Malware Analysis Report

2025-01-02 06:55

Sample ID 241123-vrh9qsykhs
Target HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe
SHA256 446e83f044b6319c85d16ace8fc63537a0d8b541658a90dae375756495535003
Tags
r77 discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

446e83f044b6319c85d16ace8fc63537a0d8b541658a90dae375756495535003

Threat Level: Known bad

The file HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe was found to be: Known bad.

Malicious Activity Summary

r77 discovery

R77 family

r77 rootkit payload

Unsigned PE

Browser Information Discovery

Enumerates system info in registry

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-23 17:13

Signatures

R77 family

r77

r77 rootkit payload

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-23 17:13

Reported

2024-11-23 17:16

Platform

win7-20240903-en

Max time kernel

52s

Max time network

145s

Command Line

"C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe"

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2824 wrote to memory of 2812 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2812 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2812 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 2744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 1560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe

"C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef03c9758,0x7fef03c9768,0x7fef03c9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1188 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1548 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1588 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2308 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2320 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1524 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1468 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3684 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3700 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3624 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=732 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1780 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2452 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3708 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3932 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3952 --field-trial-handle=1252,i,9947612760399551518,17147479946453137469,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 flingtrainer.com udp
US 104.26.15.72:443 flingtrainer.com tcp
US 104.26.15.72:443 flingtrainer.com tcp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
GB 142.250.200.3:80 c.pki.goog tcp
GB 142.250.200.3:80 c.pki.goog tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
GB 172.217.16.228:443 www.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 crl.microsoft.com udp
US 2.21.72.73:80 crl.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
RO 2.20.118.102:80 www.microsoft.com tcp
US 8.8.8.8:53 paste.fo udp
US 172.67.144.225:443 paste.fo tcp
US 172.67.144.225:443 paste.fo tcp
US 172.67.144.225:443 paste.fo udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.230.21:443 js.hcaptcha.com tcp
US 8.8.8.8:53 u.paste.fo udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 api2.hcaptcha.com udp
US 104.19.230.21:443 api2.hcaptcha.com udp
US 172.67.144.225:443 u.paste.fo udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 172.67.144.225:443 u.paste.fo udp
US 8.8.8.8:53 ufile.io udp
US 104.27.206.87:443 ufile.io tcp
US 104.27.206.87:443 ufile.io tcp
US 104.27.206.87:443 ufile.io udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 client.crisp.chat udp
US 8.8.8.8:53 image.crisp.chat udp
US 8.8.8.8:53 settings.crisp.chat udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 104.18.29.104:443 settings.crisp.chat tcp
US 104.18.28.104:443 settings.crisp.chat tcp
BE 64.233.184.156:443 stats.g.doubleclick.net tcp
US 104.18.29.104:443 settings.crisp.chat tcp
GB 142.250.187.225:443 tpc.googlesyndication.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
US 104.18.29.104:443 settings.crisp.chat tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 cloudflareinsights.com udp
US 104.18.29.104:443 settings.crisp.chat udp
US 8.8.8.8:53 client.relay.crisp.chat udp
US 104.18.29.104:443 settings.crisp.chat udp
DE 159.89.97.13:443 client.relay.crisp.chat tcp
GB 172.217.16.228:443 www.google.com udp

Files

memory/1688-0-0x000007FEF5E33000-0x000007FEF5E34000-memory.dmp

memory/1688-1-0x0000000000440000-0x0000000000474000-memory.dmp

memory/1688-2-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

memory/1688-4-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

memory/1688-3-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

memory/1688-5-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

memory/1688-7-0x00000000004B0000-0x00000000004BA000-memory.dmp

memory/1688-6-0x00000000004B0000-0x00000000004BA000-memory.dmp

memory/1688-8-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

memory/1688-12-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

memory/1688-31-0x000007FEF5E33000-0x000007FEF5E34000-memory.dmp

memory/1688-30-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

memory/1688-36-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

\??\pipe\crashpad_2824_NJHQCHUIIRNIEKIH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

memory/1688-92-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

memory/1688-93-0x00000000004B0000-0x00000000004BA000-memory.dmp

memory/1688-94-0x00000000004B0000-0x00000000004BA000-memory.dmp

memory/1688-95-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

memory/1688-105-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

memory/1688-106-0x000007FEF5E30000-0x000007FEF681C000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 802a63db5ba4471eb5d575f554f556ab
SHA1 5b4a675bef6b864a3d5387d0c24d17d2ce163bc9
SHA256 3f867cae8052986e85f449ae362b6055bb72d13f50af8770ba1b4ce5c658946a
SHA512 0c44de7892c9eefb99b57fcb24ad04a7bf07257ffafbf5fdc716e307020561752d627a31d6890ea03157bbff63eb687fcdc86dd4c817f43e76390a88b118f359

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 57a12acbcc08246c64fbf1edbe796ea6
SHA1 023dfb8db7ad7e9bd4995718270357f55eb9de20
SHA256 0d2abcfb40b3eb288343981f3a3b0b6853347cbfc626e080ce409a3de686480f
SHA512 3561473b5f677a5be35d57c2903bb94600940d215dea031d47d0d5ca9632f999483bf676ed95ccb02d3b184e62d5f7b1f8787d70ca8435be7a0a7b8a201f00a8

C:\Users\Admin\AppData\Local\Temp\CabA544.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\TarA631.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12

MD5 67e486b2f148a3fca863728242b6273e
SHA1 452a84c183d7ea5b7c015b597e94af8eef66d44a
SHA256 facaf1c3a4bf232abce19a2d534e495b0d3adc7dbe3797d336249aa6f70adcfb
SHA512 d3a37da3bb10a9736dc03e8b2b49baceef5d73c026e2077b8ebc1b786f2c9b2f807e0aa13a5866cf3b3cafd2bc506242ef139c423eaffb050bbb87773e53881e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12

MD5 10fb5d23546c0f4d28656a9381af8d3e
SHA1 2ce92e7f58b3dbdfb3ff4e9ea7fad7179cec863f
SHA256 5804b51f4e84bd98442d1a126f6b2efe07105e9a7fce4d2bf70d3a00fd1d0dae
SHA512 77fba7c3dc33783eefe562ef297c36557d3bbc9cbfa9e8771b5bce9d5816e8a7cf7e71b703ad9b42ab9bde7eb3a8fc9e4d250ad0b9d08bc9f5ec04ece25f9e59

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8

MD5 971c514f84bba0785f80aa1c23edfd79
SHA1 732acea710a87530c6b08ecdf32a110d254a54c8
SHA256 f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895
SHA512 43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8

MD5 73b8e43461e466a47e1d3279d92ebf7f
SHA1 5cb97a9eb84da767b443b248071cc505c304892e
SHA256 70f47610f3780720eb426cad63e1ac0baed7ce37d14f5f8a12a2351f0c6b2fd4
SHA512 a09489f8bfe18d6bf0854a51b5fda6e18d441379f2b5a427b8febad812f889f9a1bef6abb1efb1f53044d4355e292b8724ef5b96850a4a69dc444b29b1918900

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5afb5d7f5f1c91ee342e6d75ece0be32
SHA1 87503d20cdb9ef9998f5fec9d1c49a6915117bed
SHA256 02f7ad4ac354b688455fdce43a20a3c9deefe560be9f3331edd405488007caa6
SHA512 53c3aff76a29da7ed8a3e704768b9377b8b4c164eabf97b650ac0e11886dd73626f612f174ec5e950bc12469efbf4e2b324c5f45df13caeb9f50a326a69d4859

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e37124f87840789bfd3b8c6649453167
SHA1 a06549475b0927198af37400d3301d96185a5e48
SHA256 2393cb0c8a69fa5df1dff03742afd58ef7c60dbc95025ba734f7a614c98ebeff
SHA512 0987648510bcb5b804ca3b46faa213b53acd9e4240311c100cf24330dbace9a1e18631aa48ee975a4685e3e32303cc7dbd6df2316c5e2b785db54658c853b6f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\3f7ffb11-a7a6-4f97-b7af-bb66d0e4568d.tmp

MD5 115777cbf80993df1a9d421f2d6ba411
SHA1 2296faaf4bd46bb127ffba2c0b975eacd8965260
SHA256 ba9acebf1800a3236fb18b437de94e13177559d48921ab453b4b7d4a6a4f5fbf
SHA512 dad0bf574375f6347b419a2ff2b883ed0416e921a35be51c775ef933cfefbd3da84f6009abb233a8c42599a582477910dd9e83641fb1961a8260a4e48be39354

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 28a03fd1cc8e41cbc797fe6e078de368
SHA1 641da91323e913c9f8cc7e7980045c89fe9a9177
SHA256 861fad58f59df225d3dd572105193f681828679188edc45bfbb9a8e436ba63c0
SHA512 209d92d845630876562b233ed7e5de0f86ae48eea649cc169d3cb504edb11c6225ef1c8c39f15318b67b7562c2b59e20d717fcc82751894712cbdf732dd92410

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 84005b0890a7844bb136d5e351fee560
SHA1 133712a99214b46398d760880b26c777d0559b93
SHA256 b2a9820b7b748b9a2cd9b0e4a6aab3f560a1f6dd8d954aa733be278843fded2b
SHA512 4fb00b95e4eadb97771db3ee70dbdc524257000cf2e76644c19095072e1301b7d9eaf28cf9cb13063d06f516148d5119394ef7dbfd2b2a42e0058c3a16474dcd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a51bc5d7e610afb6494e99d9eb011c24
SHA1 1cdee646e2145594ac82f02bfa204f02ac2b6bb0
SHA256 ed4399256fba7066dca4d24f113ec448f456093f565d08471933cfe0750ca103
SHA512 18957e4865e7d144a2b2b287eb2e300d99feccdcaa8f9a84c9c7e0ab5c4bd83962d58fbd2b849986148c237039e4076a1c5edf71d0feb2d8c77d0640a5c4efda

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ae2d2f030ad53960e22d66b42d02d79f
SHA1 dbc81e570323537feb56b4448f3c2ed89a773eb1
SHA256 c59734cb6e1b2dbf5a40c1f2dd9883e2b396a0f38771f7db6ecc39e98f57fdf7
SHA512 18519e36879dc072fdd25b106b398a8d646ff85941e247e082053aad9b07db5cb9ced7b9f2d7cdb7256833824a549ce565d828f04e9bca4aafd168751ff7dbb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8e7f4d613a49f49bf6d982ab79e34c5b
SHA1 3ad27199bb1761d4a867214ab557311db9fadd22
SHA256 6b753d87b872d86cde3bf2db3a263476fcc89ad16f7c5aaf1c5dca9cf5c73add
SHA512 2a8f1fda70606d1a73d6063d698758f0396558f9b4051947a7e86e6ba1f64b630a032bc7fc34b2bb4f2a7a3258f2c26403adc577f838edeb7b643de4ac57f34b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 349d52ad6ed068a84855aa899cda6673
SHA1 c7d87d2f8ba9ca317bd71cd82259e4fab7aa4354
SHA256 a42496d1a6b89d5d79fb47e41656c180e192b635634ec2ff4742ab9819cd94e5
SHA512 419d712372c88ff0de4a126c652d46c2de73cd4d10e43fe56f52e137bc7f6d925e54e91ef47906758b088666f8bb31809e7b640a13ec373d96c578115be61538

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 2be38925751dc3580e84c3af3a87f98d
SHA1 8a390d24e6588bef5da1d3db713784c11ca58921
SHA256 1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b
SHA512 1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 4193243afecbc1551ad83b8b841acd33
SHA1 87a471883c26395e9cfaa0448caf5014211bc1de
SHA256 cb227e339c5015c8bce324dc663396a5cc0959153a86f7d2ed162d7dd408c76a
SHA512 9952614751e3776cde520f569b67f336a07337ac59f5b5da03b29980af09eb428a4d9432e9a7caeca16870ce8870586477f51b9c6a958c24ae28ffd4a69c4f34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 699db21ee0c63e79456bc52879149315
SHA1 c19a57717a6a441e9e78418a0a53c24178b7acf9
SHA256 8c762846609a8893b95a4f79a3daa6666f5502d24825a78d4706ed4aea7003f3
SHA512 5383f53c4aaa6e284698547863f8d2841efd78d9183a838cb32ac312e8e6232ac2ff2d1d5ee89cd170b89087a349730d2532c7cc8637286acbaeac0c5c4c2a51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 06d158ed2dcfa8ae36059bed9c9997b6
SHA1 357e6430ee35ae35f430b8fad26a816fc57b1e9d
SHA256 cda508ce9651d8c3841b2f0fbbd2e833d8d81d049ae2987ca9094cbd1a1b5b61
SHA512 95ccff179954d6926f572e6ec52870cb295eb48999a6096dc53e54296f4cbd09612094a50d94ad6c410dd819e8f30316b8f67ef876a56188945dbdc28b28dd26

Analysis: behavioral2

Detonation Overview

Submitted

2024-11-23 17:13

Reported

2024-11-23 17:16

Platform

win10v2004-20241007-en

Max time kernel

150s

Max time network

140s

Command Line

"C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe"

Signatures

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe

"C:\Users\Admin\AppData\Local\Temp\HITMAN 3 v3.10-v3.160 Plus 13 Trainer.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 flingtrainer.com udp
US 104.26.15.72:443 flingtrainer.com tcp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 c.pki.goog udp
GB 142.250.200.3:80 c.pki.goog tcp
US 8.8.8.8:53 72.15.26.104.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 70.209.201.84.in-addr.arpa udp
US 8.8.8.8:53 71.209.201.84.in-addr.arpa udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp

Files

memory/4308-0-0x00007FFA102C3000-0x00007FFA102C5000-memory.dmp

memory/4308-1-0x00000292C8570000-0x00000292C85A4000-memory.dmp

memory/4308-2-0x00007FFA102C0000-0x00007FFA10D81000-memory.dmp

memory/4308-3-0x00007FFA102C0000-0x00007FFA10D81000-memory.dmp

memory/4308-4-0x00007FFA102C0000-0x00007FFA10D81000-memory.dmp

memory/4308-5-0x00007FFA102C0000-0x00007FFA10D81000-memory.dmp

memory/4308-6-0x00007FFA102C0000-0x00007FFA10D81000-memory.dmp

memory/4308-7-0x00000292C87C0000-0x00000292C87C8000-memory.dmp

memory/4308-9-0x00000292E2BF0000-0x00000292E2BFE000-memory.dmp

memory/4308-8-0x00000292E2C30000-0x00000292E2C68000-memory.dmp

memory/4308-22-0x00007FFA102C3000-0x00007FFA102C5000-memory.dmp

memory/4308-23-0x00007FFA102C0000-0x00007FFA10D81000-memory.dmp

memory/4308-24-0x00007FFA102C0000-0x00007FFA10D81000-memory.dmp

memory/4308-25-0x00007FFA102C0000-0x00007FFA10D81000-memory.dmp

memory/4308-26-0x00007FFA102C0000-0x00007FFA10D81000-memory.dmp