Malware Analysis Report

2025-01-19 02:18

Sample ID 241130-l549pavqhq
Target https://valkclove.com/
Tags
discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://valkclove.com/ was found to be: Known bad.

Malicious Activity Summary

discovery

Drops file in Windows directory

Browser Information Discovery

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-30 10:07

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-30 10:07

Reported

2024-11-30 10:33

Platform

win10v2004-20241007-en

Max time kernel

600s

Max time network

558s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://valkclove.com/

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133774358145895920" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4280 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4280 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://valkclove.com/

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff80db1cc40,0x7ff80db1cc4c,0x7ff80db1cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1876,i,13025984102811039742,14402332560632520870,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1868 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2132,i,13025984102811039742,14402332560632520870,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2152 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2188,i,13025984102811039742,14402332560632520870,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2444 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,13025984102811039742,14402332560632520870,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,13025984102811039742,14402332560632520870,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3196 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4348,i,13025984102811039742,14402332560632520870,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4664 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=720,i,13025984102811039742,14402332560632520870,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4356 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 valkclove.com udp
US 104.21.49.25:443 valkclove.com tcp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 25.49.21.104.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 56.163.245.4.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 212.20.149.52.in-addr.arpa udp
US 8.8.8.8:53 92.12.20.2.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp

Files

\??\pipe\crashpad_4280_FXKQYLTEITXHWZAD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 28a40580c1cca1a16e1d83e78ce3b1bc
SHA1 a37e3fc26e22bdd96a9502ea463b4ae383ae4f7c
SHA256 1811d6a125a687af251f7a76beff9a0ace3d9d5b6440dc5a966a256964faa78e
SHA512 2c5a3697e713ce6ab5727b2ab3f5e85260fa6807bfa413d433ca04eb41d6bb6cfb194070c2192421d31d124cb99bfb62bd87367b577d7df5a3238041531d2ce0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3ccbe96f51ad35086b8d5d58388e956f
SHA1 6371ea274128fadf64316b74fcf404b5343f69bf
SHA256 d5ec044a92a33b5173c498e12fc6f44b6de5ef5d8a5eba4a517b2216451d9b27
SHA512 17774c7b67b656f7a8e158f8ae1cb7578f46eea96d0b440ee5207dde50ba35f2b3b4f798f9898ff59fb64c85bc2e91de2f71b8adcfcb7265d7b0c68438cb5e23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 de5f92589a87a138c39ba8500ab47177
SHA1 716a07274fbcb089ead11f886e8453e0ede39990
SHA256 ed16b19561649b8f603efea27c8c1e2ab70ee78c3561637cf5db5c126c693807
SHA512 7359b90c79c7f1818f216ca3259fba0632626cf0f0f18dcecf22e79d5010b2ee43d5c54b44ecbb59e9e45dfd47ca4b3a7424a442128cbb4ea886f46dd30090ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4841202c543845edd5f50d4455eb71f3
SHA1 d5ed65a1edd03fb2ffd6cacd49a0eb16ffb4ce79
SHA256 66999d3dc044d8774b1608c557457ef03e2b544fdf815fa681339b6d73261839
SHA512 931d3ec680516692f28740937d03a94e88650618930b200bb7534e0b2c53572fb30ba2e0921b99774c1594f5b9f09bbdaec9bdddb21464eb7f87c2a15dc6866b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b006446d10dac827dd7110afe1cfa5e6
SHA1 c47fe0ed075228938f15c5dfaadc8429af7a4e2a
SHA256 0a2c30accc3e194f972c6d0a49d46770273820535b4563501faa197db77bf8a7
SHA512 f4aa2875a4ea7f22ef70a0767cecc403ceb12fce25fdb35276d0f01732b563c2110eda4fab90e64fc2c7a19e475ea42c07129ec4c08553781fa7290ab717c0cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa0e1effcfad01764f298dbb49cce2a8
SHA1 e3a145c4bd3007f24ae7d32adab8e921aa832a69
SHA256 57c0a08acf44ac814241c4de8dc187c7d3e6e58a381f99dca891fb8c79485061
SHA512 9afb76afff42e090c896d04d1891ec6f847f7e1b051c1c3c8dc211d1a6b5c2d14c285c400c5cf90fea251a154a9233342b7308ba0e224fc054bd272ffd3212f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e62da777c79b9f09574dbf8ad7c83362
SHA1 77ceab7c74ab10555c7eada7bf97610f53c95b5a
SHA256 526b69dbeebeb111a526c3e9a7f87ff7d35325e57455e2a1646f00da620b3e05
SHA512 3550166d7f5d8a6772c8068691ca730c5b773980b6fb007ff614a0327c0f8b874d764eddc2e6ec5fade35220f2c9efb78bea57af79e175386aa68105edb34097

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a31d04723af668c7bc493f7a27322f33
SHA1 33383dd5f66045c0bab10e82113b576c52e4e623
SHA256 f0a75cab4489be3db870d8d2dbc92c3f50c23d8565f3a026e0d313acf43b020b
SHA512 83b71e50835c9c2793025c8265a10ef32c5e87d0676558c38dd00f79c92056ec9783cefa4845af76d6ed3a68683af3223d9c7db22bbfa007a76b7400219cf0db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 59d7bc3d8234508802a08bee8d8ba3a7
SHA1 8fbecfeb24ea533fe836c92698582d49e07831e6
SHA256 d4089b1d9e230587b244b8b8e06443a94189a15c410876bb082e43d250c8d6ae
SHA512 1f3d9831d1cb597efa4833bcf5caa2685506180baa62afd375a98877d8282ef3945cf72b843e9084ea22c589b8b3c194cedc02f8bd158d66eb8cf143a3e59123

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 766761cd0101e81c2907a5308950428e
SHA1 a68cffcccc76951f759486bc042fe0092a77c7d7
SHA256 5677c813160098a75fbfc105cdb1aee04cb9626783bfa11d8c0a14753a45c6ef
SHA512 9176802be48ef4b3a92fc8ec170af460c11cde3c4a864f4a91a5b814da8ece17335dc5c95fd98cdb239a3ddd3195871875bfd6e7f7533c8a814d45d054479835

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 733688a3a10a10fdd5cfec11ed48c278
SHA1 ec601ee03be483f7bb2a54b3439cb600b6fc5166
SHA256 de61a2cef665ffa12d3598eae3952cf53d3cd95b9974279bfb646a1a55e5934e
SHA512 1b935f6218ccfb6208e48edf657caa6e8cb79345d7603a67bf5b3f653439c0ea24b8841a83dd23c4f532c854ce4a54bb204989a70390ee740607cb8cf468630d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2a9548fe829cc376f4d04430ca5088a8
SHA1 85f04cdd6f80c5c14f51fd988ba7d52d06dfb0a0
SHA256 b3949524729f3defada5d4713fdc1bf873ff245c128aa680f680ebb87c6991e9
SHA512 e87c3ecbf90934e827333a2e07cf92163f93ebad1119be2a4c236e1492d646e504e5c8057721c79c30a760e4de3f77fb68d675f2f8f78725b65c37e4626413c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ed29cecbbe121a67bab7dbc93a6b47a
SHA1 5d49efe74751316b2f89147f24b1169e2fa2a753
SHA256 fe844e64fd3674741e500a8d68e1b8aaaceef43174aaa4d952e2f9d1b5231540
SHA512 edd4d876b1a8072314457f7e734540b5865437bdd97f330023ff671d3dd91ae67d8a4ec98fe3251bd1a7fba5a5e8f36e3f82854e899065a9d6c74f84d8c8b98d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 63499e7a931ae15b4e6e5fa4f98718f6
SHA1 44bf71913e20b26a9b5234ded47300c67e4904ca
SHA256 b6d9de6b71e278a4b5f496589d748215fd7b57d8404ad749ae4703b4e54f4707
SHA512 1f40ef097764a4cf66cb063cdab3874b66a2a1a3426cb9fa01f291db4cc31a73d3796a5d068ee0ee0f0d1aa15d046973c77d9d7ad91bbc48969039105402f5b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e0163bcd8b8731b2ec4e0947139201b
SHA1 5253c24c10e109181aa7d055eac309755ae5c559
SHA256 dafe7758a85a5dec1a5d88f72847843c1070b8885481dbf9314374bbcb9d9c56
SHA512 3358786bec990405c161e59990c19d49977cec7b502b1368d1b5174a94f8c39f5d066cb0a248c85a750d7f14427c345a94ac82fad4cdf67f8873d863deb4f0f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e4ab6d52b71a8e2c036b3071d719a16
SHA1 a7cdb25c6628276ef6869192bdba7d3e4adf4b0f
SHA256 0f4e75efd9bca3f7c97da17173823ce3e29160e6abce8bda313a71c9168b721b
SHA512 376b48009eec2efa68e8524added5aaac11f6c1a02efca7fc0f1efcedaaa347e83b7fd703893a672cc8ca02b614aa5d4159fa1844bb5374e4ad9993f61e9792b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be37b7fb9bcf19f0d9cdf7bb183cbed8
SHA1 2cc82caf84193f7b9f735cc5f5666694f4c98fa2
SHA256 9c6dcee206b8e092e4e03d895af774593d063e30eb276436c9069cfeab3d4f6e
SHA512 efb9affd1f3922dfbb91343a7b6855e16ef94f677bc8ef4cff45855ede6af720a67430d9a093ef0a1f06baf23d5777c0f21430abf15dabc49ddf762e5e4a28a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\af6e4b14-f342-4c06-8669-844e1cfa68c5.tmp

MD5 c66f27ea5ed1a88cdbf7d2705955ee57
SHA1 ade00d0667cb1ff815e9d50b15c7dea1d3efe9da
SHA256 42ce12e6cc5c670d708da4ee998d2b490e6bfdce7f9f16e9d8d4c53ac2161d62
SHA512 4d704cd4ca36273e6542b3298aa6be4b8127271994cf50c31604532196bc1d1e4af31920e920ecaf1b03eef7b1e8d5569f64872f3636d5a2abaa46c0a7b38af2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3fb54a75ba0b19db8dbcb30c3a8f8119
SHA1 fa060c5c7e89ba7e952624e75c09a1b23e66362a
SHA256 a4813d5777dc4ee3fd8320a456f10b26b83c9db1e68561e86f46c76198f1e665
SHA512 ad2eae69112bde1ffcca8294e3692de3b8a1e9ecfd936aa784fbb17a49316c8bae8465e639bef9ffea61529c17ffd2870eac996546cce796c0a01cfcf7f59027

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5152cd0ea38e4d547ac6b1d0e616a04a
SHA1 e000dc5910c6bca16d3d092fddae0a2a2c912928
SHA256 dfaecb5abf349ced2027d31eb7abe4517e18350ebb47013100bc6c1c6e1816f7
SHA512 9dc57fe535b54c765e5e8ab2ccf6cfe4e3db61bb941ee5175aa7deaf8b534e6548d7e513fcd56f3cf2cd6481f1fd1f5b778a2c963892de421bc4b3c6032b11df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\861cd550-d001-4554-8987-ab15dd21f044.tmp

MD5 0a24744a63266ea5299637e0736d3036
SHA1 9d4fcbc0dd1e04553f70f131748c660b7a828900
SHA256 63676ceb9057fc3d8d7833cbada6e60476da2095e73a863032e2d50197f7e2f3
SHA512 e8eb5f31b95d2f245a74d7f2a37b9f452ba8cb88552623f033043963c6bf5dbce8168486c6aa6843a509f300a240c03cf19efa1154947fc7913160a16e583771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5bc72290cd7ff5a25f8093a46f6dbf2b
SHA1 15bc8513a689974a4749c3600fd5f49f4c80f49b
SHA256 2f4a7fe8744b990a17d920a168153823258eb575f621a453568081757cd551d1
SHA512 0bff906924a2ae8db39414bc0adbb126dccee77753c04bb63b23ef2c9261a4b661acf12e621e91f249f9601ccea2b21682e9e702b11b9e69fc66772f135a71b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d52b7d5ef3d518470a9150193adeb6f
SHA1 c11404af9bdf67b05deaf4833af9d71b4e1e43c4
SHA256 8a48c93d0c89cc19375e9bc79aa6bf57c5e790b037fa322c3d318e65fd7e1053
SHA512 a96f6485d7fe910f2142b75ef2e7755ea48bc530beb2500a86cc07d5a53871c0bdca799fe1fd9c4f576fd72ab03ecd92e11c3a4772e90def5b92441c55d9697f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 29f34d804a98b9c1d01ef663980fc29b
SHA1 ec2c14a73230a89159ca287dbcdec6bbac0027e6
SHA256 a9809798b7a80fade0cbc193e0810422d77846c3cc920375380e93bb06448c18
SHA512 4108eaa5053f21a6dbe3303b27e7ba274901a4ba2cf6b0c6f8480f192522fca2829593da09ec9af23e22079d668ace040c07e5256233a68d441255d431268e74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5d3683c10a78ae3035f74beedd907896
SHA1 843c4e761ce77cdf93b1efbb55c78d833d2ed2bc
SHA256 e84af6c026651c522943477f348f42e593436be4bbafe9dc9b128bfba9040012
SHA512 f2e88bded735c0001b10c6914d4d4bbc5c7488ff9cfb81bce2710c4872495a3210f35b13ac17fd7de6891046c656d8a847829a16f30b6b389e7cf9a5a0afc21f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c5552846a67c19d504010bf29282bce6
SHA1 59e1dbdcac79f6927680dd0065f49051e4dae135
SHA256 eaf829efe1429786beea2567b6a51d0910e1b23294e3ccd7d937534d7f7785f9
SHA512 082ee2a3bf788f254c164133eb6da5d5cc8b328d9f1c47ed205b23dbaa8b7e5a96e94f0723866b4af4de1a91a2f908370170643d76b8d28824eb3cd4211ff0e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70aab45f39dff8221a77fb8df285e1eb
SHA1 8b25b0265e87656938fc53ab7be6dbb59a73a1f4
SHA256 6173cf2c01587a5217bea224c6ee8595de9765f0061ef2fae5e48fe0c904cf45
SHA512 2ba74e0cd9af4b4905fce659bbcec0b126716df25cd381ca570c671c617b890eb3a95b122eac593340340dfdf38624e4aa4a8dcfd9da5cbe6f75b2c37dd3895c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f61fe05e418bb9dfa86bb9bb5d92417f
SHA1 ad3a04816af4260630f3d5317d955d907ac74551
SHA256 e53f0d410a64bcbac7158f535257630ecf066f0c46f4effa754baf485cf81a4f
SHA512 24973107b1b93166c8de5e4972df415e90d04aa5b03910cab177d6711ba484c7a8cf689c5363c803e2dfea1e735ea31a009d81784ddb609b083ddf0383944ca3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d22bb4d8ee244aa9f3cde4327283c2de
SHA1 0adb122aef0f426f8bfdf64e4e79d9afa558d9a4
SHA256 4d81e09ab8629cb82002e902ce5fc2b6d17ced0a852e8d4bbd4b595572758c6d
SHA512 0a3112ee9d2a98ef4cfde2375c1ae146caeebedd71750f49bf67911b445ee38fa9a08d327dcc9a87a3d7e151783bbaeae3b641941690890fe81660cbc58e3ea8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5334327b99a4e8df768e97310a444dbb
SHA1 f0a5d766ca075c0cd5551322fdabc89e605a3684
SHA256 0f3f25defdf2252a45def80389c6f29d111f9c9091859d3ef8f3f17602031fc0
SHA512 e0708397d39c8461ddcdf966d0dfc6d4e4b18aa67a79c632ee844b98b58fb2fd2f59251aaa26a4b95bc6bdf687d662a078af75d050023652a0e24693bfffb85d

Analysis: behavioral2

Detonation Overview

Submitted

2024-11-30 10:07

Reported

2024-11-30 10:33

Platform

win11-20241007-en

Max time kernel

599s

Max time network

559s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://valkclove.com/

Signatures

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133774358191312348" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2208 wrote to memory of 1444 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 1444 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 2952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2208 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://valkclove.com/

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc3bcfcc40,0x7ffc3bcfcc4c,0x7ffc3bcfcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1876,i,18438011079700318143,5645045559466401252,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1872 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1920,i,18438011079700318143,5645045559466401252,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2108 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,18438011079700318143,5645045559466401252,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2388 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,18438011079700318143,5645045559466401252,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3092,i,18438011079700318143,5645045559466401252,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3252 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4548,i,18438011079700318143,5645045559466401252,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4556 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4584,i,18438011079700318143,5645045559466401252,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4780 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 valkclove.com udp
US 172.67.158.13:443 valkclove.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 13.158.67.172.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 35.190.80.1:443 a.nel.cloudflare.com udp

Files

\??\pipe\crashpad_2208_MLTXPZHXWERANXYS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 11114abb1c7b540ccc9dbf5b372adcdd
SHA1 9b5f2326fd69f124a607df05e673928f49435523
SHA256 89928a74eaa89d904108bc0cccd96324eefbf3c529b4ca06c144e642f11d4390
SHA512 695b8449a32fc2222ba4bbf99f3300ac3e5298d5aed53c263a1818cb156ffb4bbca0cd630b770e5dd8a4f0678fb4b450875bad2dd6225377280f3d1460e6287a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ae10ec6d112e2a102d90d8b7c08b783e
SHA1 3e0bbbb2426d7f74269820dd10a702f5c2a93a3e
SHA256 5e432ba8e8849324beac6332837427eb60fe50a135b965b3a991162771b1e48d
SHA512 1b32975dd10ec4e07e50ce8871708c6862416ea0bd5381cec749c923877d9ae96ff5dfc11a0ea90a1e90402d9288119b51c4cc89eca72c19e3a394f31146b5f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2f25faab92573eac25cf6b9b7e329703
SHA1 39f21ef4b269a9c06aa5a1f8b45077cbd5983f18
SHA256 e35450297493de354e209a0696f13816b229888cb05cee0b63c88acc28ca626d
SHA512 12b05d0e86fb49168164ed6a2cff0ed9b096db2f8c812422e20ee7cba39dd52c33240c2e28802e9826215b8846bd4eb9733b829acff45742981586432f7f52c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 54a13348dfe9763f45bd1434e489b752
SHA1 d1cb417394f592307feea1c7d73ba7b4ef924079
SHA256 ff1c03663f571eb7573c5540e124724d95eab19ee5c5aa663b7903aa37511562
SHA512 2a8b4b39c292003a63793e9fdfbf3d1901c5dc7d02f47affc6cf94891c1c9df874896379996e675ef72c4069a3631bba195d9061b0d4eec62a0b1303c7d48c53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 15364328f3698325f5abab53ee890252
SHA1 64b190ebd138d39ac8247ce53400bd5319171112
SHA256 a552fa98868aadb5c40f365c57e1e45d0505db2531ecd068d3d81059f3da6de0
SHA512 2200f89aab886ac970647df29088541257f89a83949d1079ddc92294fb6fce055a4dc51ab76063e997cf5ae3b15588910e8afb5a62b4424ce985709800b2c753

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d7702f92ddc9b2dea21c1a19c1d58068
SHA1 e655728d0a1c49a85ba6c83f36bada20d45c783a
SHA256 622d36491d8f85e48acb72e67a862fced735d32df8f4de4b33a4f58a71b79ebb
SHA512 50e14add48976b829d5202b1861af932864a204783c9b8630a8acf7e40e4fbbcffd022b7e7f5d47fb9d8ab002d8e79734d1d66f50db98558aea8e821738c6b14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 641cd9cf04ad6b2a2617cc882006e7df
SHA1 049a7d99443da17e1b41257452072ef5a4a002c9
SHA256 37a6ce4899daface1c58ba17f2a8996ef7d49fd74cd8b524d30bbcaf3340efae
SHA512 5fc674eaae337f37e524184c7794437a7046ce58e419b47265e377e1e6940ecae0c08e38a3142256317abe4c5de8f3d5dff0b3557cd465d2f29bb34a309be78b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ec0240ec9f1bd22aef28e7842a48603
SHA1 8c5f4594dd7300553b9868eec0e55f1db408d652
SHA256 366721c8f16eb141f84042bf22528d46e77f8de0bcde04cb06946ae5e2c61a99
SHA512 256a9080c51c647bdd54ff6bbbfc4a91c0948d45dc3d82b8cc799fa818758bc8da56f458635896011e437dabfbfc23f3d06b3d320dccbfee4eabee527d3b2ba8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e6c6f70a6838dc49b21d87df525ff329
SHA1 3ebd3b313d7e29a569b9761958b3619da32d2071
SHA256 ab71595c6b31c1de098b77b18dc76e07bb9c729b4ab86461a18c92fe8719e5a1
SHA512 55a3d71f7a211c70448252e47fc570856ddb61b35094a652769548b59cc2ddaccfcd9c090be9f9f2f9bab6e92fcbe074e6d2430d6ad4f0e3674243e237c40384

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fae141919b9652094fe39051c097d24f
SHA1 4b227eb62530c906fc0265d73989ac9c6b692a3f
SHA256 14b8071926f5f2af10ed5fb043fd38b21abc19333730b58c444905fbde071062
SHA512 87e697c205efcfc3c56dc1d8f1323a8c527478dd4d54a992fa33d6ffbd07b6c29f7f42bce13ec2a7a6794b934526cb38ac484ce6f31641bb1104bcb2fbbb332d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8746fddd2874e680e50dc5972289afc
SHA1 a62becc239179a8eef7937f8f49b87d8d7cd1d44
SHA256 ecda5542287ad7fd69a482766ffb9f7682d5e133b3d9ae0dc8fd148ff6a6960d
SHA512 7770e510913203c317d30945af28c8397f8d9a813262c7bff014be96643fb860873ac23f37dad6c59ebd3bae0559732d3fb89cb4a2b733cd0ba341514e600f34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4d9e4756a1c81b9000a3957b02759eff
SHA1 ad18a5e17eba16d3f76703c8c4b4492d3487640d
SHA256 3f54d5a18f2398937861738a82b2b5a0cb0076d25ab9ef59157872ef4d1f789c
SHA512 ac898d1e2a8a7bc6f379d66c412f794a51ba4e589e9f0edbcc6ac20a70b5230cd5495864df3ef2f4c77a6f5e5f792db1334884d3388d2dcf46d4500c783d5648

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 98db0bdf17d63ae82e5721dceb78de59
SHA1 dc84c0275fff433bc18d174a21a84084a74f0532
SHA256 78f7c1c140c9aee0d74dfbf7a8846ab2ceeebde4b12c29c51262c3e5db34c913
SHA512 2c9c78410e31c98636dab4b54617f8ca1ccc7a4f04d67a6c6e5a893ad10ef03e0045d17da2276c3c1f4b4e70c962dfbe9b58731a8130277bd3496e5740c689df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 07d2e39b3e501cdd27932514e65609c7
SHA1 b6ace5d6f1b416b4892240892bc8501e780ec388
SHA256 6ab2edf92b8e3a2bbd91078447b6a27f8671d2c74e3e15272bdf922cfe0e2a1e
SHA512 d4eb171cb74118a8ac11bc19c878606ad4e2503c69a651eb8120e207d03fe08e3b709f6b6c4d9106711da3287d13c036a45533d92d3dad076b384c46c6cf9a6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c97506bfb09df93daf7fdb0bd10f76dd
SHA1 8cf47daf96fa26ff9df73b0d5a95e801027f777a
SHA256 5e7400529b1a2853a609e22321a5161bf0a9d6d76b3c865ae52e78b46ec2fe65
SHA512 9c767022d43ea222d6cf6f8e70531fa0ef45369264fbd07bc54702657bd41e32e1dc08bd179f84169c5b12ee00acbcfdc6406b7a21b92ab1403b198da182d317

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 53886e81ac37965a6cc0fcb213f9c057
SHA1 7a1fd3c1bc49701fb44937cfb355289870501962
SHA256 3af53904c5791d3d2f7ef409e41dea3f660b800078ca6b1184e95c3572946d6b
SHA512 d90ba6a8944e2689c3295eac13a74e40822250c214295fbca65da5025781abf9da2bc23ed9823ae02d70ce6096e5179bca27cad0af9bc63dfe50fa36379f1104

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9b116d477f156256db2dbb7f4f87e15e
SHA1 e31dd480747812f37b28866161579b0a7ed58796
SHA256 c477d31682ca9403d8b47aeeccf51b97599687ca020bef4e05e63e388b35d1c6
SHA512 d5d7e04e5630b371e88845ce2b6bc9a019b80df8cbabbdf8c003187cc4d89cef9064fc7c9fa4aecbf5e6ce63cb65b38fca436ab325981fffe143ba5cc7e7531b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 69ee24b7c6c0256f14ed2051361323cf
SHA1 32712c5d05d7226dfe2ff4f3df339cac99b0ba0b
SHA256 4ddcf27957723ddc3873ad5cfef1d6f3a7ed6fc3948f6bd4b6ca11575904dd8e
SHA512 122fb2163dc124f50a79ebfa880c0ead9dfa303e1e078810a5d3eb1d6f26b14f5379f00361734034e73e93dc233b5a890f1396836dac4802927f5b9527b930c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8ef183bebd63c83e62f29c0144a5aea
SHA1 0fa182c45152a447008a7fefc64d893e359727a2
SHA256 1d3b662f63ca6c055d09e8b2a012af3b17e9c05d3207429ab36c7362f69a17ce
SHA512 7c651e4fe30590fddd4337dfe358767c3c6474f116be387cd99edce53f8dd83a88e80fc213979e634e25c2de6b63226bb95ba7827c56a85a38e291676889b153

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 38071be9cef68925f6cbcc564bc39f4e
SHA1 9691ce4c36a5223de2c267fb3f466750b3651c5c
SHA256 7448f4e129df7a449252e65d216b0bcf6dd641f3732259842ebd63de861a7f01
SHA512 94b21bc028eee4941ace14a101aa0eb6f5ec20b8cf17eda19c24f5d549ec370bebe2fd51e7cddf8881efa79c10e8495d9c4da67b2effe3535354b5f35af3e739

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e07ef7ec7d810a242897e51841c2ed2
SHA1 eca90ff3c5c28ca0dd961a6a1c0c4e0f5236d60a
SHA256 d909b9962a3a1cb2f356182e94a3fdf220498a7b3ae784aa075d6e2aa5424c4f
SHA512 93dc73eabe69019cbe89857b22fbcf0f07ae680d054c3b29653d94c406b0c9f5c2ba03779313b961e65757955e26ced9ead28cdbf37468de16537626499bb7d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 78baedd737c8b931f4d8e0fabeb141d2
SHA1 3b744e5abd022137d09079ee8667e07ee58e9b4a
SHA256 bdb4765023588db7e2cc66a2d061ba52aa90333fbbc12278b8ff67aa5049c1ee
SHA512 65b5f8a242f67b2cc1467f23f16631397a831c9acc72350eb27b5eb9558b8c660ffbd2c4fe0ebd973abcc907272f7682e6aed477ccf7f2a6af7727df46d1b68e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a75e036c7cd27f33b8e6775c43136f38
SHA1 f613fcc009ccb0f148b0c5bfa40702b26e020650
SHA256 b2cb7e147008629f5516b78f905db885bf6bda041018d4464e8d32b327f535e5
SHA512 6a91fc23fbd01e598c048aef9de4c06befa68a00cca7954e18ac98cb673a828e60f89570596e342de417862cbf3e1c6cae9e99f36208127ba264341f109627c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4f185d99857b4a63b929c3f2f5dd25c3
SHA1 fc59996c237e8f5e602f795dbd4821dfd80160eb
SHA256 d248eef6c0822cda575490798ad2dc4f71c2222bef341078729723763a6c327c
SHA512 93d710f59c815735c955573fd72a960b5e6b186b74274b9cec7aa18399dded48e86ce6c810bdf6ffa3635be9797431c53756ffb4726a4964194cf4ca7223ac00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 818cfafc9c0ccaa15df98439fdcdf9fe
SHA1 725f86cca9416deb6d8eb37b590617e607e73d41
SHA256 ded55c5ec8daf4dc7350de5b7a3925f5e11e0049ee5f38915b4b8ac3172321ac
SHA512 d431b9009afd49e10f030cb10ce543264aa708752623e43ec5aa1a7218e48139dfebfffbbf7b3fc09a648c1404e6264f39ebc3294c5a07dfa52977115ce4b3c1