b755d9b35b2c7346b78b59099ddac743ea4

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe5881cd.TMP
                                  Filesize

                                  59B

                                  MD5

                                  2800881c775077e1c4b6e06bf4676de4

                                  SHA1

                                  2873631068c8b3b9495638c865915be822442c8b

                                  SHA256

                                  226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

                                  SHA512

                                  e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                  Filesize

                                  6KB

                                  MD5

                                  43966bd0dcea6c3413d0d040656a15bd

                                  SHA1

                                  94a870e50635e0ae005e3a2868f83193f4a7dd49

                                  SHA256

                                  833abadc7a0b90311e442ee3f5b0252b2f5d04f40bf680e20a25668ebb81aae8

                                  SHA512

                                  9f5ea55cc94782922b1f46f44909b07c39071b6854d893d455d825f98c85f9e6b6327c86fb9a4ee1f912d9f471b07f6a2fe9c977d6563e176c76929578c60fa3

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                  Filesize

                                  5KB

                                  MD5

                                  d051e575faa902d9bfbc1bec7e8ef57d

                                  SHA1

                                  270c8b777984531a5af881b9024310a5f6624639

                                  SHA256

                                  7d57fecc081eb69b18aac084fa8705efa503afca847165ba6623846282216836

                                  SHA512

                                  d4418d598ba49e69cbec77f43d5d291e556a4330ccb18a824b566e6ac9930ff42fe7d3c601682e63d0ee8b0e407392a9b377a56f882b3d07214d7ac1be6d8fb2

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                  Filesize

                                  6KB

                                  MD5

                                  c847cbb1e3067d8b4c272b7d35221326

                                  SHA1

                                  b49718865775372712eece3ae95688c51357d16d

                                  SHA256

                                  b163d71a1b639659aa3547b67f66165e04d7c2fe18ddc8b47a8269c1a7dc0e3c

                                  SHA512

                                  17b245297d06dc3349ab8554a8db9a0cfa1e557881211e6a5fb09072581682db5f542f7e70d7345162af0361a75b4db2df3c7c9502f22e3601c237798b28f985

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                  Filesize

                                  6KB

                                  MD5

                                  8449c57f037450cb34c23843ace5fb4d

                                  SHA1

                                  b60d93f31e38ead17f47e55be684f530ec5696a2

                                  SHA256

                                  6b29962dfde1245f5046c3984df9de808b164c4af6248e7a217c7da6ff99a347

                                  SHA512

                                  bac4187ed4dcdd6bb888f3038330cac0009ed4ba37351084cc609edeacd3c9a513aa011d43be85747b54a05fcc39abf8345db0dbb4480fc1a0ffc52be290c729

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                  Filesize

                                  24KB

                                  MD5

                                  3b964859deef3a6f470b8021df49b34d

                                  SHA1

                                  62023dacf1e4019c9f204297c6be7e760f71a65d

                                  SHA256

                                  087debdcfba4666c03a5ea699e9bb31cf22ef4e0fad7c961cb0b500e5d262fb5

                                  SHA512

                                  c30b7e1b28820a5815b52634b46cb210c241704e33e41304400cb3ed29e82ec547a1068fc819350b368456bcabd27034afade5add3251dc74e4174f51b6c7adf

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                  Filesize

                                  24KB

                                  MD5

                                  5c2d5c900312f44e72209416d45723cb

                                  SHA1

                                  68fb8909308589149399c3fb74605600833fbbc1

                                  SHA256

                                  56f7a77549e5fc45bd4b1f7c2db3e8b4bd1dd9234545207613a80342cee8e7d8

                                  SHA512

                                  07c2920cff7c1125e3a2fe66bf21d8606a1f2a3d36be2d8e136da0d2a21130242ac8324f18cedfb0040304cf804815861767c969a6923d8db851312bf9b4348b

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                  Filesize

                                  16B

                                  MD5

                                  206702161f94c5cd39fadd03f4014d98

                                  SHA1

                                  bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                  SHA256

                                  1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                  SHA512

                                  0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
                                  Filesize

                                  41B

                                  MD5

                                  5af87dfd673ba2115e2fcf5cfdb727ab

                                  SHA1

                                  d5b5bbf396dc291274584ef71f444f420b6056f1

                                  SHA256

                                  f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                  SHA512

                                  de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
                                  Filesize

                                  16B

                                  MD5

                                  46295cac801e5d4857d09837238a6394

                                  SHA1

                                  44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                  SHA256

                                  0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                  SHA512

                                  8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                  Filesize

                                  8KB

                                  MD5

                                  73b882345610e44c5940aa324f9cbb37

                                  SHA1

                                  960c135d89306f611ee9eb9b3386493b64edceb0

                                  SHA256

                                  c187a1382ca5de6d43bcc38d5486b4b9df74e3699d355b355e9bd0f458991413

                                  SHA512

                                  749ac8d5baeac621a794ac97c4eaca024d88bafd341cc58db7fe6b7796581a34b98fd3ef5e74c81198e39c7580990f244216074f45e1ca24f9fc1d1626e7ca5a

                                  Download Submit

                                • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                  Filesize

                                  3KB

                                  MD5

                                  b3529be71515daa2eea98f5a166663c8

                                  SHA1

                                  abb996533f801b91353335249f6a4ea9b6a28794

                                  SHA256

                                  39b455feed10dd45c4d192d87b88f1cf37e791728d7f8f51392a10c0f782c5c3

                                  SHA512

                                  7a3a4aa474c5e22b0e7f9f6767090e559f40eb7488ab17b84272854be01a1746319b90ecb9a85a573f1281418b13d44cb2913b37b6dd57c6eadd9358d3564359

                                  Download Submit

                                • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                  Filesize

                                  3KB

                                  MD5

                                  399d3bfa1a78518d753d66a9a3248b95

                                  SHA1

                                  e06c1deccc325036af2dfc58cf7ca0e9804e86a7

                                  SHA256

                                  e98c6d05940fcfcc0c9508f07193bb5fe98d10a9f97a7b2c169c998fd8e69b5f

                                  SHA512

                                  21a3314ff01391ffd5c52be5005b575314b5432bea3f1121eec2a14e6ce8aad0dc454839dd37b18693076bd5e621a8a9cf4786533b5f025bea6109761798d056

                                  Download Submit

                                • \??\pipe\LOCAL\crashpad_3052_YUCYBRKPHOTEWCBB
                                  MD5

                                  d41d8cd98f00b204e9800998ecf8427e

                                  SHA1

                                  da39a3ee5e6b4b0d3255bfef95601890afd80709

                                  SHA256

                                  e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                  SHA512

                                  cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                  Download Submit