lumma | hxxps://youtu[.]be/CCTH_A4wh-E?si=XQeDbeI7IT9EUyay

Analysis

max time kernel
125s
max time network
125s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
26-11-2024 17:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://youtu.be/CCTH_A4wh-E?si=XQeDbeI7IT9EUyay

Score

10^/10

lumma discovery motw phishing stealer

Malware Config

Extracted

Family

lumma

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

https://property-imper.sbs

Signatures

Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
stealer lumma
Lumma family
lumma

Executes dropped EXE 5 IoCs

Processes:

OPTIX.exeOPTIX.exeOPTIX.exeOPTIX.exeOPTIX.exe

pid	Process
4200	OPTIX.exe
3556	OPTIX.exe
688	OPTIX.exe
5084	OPTIX.exe
3084	OPTIX.exe

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

Processes:

flow	ioc
44	https://geohack.fun/

Suspicious use of SetThreadContext 2 IoCs

Processes:

OPTIX.exeOPTIX.exe

description	pid	Process	procid_target
PID 4200 set thread context of 688	4200	OPTIX.exe	105
PID 5084 set thread context of 3084	5084	OPTIX.exe	108

Drops file in Windows directory 1 IoCs

Processes:

chrome.exe

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

Processes:

OPTIX.exeOPTIX.exeOPTIX.exe

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	OPTIX.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	OPTIX.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	OPTIX.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies Internet Explorer settings 1 TTPs 29 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exe

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionLow = "395196024"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\Main\OperationalData = "13"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\VersionManager\FirstCheckForUpdateLowDateTime = "1339996207"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionHigh = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\GPU\SubSysId = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionHigh = "268435456"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\Main\OperationalData = "8"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionLow = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\CVListXMLVersionLow = "395196024"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\Main\OperationalData = "9"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\HomepagesUpgradeVersion = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\StaleCompatCache = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\GPU\VendorId = "4318"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\GPU\DeviceId = "140"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\GPU\Revision = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\StaleCompatCache = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPMigrationVer = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\CVListXMLVersionHigh = "268435456"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\GPU\SoftwareFallback = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\VersionManager\FirstCheckForUpdateHighDateTime = "31146119"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\BrowserEmulation	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\CVListDomainAttributeSet = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\Main\DisableFirstRunCustomize = "1"	iexplore.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133771167261392096"	chrome.exe

Modifies registry class 35 IoCs

Processes:

OpenWith.exeOpenWith.exechrome.exechrome.exe

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell	OpenWith.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	OpenWith.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = 0100000000000000ffffffff	OpenWith.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	OpenWith.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\1	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257"	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	OpenWith.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\1 = 8c003100000000004759b168110050524f4752417e310000740009000400efbec55259617a59aa8d2e0000003f0000000000010000000000000000004a0000000000409f0f01500072006f006700720061006d002000460069006c0065007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100370038003100000018000000	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	OpenWith.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4249425805-3408538557-1766626484-1000\{D0403033-0D95-4B01-B93B-A721DBF6E765}	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\1\NodeSlot = "4"	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic"	OpenWith.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202	OpenWith.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\1\MRUListEx = ffffffff	OpenWith.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	OpenWith.exe

NTFS ADS 1 IoCs

Processes:

chrome.exe

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\OPTIX.zip:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes:

chrome.exechrome.exe

pid	Process
4228	chrome.exe
4228	chrome.exe
1360	chrome.exe
1360	chrome.exe
1360	chrome.exe
1360	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

Processes:

OpenWith.exeOpenWith.exe

pid	Process
1116	OpenWith.exe
2056	OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

Processes:

chrome.exe

pid	Process
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exeAUDIODG.EXE

description	pid	Process
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: 33	2032	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2032	AUDIODG.EXE
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe
Token: SeShutdownPrivilege	4228	chrome.exe
Token: SeCreatePagefilePrivilege	4228	chrome.exe

Suspicious use of FindShellTrayWindow 51 IoCs

Processes:

chrome.exe7zG.exe

pid	Process
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
3500	7zG.exe

Suspicious use of SendNotifyMessage 12 IoCs

Processes:

chrome.exe

pid	Process
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe
4228	chrome.exe

Suspicious use of SetWindowsHookEx 27 IoCs

Processes:

OpenWith.exeOpenWith.exe

pid	Process
1116	OpenWith.exe
1116	OpenWith.exe
1116	OpenWith.exe
1116	OpenWith.exe
1116	OpenWith.exe
1116	OpenWith.exe
1116	OpenWith.exe
1116	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe
2056	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	Process	procid_target
PID 4228 wrote to memory of 3376	4228	chrome.exe	79
PID 4228 wrote to memory of 3376	4228	chrome.exe	79
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 2320	4228	chrome.exe	80
PID 4228 wrote to memory of 3372	4228	chrome.exe	81
PID 4228 wrote to memory of 3372	4228	chrome.exe	81
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82
PID 4228 wrote to memory of 4984	4228	chrome.exe	82

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://youtu.be/CCTH_A4wh-E?si=XQeDbeI7IT9EUyay
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffdc20acc40,0x7ffdc20acc4c,0x7ffdc20acc58
  2⤵
  PID:3376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1944,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1940 /prefetch:2
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1732,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1968 /prefetch:3
  2⤵
  PID:3372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2120,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2260 /prefetch:8
  2⤵
  PID:4984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3128 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3092,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3164 /prefetch:1
  2⤵
  PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3632,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4304 /prefetch:1
  2⤵
  PID:608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4564,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4268,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4600 /prefetch:8
  2⤵
  PID:4968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4708,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4724 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5224,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5292 /prefetch:8
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5544,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5564 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5528,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5524 /prefetch:1
  2⤵
  PID:2168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5504,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5816 /prefetch:8
  2⤵
  - NTFS ADS
  PID:72
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=736,i,13068781907647639064,8646481850020098482,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5432 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1360

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1712

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E4 0x0000000000000480
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2032

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2208

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2056

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap23929:72:7zEvent29179
1⤵
- Suspicious use of FindShellTrayWindow
PID:3500

C:\Users\Admin\Downloads\OPTIX\OPTIX.exe
"C:\Users\Admin\Downloads\OPTIX\OPTIX.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
- System Location Discovery: System Language Discovery
PID:4200
- C:\Users\Admin\Downloads\OPTIX\OPTIX.exe
  "C:\Users\Admin\Downloads\OPTIX\OPTIX.exe"
  2⤵
  - Executes dropped EXE
  PID:3556
- C:\Users\Admin\Downloads\OPTIX\OPTIX.exe
  "C:\Users\Admin\Downloads\OPTIX\OPTIX.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:688

C:\Users\Admin\Downloads\OPTIX\OPTIX.exe
"C:\Users\Admin\Downloads\OPTIX\OPTIX.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
PID:5084
- C:\Users\Admin\Downloads\OPTIX\OPTIX.exe
  "C:\Users\Admin\Downloads\OPTIX\OPTIX.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:3084

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1116

C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
"C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\Downloads\OPTIX\BuildHighlights.xml"
1⤵
PID:480
- C:\Program Files\Internet Explorer\iexplore.exe
  "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Downloads\OPTIX\BuildHighlights.xml
  2⤵
  - Modifies Internet Explorer settings
  PID:1308

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2056

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
25be043c571a9ed7eb3611e147e7b4c4

SHA1
373ec8c6705febc030555d63ffe471bb5683087c

SHA256
69d6b5f51c831a779efb59834b15f025d7d3fe3213c96a1fb202e835530b8c6b

SHA512
a26b9796f3203d91f307534309eeeea0015d906c33e25e96d7dc0a554691a9bc62250191b3999928d1c38fc08cede913de0d09aa832f847271190617cc9a381e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
234KB

MD5
4cfa14429fd069a508ee080dcac8d2e2

SHA1
179ade0cee274fb3e970df204cd182ca6456f598

SHA256
6e1beb1b9890c5fa1b4c5c30535eb3329711b337b082d4bd32ec13ef6dc67643

SHA512
1ec5fe5ed9f91173ecfbc7fd72e22114fc282ebfb3b9cdc5a3cbdc435853f5b54f8b785bdc22186a589981b6c80bad4ae3c0c7a9f7f9d045874702b6cbef1d27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
33KB

MD5
383b0cf9c1ad6f185bcae0daadd3a542

SHA1
a4d3ec3ae12e9586c62ff18bb8311ae697f10c3e

SHA256
3aee4b10da5eb1bd91dc1ef2d158e4984659dd164a5250f3944710c610caa62b

SHA512
53ff30f96d32f6261b2063ab723c2e17feebf1a259d96263db8f923550bf813ba7d90118d81c43dd37e250487d709f8909ee61fbd6e014d4ed6c198ab9cd387c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
32KB

MD5
e8caf9aa03a76568d4dfb4bce1c070b2

SHA1
929a63300cc8b20e5d06dc052ec862b9b5df3a1f

SHA256
d6aba74a90bcbe4a59e6d0d336f0354327449ceb67ad46dc1cd0ac0b8258173b

SHA512
8e9f6d753624a0370581340612ace94e8c1c62bc64b0b4c39035721c6d088bf77b544b9f0e380c5038d0a101e8500ca8fab589c38ba1d1137df9d3f3bf140658

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
720B

MD5
5ff065c6cab138c0f1059ef5668dce19

SHA1
ce0f2f694e00be750684f1dfb03ea3b83aa8f6c5

SHA256
d26ed9fb5bb49714376366a08360460ac206bf69884382fd861f12e289fd18bd

SHA512
bea1ebb87492bb1b4e05924319b8172b7d02c26abd27228c3131856c9ecce22d92cacc5b0d158d01e8f768e9000156e3c092233e3e65e24cc39b532d36dd3bc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\5fbef9d8-5397-437b-8dbf-8e258e417452.tmp

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
36f41ad4b8e657ec64484282130bf50a

SHA1
ec955bfb409cb764d002426dfc162534c0938d42

SHA256
9f7d75f674ac8fb7fdd2444f53b9287a465b9d9b74d605f9db9eb026a3d44db8

SHA512
04bb2e9655e4507f6a67f8c101a11c01e8a47fc8b4dcf9b5e58b237d2a9f11622e1df25a953cafbd86c5e83ee6396b19a28e5ef88d3ab016ef9d65bbf84c491d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1017B

MD5
28c656b8cc5fb9ca6e3aa0f09c6d30fb

SHA1
9814104647036c7e35030548a1a98c756a9518fd

SHA256
29099037b0e1a8f2017073182a90521b31b87401a7a88ad7dce502f9e45fc521

SHA512
e41ae70f8cd5c1f042ee4832f30f122223dd91857972d99f84b1f0f2a6742b54965598a46abac4602699e937334a08f70d95c98785977989c6c86e5993f4303d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1017B

MD5
2479f6cdbc23188ba664d86c77388779

SHA1
43358ccf9e7eb2a2438f54d42a5a1ae3fea6bc7a

SHA256
0d05bbcc90584f6d8cd24cff5894b26ca69ae8ca8a98c7bbc27fb8f98f204978

SHA512
b3d0874d24542a2a77e52c6f9b441f824605fbcede6fbe977094595c36a57dd3d30db7287c62b0726413fe628855cf6e5ab7c7b8582ca9ff8791848b3ee62280

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b20ffca7bfdfcd697ab9763594837ce5

SHA1
4f403b34220f0049b0937269e60abec2cba14e12

SHA256
dd3959418ba753349aa0cccf0ff84e3a6bfdec33dddde96bde38601a5f609c78

SHA512
fda0a3b82eda65ad13fce0ffa98c31788847d708daff2c707a205b078955febca58564bc5b70be2567ff5737df484d30e9d4e04cb22835a2a398f92dae26b26b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8a29d9f3d18c11b6e8e68816e04a5244

SHA1
41675a67b54b38daad66f3945398b59e5c716fda

SHA256
53c5e75f9ffc7f0c2ddc735914a7519a4e54519e53fe2799e610a23904b767ae

SHA512
c2246c01fa8394afad1f3680b0e27296dd8ff47fe8242dbdce0816deba7a9b41caee94344b293579fb6f8af07453dde8653464fa2f5ad02a328b78050e042740

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5e210d18c5971495bf11db5af0c1e9dd

SHA1
023308a8f4caadf8c570913b95e45aef396b004f

SHA256
c356c10202a70e44e1b0446d4e67a046929bfaa9e3444b604a4f107992f3ccf5

SHA512
25f3f60e4d46c9ba1c42cc8b31c817c63bf5f5d5683ff60b975ee9a105007fee9bf8b1373e5727cc88d0f663007326ebcad1b6df5bc43a60fc6658c49b27103d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a505ca1903e7163812af3c27bdbb971a

SHA1
a7eca9408c7ecac745c1d13faef86d766bee0ff9

SHA256
575045316d67741fdf492e69d64c75ab8300db288ad05a4ab37a4379808de119

SHA512
698d6b03cfcd75cbf4e5bf9cbf00af9229ed1be847e3036db1e084c7ea783d5323366cd7dbe7389df83667ac7ff233aaceb0170ed4b952c3ed0a834d68edf567

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
60c294a99b361a62db6e310ade982e06

SHA1
ea8e6ce56aca8dd9b29fed7701f31fabdbbc5269

SHA256
ce1b7c6837d02eb16108cebcc7138bb81147621f2a364c6703146ee4515aca18

SHA512
c534001463081e6941e5800d4d1765bf2485c6c80183100d401837aa7454ab9e395850266313f4a942f116557dcd46ce433d8537bcdda1721c7b2f9539d4bf46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
41c7b17b8a5c6c6e589371172a251dae

SHA1
bb3c5c018ce0bf61adb79910ac3da0769d63fec5

SHA256
a5bcf80f5555bc455de86f2e1bc28e8340aecea4889f4eb681256d727a4d9850

SHA512
f41260df66a5d104d0bee0b75cc6fdf2ffc0331d1a9c1663a4287b8bdb437cd87beaff88801aeabb9441e5d254b96eb2844955ef1de538c02d37cdf3da0cd897

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
817fcce8d14b1cbd589229c585b74a16

SHA1
80837640d1e6d1a5adf8921da9394146af981795

SHA256
8849c534f24aba8264f4c49facf109503ebaf7a177b189df9f0788b621d2c111

SHA512
30de427573105918b5d19781eb42081579dd6cf98e2c22e8257caf0e2e9f2c08def0d9778a59878525d75c694b464feac17702013e4c8e080973cb39c591801b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
df44d10afe5af2064e3e69e14104980e

SHA1
6dc3cb61d9c1a9a2126422bb453b8d167482f3a3

SHA256
cd2586db2527072fcebe474a20deacdec9d4253054ddabb00b176cc40e2be078

SHA512
1bce60acd3306da370bdf1f02840cf0334d17d11dac00e8d90bd6b076ec56033711d84aebdbe59d998d69267b6e25ad538e5883f29e40ea6d94cd4d36c24d439

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\522508b0-9eb6-4a6c-ac35-ec7985034ccb\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\522508b0-9eb6-4a6c-ac35-ec7985034ccb\index-dir\the-real-index

Filesize
624B

MD5
ff67ba7f51de31f3bcbd1c5c188644f0

SHA1
79254cd83b0c6496adc58016e15480c41ba1b0e0

SHA256
983d90891663335871420f5eed91a78cd48eaf3a80d3fa3ba84daecfaf83b381

SHA512
86a59a3b9bbd1a3daf9947e33671e6a0cf12ef135bc8bb1a7e517a77d82baec97307a5e8f8c35c1efc0591260e5533966941eb8a5f65aa7efc01c0e26f7e45bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\522508b0-9eb6-4a6c-ac35-ec7985034ccb\index-dir\the-real-index~RFe58026c.TMP

Filesize
48B

MD5
b0e9299304c5690fde8669b826a1cc10

SHA1
4bf8b53d1f439f986b57cf430c6f6112595f118f

SHA256
01743074da5c9924847d5628fa4a96ad4d37f41d1a5dae15556b7d1fd59d994f

SHA512
87c04f5ba8d14d3d32af4cdb2460625537371d81ce4f2edd78968287a7bfca726bbe05a372aac891fc9d37f90ae8ca1800397bd16d676b0efbe1bcbbf90423e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\58fe51ba-32ad-49e0-a21c-56228a8a136d\index-dir\the-real-index

Filesize
2KB

MD5
592b83e3ce8260f74ebf4ef135f2bfbd

SHA1
c8c95979ea9ebb09521d71a14f8114ea7d842d5a

SHA256
84e9dfe803d54b5256fd74da0030f0cfdcdf739c670ca643862858f6bb218753

SHA512
972049c03df2974a98e444ab9bb59b4f6f148aabc693bb28625475d793fa347fda9101e8a723e53b567b692f88f6c5c4d2a22d2e9b30baafb7be467001486575

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\58fe51ba-32ad-49e0-a21c-56228a8a136d\index-dir\the-real-index~RFe57a345.TMP

Filesize
48B

MD5
240df2d830d2bd1c65533e5972dddefc

SHA1
f80c51d352bc481382c7d904de46f1f45dd4c12f

SHA256
fc8d59281c459e40958922a17f3e9a7bb39b6a2036a45b07fd6bc98541fd8e72

SHA512
d98c643a183e74217aee4efb8561fe800f3f3848f781eaa2cfa14e4b337990ffc860b6c8f6bbdf1e46370d347de5ac5ffbdced8e5f75ebe5cb44e25f2ff645c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
8945476cbe56c43459e5b0cc0d5b1880

SHA1
99ea0a6661ec1e59a27fb4e359b5514b7ba44f57

SHA256
5f185023ec24d45fc9d16a42d08333bc71651b3657bfdd0348f61ca9827f759d

SHA512
a00b158bd7fc4e23c92dfca8cb1247edf30825e3de95deed8fa60b3df5ab886a1c45ea0026823a01b8496fcffd6ccce490afd83a061bb056357433fecd723914

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
178B

MD5
21ff2bbe500c35a0e3739b5fb387df4c

SHA1
0598e60a504f24430038ef4a13343175af69dbdb

SHA256
ac0ecd0c60b3b0f548773ef85e353cc0e74c67187f84ec35c610aa8039272faf

SHA512
6d1e48ddb1d43ef07a45d0f022fbf42d48497bb402215c998ed0aa10c689c8ee2e9d4f6bd11e7d6fdf4842173affdfc22722cec3f5972b037dc7e397e16f7692

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
4310828dc441ad4ea7a0c889dac3d2f4

SHA1
f7229fc5b1e202148530c1d4045d26dece7dcebf

SHA256
c060fae7d3a5d6b6a213087def0fda2a2c6ee2407ced322465997f3064d1cac6

SHA512
c86213a93b6523a15077171e48fe6a6fc083c3319e51f3025fa7fe840a10eb941142ff188b705ddc4d7ae41570b9009ac7b79cef88609b26381965e7c5d3c39f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
49b17a3de3f395f3bf9f24bfa455cdc4

SHA1
ad845478d9b725438d9222028a4040c2b9691e2b

SHA256
59206d64e74640eb1c8265d97895daeb7856bb3d727bc0f4c4ac74ffce5f1419

SHA512
47d11c623ede2e911f9210d2b3020c75dda219d01c4774510db48c44a0a55e6ed60dde248a9ed3ba5ff405f73e9e36f52222ac6ca41306a9e92097e3aa849b4a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
b68bcd71f7c33349aa503df03429dbc9

SHA1
a9e8a68b4caf71dc35b5dc538bdb169d1d47187c

SHA256
635f4b235579c6cf9f73b6893c775be57432800bf0ccaa80ad16189ccc802efc

SHA512
ed2895446571cc288d953e20372242b9f4f9176bdffea83bc88e9e3e265feb81b0544fc7dc3a9b2b9fd7fd2388918ff4eb286c40fc9d8624500844fc04be9761

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
23ce1acba5b7ba2c98409386498f259d

SHA1
c54228af39b0fdfeaf9a50672970111d69d46934

SHA256
945355a0fea28b3a309ff4493500310b91bb33cda88f9707ac882541c8a41b43

SHA512
b842f29b3a7d0170163fa2ad6cfdec6060696a27efebb12e0a3ed8db0bbe875e44bda160f199d126d86c678ac3eaecc02a1afc8f118e546bb2cf1f3d24fbf2d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe578d4c.TMP

Filesize
119B

MD5
1398b8a6b21f78105d33d9b1084ded6c

SHA1
ad7781cf9a8e4b29e1d6d70e31a575aacd238481

SHA256
d65430e1662b873b205524ae16f2d22e16a220598ba83718db7bc33fb4782926

SHA512
96eb7c63037baca9c6b6c4c42b38d6b8fe7aa4b437c95d81125244b1b1c01e1d0f293d5c866b6f634e0efec39d5730b483e143b66b5110c6a99274c26e72c6b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
bec551b07e9fae3249b7fa9ac7bf098d

SHA1
6b91066bdd01f64dc9f35c6b1efbd050a643b007

SHA256
fb4b6ec46808b6948b8e871b7d1012dfe609a3c75fdd357f0ce823076da4b614

SHA512
dadf7cdfa8676dfd6d5c36af70eda7a984e06b2607190fce712bc551da67028081b965e312fe67107897aa17eb9bf567b00fdd7ca5386c368b1df78b45f8f0fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png

Filesize
1001B

MD5
9b4d2aa85bae2b94477371dba6544b2a

SHA1
4dd2d97aa25b2723a91016ee5b403619e7a4eb99

SHA256
3af45701fd97bc8ae6ae8e9f999d5d8b9d61a9a7914faf6518450f454e884223

SHA512
f6351c370d91a87a2b0abd8da8460e65a8149700beff2e819074004101133e750b1e60ecdf6ead73d1de19f37258e7853084d65c6adfeab8707c480d9caabc93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4228_1423186501\Icons Monochrome\16.png

Filesize
214B

MD5
1b3a4d1adc56ac66cd8b46c98f33e41b

SHA1
de87dc114f12e1865922f89ebc127966b0b9a1b7

SHA256
0fb35eacb91ab06f09431370f330ba290725119417f166facaf5f134499978bd

SHA512
ce89a67b088bae8dcd763f9a9b3655ed90485b24646d93de44533744dfcf947c96571e252d1ad80bdec1530ff2b72b012e8fff7178f1b4e957090f0f4c959e0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4228_1764865453\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
206fd9669027c437a36fbf7d73657db7

SHA1
8dee68de4deac72e86bbb28b8e5a915df3b5f3a5

SHA256
0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18

SHA512
2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4228_1764865453\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
529a0ad2f85dff6370e98e206ecb6ef9

SHA1
7a4ff97f02962afeca94f1815168f41ba54b0691

SHA256
31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6

SHA512
d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
a472d10bba65d7c5a432f3b08c98a4d9

SHA1
9ddfcb23dd2eb728db4d758452cca57ae41c5861

SHA256
2a96251d3ce5125ae354bcd1e9f99ec892de4c96ea6f1206f6878ab05b38aa70

SHA512
b146c950229a56d9e627ecf56fdf0c85f7fceda4e76b35fcfca6f52ac41b3be9ba4b920c94f7d2265db4dbedb84be8e1999bbbd45220732d304ebb9cbac0ba84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
4453e7997a7989f9478ce4e58a5cf583

SHA1
99a79a6e13a52e99ac53c7796ad231c1c3d9b325

SHA256
1bff49e623e35aeb4fafeea36c9b634b859c278fd6a7593c100665afedf28263

SHA512
250983bae0713c2e7ca18920e4ec4f7cc9570bc95bd615ce589ee02c981c5f543181c371b9c2822daec18de8c9ef846afe66b868c1d8aae9fd8deab9f6766535

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
562cfd0aa9a0a4ec99a21fea4f625c36

SHA1
6e47cd724168ff6a84e23b36485ebeaaf33a5de6

SHA256
bc50836e25fcd4ec8b39cd2d791ab7eadf48deaafaa692756e99694e35004799

SHA512
35bb7508fed09d0f42b6357892e41dab600dce5ae5a3710b5815c74ad8ed264bffd20257470b7612f381eabe8e1c60b231e797a7e25e9b2a5a1777240f6b8a62

Download Submit
C:\Users\Admin\Downloads\OPTIX.zip.crdownload

Filesize
9.8MB

MD5
b7cb3a9cdbc58ccc54e19ac838cf8000

SHA1
d76672984bc4ae1f3a9f09ab2743269d0a57be63

SHA256
620f83119bb498067efcac8632770e27d06b4f4ae6924fab45f1f8f105a706fb

SHA512
7b33fd90dba124791be147ca9c812377f709586b9452a6669cf9bcb8c07ac206d9fb38917c68f5677dfde22b8fcec9cc51a0c4941e47a279b86addeaa144a7f3

Download Submit
C:\Users\Admin\Downloads\OPTIX.zip:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
C:\Users\Admin\Downloads\OPTIX\BuildHighlights.xml

Filesize
18KB

MD5
59117e4e5e581d62630076daf391f8bf

SHA1
61d05d75be191e9c9ea39b9c75599d1caf35accd

SHA256
cead70f773dcbec5d2ac965edf64be3dd946b2b4310babf5d4c6ef9edc55fd8b

SHA512
ab43d6c9411b4662e0e46453783274825ba3828d1dde2072053c2a78c012df4818f6dc542b7bce0e4e9795b021651b8b50df86728b27bb5bfa5befab00087ae5

Download Submit
C:\Users\Admin\Downloads\OPTIX\OPTIX.exe

Filesize
452KB

MD5
56199047b3923e010c421efcdc90c968

SHA1
bf502e14e83aee23a71b295e04c23f8553b991e5

SHA256
123107a1a3096f69bcf3dcaa185a7f3017b288b9475c861b092d05de0d0c4224

SHA512
df4bd355a1a12d716f25c15a9604e0d3408194bc3368e59bfd75b84ab49a70a9e1075b9ab9d73aba31d8b393bfc8535d26641b81546ff61c8c1c0b60d45e1aa4

Download Submit
\??\pipe\crashpad_4228_BIBHOMJBWYMEWZUC

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/480-866-0x00007FFD90E30000-0x00007FFD90E40000-memory.dmp

Filesize
64KB

Download
memory/480-863-0x00007FFD90E30000-0x00007FFD90E40000-memory.dmp

Filesize
64KB

Download
memory/480-870-0x00007FFD90E30000-0x00007FFD90E40000-memory.dmp

Filesize
64KB

Download
memory/480-868-0x00007FFD90E30000-0x00007FFD90E40000-memory.dmp

Filesize
64KB

Download
memory/480-871-0x00007FFD90E30000-0x00007FFD90E40000-memory.dmp

Filesize
64KB

Download
memory/480-869-0x00007FFD90E30000-0x00007FFD90E40000-memory.dmp

Filesize
64KB

Download
memory/480-864-0x00007FFD90E30000-0x00007FFD90E40000-memory.dmp

Filesize
64KB

Download
memory/480-865-0x00007FFD90E30000-0x00007FFD90E40000-memory.dmp

Filesize
64KB

Download
memory/480-862-0x00007FFD90E30000-0x00007FFD90E40000-memory.dmp

Filesize
64KB

Download
memory/688-822-0x0000000000400000-0x0000000000459000-memory.dmp

Filesize
356KB

Download
memory/688-824-0x0000000000400000-0x0000000000459000-memory.dmp

Filesize
356KB

Download