b6129cbb04b56add0cecefe73fcb25f30bc35c98cc90ee14cbda9b8b773a0a99

Resubmissions

08-12-2024 04:22

241208-eznw7axncr 8

08-12-2024 04:18

241208-ewyxzsxmaq 7

Analysis

max time kernel
119s
max time network
116s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
08-12-2024 04:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

FluxTeam.7z
Size

20.8MB
MD5

712567a666b820cda4fcea9cf5dc6b61
SHA1

efb6f5378de5120b60152c8a3366b6d0d8b536f5
SHA256

b6129cbb04b56add0cecefe73fcb25f30bc35c98cc90ee14cbda9b8b773a0a99
SHA512

707e8260d3dce6d884ec18c74b6ec6f81e707b0117ce45f88a595f9ccc3f16b357e36ef5f4bd8c5c15c9ff4b9496d23d0e3378194f1e4df936e36ecd5a591d3f
SSDEEP

393216:iETU+8dwON1Dy0fxtgtpKzwNFffPcGZRpDaLX7hJ9qvzZWJxy1h:iETUECJy0fzgtIzwk+RpU7EVGED

Score

7^/10

microsoft discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing

Executes dropped EXE 1 IoCs

pid	Process
4396	FluxTeam.exe

Loads dropped DLL 3 IoCs

pid	Process
4396	FluxTeam.exe
4396	FluxTeam.exe
4396	FluxTeam.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs

Web Service

T1102

flow	ioc
66	pastebin.com
67	pastebin.com
75	discord.com
76	discord.com

Detected potential entity reuse from brand MICROSOFT.
phishing microsoft

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Crashpad\metadata	setup.exe
File opened for modification	C:\Program Files\Crashpad\settings.dat	setup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133781051432170266"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1045960512-3948844814-3059691613-1000\{B2E25254-4EED-43CE-9604-E9CB9DC96A96}	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1596	chrome.exe
1596	chrome.exe
3468	msedge.exe
3468	msedge.exe
3420	msedge.exe
3420	msedge.exe
4596	msedge.exe
4596	msedge.exe
3540	chrome.exe
3540	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2036	7zFM.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeRestorePrivilege	2036	7zFM.exe
Token: 35	2036	7zFM.exe
Token: SeSecurityPrivilege	2036	7zFM.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2036	7zFM.exe
2036	7zFM.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe
3540	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1596 wrote to memory of 1364	1596	chrome.exe	91
PID 1596 wrote to memory of 1364	1596	chrome.exe	91
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 880	1596	chrome.exe	92
PID 1596 wrote to memory of 2196	1596	chrome.exe	93
PID 1596 wrote to memory of 2196	1596	chrome.exe	93
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94
PID 1596 wrote to memory of 2508	1596	chrome.exe	94

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\FluxTeam.7z"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2036

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff8e90ccc40,0x7ff8e90ccc4c,0x7ff8e90ccc58
  2⤵
  PID:1364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1864,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1860 /prefetch:2
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1900,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1944 /prefetch:3
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2120,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2356 /prefetch:8
  2⤵
  PID:2508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3424,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3716,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4532 /prefetch:1
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4844,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4852 /prefetch:8
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4992,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4896 /prefetch:8
  2⤵
  PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4896,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5184 /prefetch:8
  2⤵
  PID:2536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5324,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4884 /prefetch:8
  2⤵
  PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5316,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5188 /prefetch:8
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4864,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:8
  2⤵
  PID:3688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5344,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5396 /prefetch:2
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4724,i,8166244848058921630,5818231444043494807,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4496 /prefetch:1
  2⤵
  PID:1616

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1908

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3064

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1748

C:\Users\Admin\Desktop\FluxTeam\FluxTeam.exe
"C:\Users\Admin\Desktop\FluxTeam\FluxTeam.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:4396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/fluxus
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  PID:3420
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8e34a46f8,0x7ff8e34a4708,0x7ff8e34a4718
    3⤵
    PID:2860
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,7805330232629550392,11805480455045825799,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2020 /prefetch:2
    3⤵
    PID:4752
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,7805330232629550392,11805480455045825799,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:3468
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,7805330232629550392,11805480455045825799,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
    3⤵
    PID:1412
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7805330232629550392,11805480455045825799,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
    3⤵
    PID:1448
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7805330232629550392,11805480455045825799,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
    3⤵
    PID:4376
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7805330232629550392,11805480455045825799,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
    3⤵
    PID:1736
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,7805330232629550392,11805480455045825799,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3612 /prefetch:8
    3⤵
    PID:1956
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2128,7805330232629550392,11805480455045825799,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3628 /prefetch:8
    3⤵
    - Modifies registry class
    - Suspicious behavior: EnumeratesProcesses
    PID:4596

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5052

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4944

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8e90ccc40,0x7ff8e90ccc4c,0x7ff8e90ccc58
  2⤵
  PID:2572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2032,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=2024 /prefetch:2
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1848,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=1872 /prefetch:3
  2⤵
  PID:4820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=2440 /prefetch:8
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:5204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3136,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=3384 /prefetch:1
  2⤵
  PID:5216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4616,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:5380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4604,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=4936 /prefetch:8
  2⤵
  PID:5680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5056,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=5048 /prefetch:8
  2⤵
  PID:5744
- C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  - Drops file in Program Files directory
  PID:5804
- - C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x268,0x26c,0x270,0x24c,0x274,0x7ff6e23f4698,0x7ff6e23f46a4,0x7ff6e23f46b0
    3⤵
    - Drops file in Program Files directory
    PID:5820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5428,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:5896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3272,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3180,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:2304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5644,i,17410183880395643562,9278206905588312583,262144 --variations-seed-version=20241206-115553.776000 --mojo-platform-channel-handle=5652 /prefetch:1
  2⤵
  PID:5656

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:5340

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
9e930267525529064c3cccf82f7f630d

SHA1
9cdf349a8e5e2759aeeb73063a414730c40a5341

SHA256
1cf7df0f74ee0baaaaa32e44c197edec1ae04c2191e86bf52373f2a5a559f1ac

SHA512
dbc7db60f6d140f08058ba07249cc1d55127896b14663f6a4593f88829867063952d1f0e0dd47533e7e8532aa45e3acc90c117b8dd9497e11212ac1daa703055

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
e74b5bb5e3acf4d65bd0ba4c93b0ac82

SHA1
4e2efd5ca88532ad14ddb54c4fed3203dcf7acba

SHA256
2cdc765b2f4e71b72062803d2e3435fd6b4502530ab4d43e73ad0cfa0a2376d1

SHA512
43175e900f4aa1ab361840c839cccea2fde8df131c4fdb916501687d12959b828bfcab0c4b5c166188a7173e7f78dcd3ec583ce00771c582ef6f4c1beabfafe9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
ae7a34159b569a99bdfcda4ea4a817e8

SHA1
ef3d6ec0fc8e3a5bea99ed2e9022218d892cbb88

SHA256
ab7c12f51723ae8ea98c2a613598b1e254cfe8ec09e01129593998ffac162ff9

SHA512
feb6fa58d7166872c5c0c4985ca14aa9fd3ddd673d13a9c429f59d743a07b7770496b1aa48827ba25c4cb5bec076e63d3795cd088079129a0c2d4c20ba0a0311

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
2b142ce3956bc9746ac1c8bb2ae81a26

SHA1
837a5ae48408a0cc53c8bf67b729b59f5f827363

SHA256
2734443e1e6c0a292d92d30cb52714842f8ff440484fc1615b346d4a644b7159

SHA512
b16db1e8f820f387e991227edb04a6cc0ce3600d8546a356b42cdb8130c01745b870e164d746002f28e39e237dbf09e9d51a510f7d089e4573e9630ee26efe94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
0c91db6214f5ecf8315eb8602ae41c64

SHA1
16f959dc12b3c9852bc72fff9ee74c7d674d23e4

SHA256
435bd888d4776201552bdea304d975022cb88afcc14545003409a18ccd7f70f1

SHA512
47113c84479db4b6702bf71436502e3476855b7bcbba1d4ec6c3a1e33efde3a4b94d556d955bff29fb3e0f56eb2bf92cc6f6b04a69d19c5c37c867efe55e89e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
dfbf709aca5370edb68d2d17ba8e0343

SHA1
e24814a6a880fce7799978b83758356862cbcdad

SHA256
abe5d559af0e7d8e7bbf6b1506be4707b43b0df0da45259470fcc597c1b00a88

SHA512
320f6be081aa518775cd945e4711d134777aee937f211fa41a806a62d8da8585e7a755aa75229643ae937c8f9ce4b4f4d191c97d81633259d4d0c4cc7480a42d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
41KB

MD5
e319c7af7370ac080fbc66374603ed3a

SHA1
4f0cd3c48c2e82a167384d967c210bdacc6904f9

SHA256
5ad4c276af3ac5349ee9280f8a8144a30d33217542e065864c8b424a08365132

SHA512
4681a68a428e15d09010e2b2edba61e22808da1b77856f3ff842ebd022a1b801dfbb7cbb2eb8c1b6c39ae397d20892a3b7af054650f2899d0d16fc12d3d1a011

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
33KB

MD5
f4f98f41d91a33fa0cb6f65cf84d5a7e

SHA1
8b8ef8f35820176ac061f4760ee9e7e9e69eb8c8

SHA256
1d7499f528e590083ba6a11d748cb107333f83db071b9dac214b51147fd9d8ab

SHA512
86ff84c238465a9d347723e8b8f4ac5d7681ebb91174315bb516a8c92fc2518e650348cf05097113d290d6965a05c62b08dfd9fb01a57727ea62b6754e5b2cd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
29KB

MD5
240557825fadcd20787c8239fe67a1a3

SHA1
3419d46f7d42b48fbde92037bf7a27f42bf8d6d2

SHA256
38c85e29fc02f1ef1324b872c26fa3309baf7fd0cab40faa7c92c2dac4469462

SHA512
33924e3955c3a4b95bd7cf93f3f60b90f0937134817d3549f1b38312a731fe018ff050a68edad7860a1e2c8ff617f4522be7aa4bf2d545088cb72d2a75e4ca97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
17KB

MD5
b62c19f75e7d29a3f46bc2bfe9934a7a

SHA1
c44c0ded7619430937281c4c787d6cccb0f5c5f1

SHA256
d424b712ad70fc5238cfd44fdb92196696bac433ce4d6b884ad8a1246a5c4821

SHA512
fad43854d6874be37960826d3429b87b4f3b100728c67171649291677af4de57e227c7e498bffe4c9e3d9f236bfb67b516722d0dc8230e1463db1b0b7a39c1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
16KB

MD5
2ddcce2d6d37b36ee631d4b17481dd43

SHA1
1e5f09466225145118c1edc48d311a3cc3cd1e12

SHA256
d8cf4f98a53cea9881f6e576fc75ac157c3f2df4f2ee7fe817b848a84d2e16fc

SHA512
427e53b34e1c9e589a8de38485b2d3f3a2f6a2f5485b2fadf3f0d0760816ef78fdb716b5f7a58d3ccd162b66a877782210f6b6829f48acfe3f14c1b4ee631d75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
60KB

MD5
e2799f0c1087b374c14514f46e7a798e

SHA1
5e0077e511f3f41d724979e5cb533d5a57b784e5

SHA256
faeff9beddcf49b83cf6658dc105f56e27543ab433c21f3e79bc2023e964851b

SHA512
40c19f7a85ebb0c6097956b77388a3df5f9907e4f4d76dec4d9796cab2afa5f5926cc97a033403358b213e9ef5025b88a5e4f24e678567cd4a98938c910d6ca2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
55KB

MD5
0585b049051d250fa449e551aa9dba79

SHA1
fa35bdeb88a4aee458027d0d9d15600b997b1061

SHA256
4517f2ad48e5b8e7e02ba278591de04fc5553a42e7bfac43a981ab0d95208512

SHA512
fd38dcc727867834904e0baf12f4efe56ff68777e4786dce4b9b314ebe48a3faa3fa262c2f768a69bae84de344eeed080323b32b3899588465fc55687174d6bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
34KB

MD5
ed09ee46e34bcfc10e9a9fca8667049b

SHA1
44251e2dcb514fd6dba69839adf78a35df144e80

SHA256
a98661d41ff8544e4394e4746e2c0b6fca06898066464c9a4c1f5ef977f9946d

SHA512
4b240be541dbd02156fb610bdb674ddff5631366d6d74464c8a70d78aee2b57150081dd6d2ef4d0321c8bb8aca0fc8e152ce74366026299b59fad399b403c5a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
08e17c87a626b83eb294f68e5b345543

SHA1
ad013be3a752efd9298b0af792e31e5d662f378c

SHA256
fe20f07df9f43313f3de158a9f47b3bef8e5e55067ba091c401966b02111bcb7

SHA512
eb27a9f9b9e2d61142e8987713fe21297bd994a402f85c3a8bfb1cf51b38a60d5b3e3b041ae810dd72cfca06d4cbfb678482e801d07bec90e251b40c7cd7313e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
fd57473c63a4ec7e0de95ab040046cb9

SHA1
50eb12e4f7b4d4ba927d637196dfc13ae35c12e6

SHA256
da3e39b4e5b6ec40ee174d15b53c7c58f970fed3bcc7582010fa414fdc0b7acd

SHA512
17494b904aa3de96f668afad556d657baa4f366716857570e0533cb4a6ce4548f1f4e6afa5dc581dafc514c786d9f0d94686182246a3c80716df04f6393dfbaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.84.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.84.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
91ff66d3e21b53085a60bfaa27b3f2b9

SHA1
a61fab3d6b4bf12969d308e4acea4a4873af08b0

SHA256
b451a04369f6f6d5da1556e5b52e83e51d0e8cb294d839174f690c827a152c4d

SHA512
d728f2ba376a2551be36f3a6425cf155c37e3d9cc924af10d3891d11942adbdcb943c470ce2796c854e09923ffe2eb1ea6933e1ef0892820b0bdb78fdc79c9e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
6f6f4fcc7a8cf0b62368fb5501ed2a8f

SHA1
ef8d94ec03196edf2a48809c31b3f8e2f1d24551

SHA256
39fd69a706b17056dd5a7ad034c7b4797f9cf7e567653639874da44b36f917b3

SHA512
96cc7216649712f4125bf67b2bcb0b0c0ee575dd2064bdfaa480e9e65bcc133cf7951d9f40f0082830c2b12d656eaf10dd3ae7950a65f8c75943caf6e83b1866

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\5982d76c-3e4c-4656-9d71-4d35eb502fd5.tmp

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
b8e9420d9412c2cd5ed523146cc85e3a

SHA1
407e407fc41bb7eadec4b75476b2a434bd0d45be

SHA256
4afdb778d45f717223bc514535697dda47645f5612a8ee985d07affbc2c25b04

SHA512
758208e0c9df40f310d42ee9a12b054b6e155fadb1e14390f97c233439a44cf9f27595aada49ee7a295323eb14c87266a3f8c426efa1059bc984142d5325375e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
9e40233031fb8908ecca39741e372ed9

SHA1
2dbbe8ec8e4481af57c7385c5f317e39a9f691cd

SHA256
e5aa583fcb0fe24b298868e7afc243e3175054febfe46c719cfab72db7f57e4c

SHA512
29339c893152ede591ef11c37ab2b33a852249268dc30e1f2ea608074ac96bf900bbf214009d7270efa6428a434b2db10ef51d16d5b04b6859358807b205d227

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5a13107dbb0a4c519ebc609ed5af376c

SHA1
bab3ee8778095424b2956f9cc70164c2bec566be

SHA256
ba7d06521df01d51bd6028d3c5b5656a58b67872ad8c4f9acd75bb4f0b3cd0a4

SHA512
ef374155d7f6a047bcf5e8c183d5899fc276e04521612831c51ce003d8f60c8aa6156f75c4310d828a7eb8a549650b4d7e6df140c7355c33f101b4dc7d8651ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
0245971a3f9e76b54907e02388a50f1f

SHA1
8d58cc2bd1abb78be1e27c5a4b21595bc78b03ba

SHA256
eef8a232fd9924cd482f156851d4c03cc3883dc32b213bc1b5ce4fcad69c7bd8

SHA512
05b60e6281280cbda9097b318f078bc49d329ef38c83abfa566e3fc5488cc39baced83561b8cc4c9ae9c46e45724c16115475d1bd9a05ade00c2eb7eacb89336

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
0a6426b390c50895c3164f4e5a5b02b7

SHA1
9110c1d1832eef21b631e05a7e622b81bb7ee555

SHA256
0199c199a8d16b17559a6e84bf6df61c51811af5531228b8b48879e0664565f0

SHA512
fa01db1dfae833bb72b777c3a1e365ff6e76ef5a13a690903b828bdaa7b569af1a7a38fc3acf9b7cc1e3290b864317133c66b81e4c274af3e445b29d08d65844

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
a556cc4644d0b5efc514058a677e4361

SHA1
ccf1f6df4de33bcfe83793bf2e49268a085974a4

SHA256
c1ed53ba7b4510ffa149f35d0e5070f2ae0cee052d50444cd643fd8dc09bb43e

SHA512
8baeb5205b3591bab5f13c55124485ff12264a553a282e38f0eb8437fd31ebb401b7bd4be0e9d4181a3be408ccc2b59c58ed0c5515ceb3d9ca9f868b0ebdff0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
21f05cffbb39236f377493ebeb94a272

SHA1
69e76c66758bf8a82937c3d8a80c9ce17e7ed3cc

SHA256
6b9e72988de7122738964061f96c23f43a44338fdbc05c3e6da76c89f157dbc7

SHA512
2c025f950bebf877fabc94d5af88be88e9236e830b7891e79cc50473283c4731555e166c0c5199954e8cfdc8fd468396732269e12ba4e9e1feaf1c81de9813f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
896e502dace78bf744a6a42e4c62cdee

SHA1
e45fb466b149ac3fd44fe0e78d5d6e3c31820b17

SHA256
3961f4c3a25711528202b39bb61ec1b81daa47ad33631ff8e0d89608df4c0744

SHA512
2bec4d96752562079f851a87447d216e680c20ebba9dde141d10abfce388fa92d1892d0086f0da7e5d01905f8fc90fe452f0abc0bf42ba11443a6a86626a96ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7f2cc42e639130efbb1301a4700192d8

SHA1
1bcd1ad9db13970351e90acd580c7d9f75a3a08b

SHA256
ff2b714cbf405d87f909ff829bd24d0aafb2c26b2d5077389b05b004bea86ee2

SHA512
501f27fb7ad7797e7f41f75cc966b55bd7afad6ab6361b7deaaf4ba0f4bd8a7053553b7c5557bf0da21b0786039f4415bdb4d988687b4996593d05f7357b0433

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
22c2528383cd2b8678e2d6bebeae5e6b

SHA1
1b44e72e49fefed7b06cbc7f52d49916e3304bc6

SHA256
ea1593e75212e7f342c3887be2edea31d35bc2ec56712fb8548e6bdd6b5c2b27

SHA512
966ea7d6aee3478624897cbecd76feface33dbbc42080c702ce706800bed587d8f548140ccd1403cde38098ee1abf39e7d974893267dc782ecca2716f14ae6ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
569a05d860fa16ee20acab19e8826f5f

SHA1
f43341c1ec76bbef20b37b730c82561eabdc2dcc

SHA256
86461c89488c64c394f02a6194ad789c840debd47e8d544343ae9cc99eade49d

SHA512
b838cdb423b5d2b9aff37de72932a0cd1dbf652bfe16d0d4199e67c77795eebaa709cdb98943daf30fe3adbac5669ac79d574d07f59a8c1526d0578ad48e3abe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dce25d36d6c9e975bf7a568dec5e622a

SHA1
01f69f61d087049abd80077e8a95f759fbc51f9e

SHA256
20473d3854a20e612875d7814712538e8db3c8755d2936f65606bd0189f9ed65

SHA512
02325151b56105f81d31a0c3085084342eea0863cf7caa480a490c06ac13121b61a718a2a487e21fbb4eabdbf6aa20e502f48b926d562891bc1143fce6dda608

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
efc50b86934eaba0487a005c7c2062b8

SHA1
ee2ea1657895bf80afa8a79cdd2b8d81b6ebb778

SHA256
18078c0d86a5132bc1ea1838b2f79251aaaa973ee7dee36a444320d317b261fa

SHA512
841623175c5722cd0da831557b2a1ce8cfa86745dc67c08f7371dadce84cc530c6ff97d8ba0892acb3db897ec4a0913b7e0c43bb72484471ad15b4b0782362c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
304db9b5a2833d4da8c094c69b03d50c

SHA1
3ef8742a4ccbe8b108adba9b56071b657ab843a2

SHA256
46dbe011defa9f32a303985424ed6de3caad6613fc1f982d2f402c195ddae196

SHA512
4ae2b62049a2a17131f50a024cd51267ae7afe47bffc7cc556ab6af3a7f45b4ed9a90b744d914146c6bcbc7c2ff49d1c7eaacf64e00ec107d1546406cb9bfa50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000003.log

Filesize
3KB

MD5
921eeb5889843adb7069b3db4d4b7e36

SHA1
456a3b5de28596c65cde20e4ac15fc1473ec7224

SHA256
5567cc4b009de46feaa87885feb302808b846c900974a317a8e4428fc9997971

SHA512
055b851d2b2a4579bf21c61ab77d4b955840da9977d2e2327b103a24085426551f8f0f6ab661f6854f2473aa74ff0a0ebeac0610c9279199ba86a279f20ccde1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
336B

MD5
c400f99cd30aa23f4d0cd169cfc28a13

SHA1
80d30161b13688c4887ace0ad4f9ec3cf9b50feb

SHA256
ad07450247f99503d8854f41bd7177c797966bd97f6d9b6d29f179f5ac1ed6ba

SHA512
d81748981a269ee236ee43111611f52ee1d71b1ff96f6a31e81f41d7238913c140d46b41fe8f86961ddc2a3d80232dfb695e4705def795a26efaf6016d84d27f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
262b5544e3bdcd7a2dfafed3dbbdf4d2

SHA1
ed453c3f399c912812af0225395dba445dea8fa6

SHA256
1ae98d7b7699fbd099785e37d08d648b24604889d944a96a2b53e8003efd0bb5

SHA512
54cb6225ac18c2f11f3b682e5d5adb6f9545ef5628fdcd1c5d7307a5c3ced9e7a80736d42fcecef7921049121e20bd526f4824cc0315bda3d8503e354d595ffc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
324B

MD5
ca7352f8f0472f56c65eadf9b1ae10c2

SHA1
fce9e176d6196288931c21f2b5a470d72e2c2714

SHA256
368fa2f3248653082dc9f1419d373a4f069f78e74ff4f32faac4ddbd51679f47

SHA512
c13aa56b1dfbb2dca8fc5764a352f246f6617173174b49899dd1af49b9ce649a48ff171ee3692ae0e8e7e69f48eacadb0af0cc3b458257ffeaac455627446751

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
47a2cfd5d6609fade7ccd9f6ec668bd8

SHA1
ef26a7b8a9c5734c53ca2c49665dbab6834ad759

SHA256
004c9d41456ee9d4833b0ee2611bdfc91b58b0ce738dbd423b9eef03f796e156

SHA512
497199b98ff23271fb4e61412cb60c9e8e4ba111d7866c95f17d17bb260dfce50937a782f7fa587280a802f2fd1350ea7b7310cbb8e82f8be5d10125e8b2b063

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

Filesize
114KB

MD5
c8ffa5afdde6be3505fb754b6dc9b3e3

SHA1
d5a8690227393df4946909e3241453aced2036d1

SHA256
30bda047c5c31accaa873e3b4075acbd4254e080b9bb63704df1efa065282548

SHA512
a751d2a3958ffa5e55d11d943da163fa4a91e63b88e9268ac09540d4b95332ee2283c79c424e006473a5aa7182dc4ea318487f3c119479e65cb41c164d03c605

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
ef48733031b712ca7027624fff3ab208

SHA1
da4f3812e6afc4b90d2185f4709dfbb6b47714fa

SHA256
c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

SHA512
ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
5f22e87a00b17f2cc239174f5c95c7f8

SHA1
3d5eb7d71c09ecba4ee4241f557b4c1996245c12

SHA256
1439f6ecc65ee5eb552d6f17ac403c854ee52d26b52ff348e05cbce3ab47991d

SHA512
63c738613e02a24cd72f6a020ef7d1f1947d83dba3eaf6ab87fe380d23bd104bc40327c4d0a0ff8ce083a71b14ef244c4ab2fa5a8d131cf1e1ea7e2708c23c7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
119KB

MD5
87cb7e5ea2d7de5f90f400c6dc498987

SHA1
8e5be610778c7658643d87456c21be62a68f28c4

SHA256
a41c8589a545b0755a5de3264a6791947a2fc6eef840cfcd67cf74575556158e

SHA512
687856148f4708ac897d9eecc16e2d6b6a420985368830931f3d57601beab679e6f69da28d0b15c80a7e6b96f0e511d01aea4cb20e0463f0e79310e0500dae9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
119KB

MD5
440d0bb1918cc4374078bf461e205d4b

SHA1
d8618fc9e60cbd6dbf3e90c894d3d8faa861d4ef

SHA256
5e6d84ee8e4f6feb5ba68fcbbf55490e0bf4581ea9baf59268fcccb6d58d52a7

SHA512
b3ccfe09f2bf54e0724531acd60f7bf874e928f779660147703582070b241238da10b96939a09da53df282cb1d00f392f6de0cdc814ed6416e3c60c17f62b318

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
0fe4983a71d735f6be0d37625f1a91ce

SHA1
dc737c76696c31a45134606a17ddeb544b0d022e

SHA256
a0d148b37d4b1b35208115ad4596faafb63d148046b6e3ff3dbdb95e43ed8a4f

SHA512
21de42ce181d8879bcb83decc08ecc9fdbc9642e15cd1aa1b402c964ac47ff0cc9b0f381b739b572524c837bedb9adc66d2f629ee877c8764bf0e5feaf0bc918

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
b11d1e867f9f1650e6d4b827641318b0

SHA1
a3d2a28b7139f14f20d01d8cebf10bd5f08f8cac

SHA256
cc96cc6432afe15a99624b89a878e7bc830f22741a0b2508e1ee3b0788721bdc

SHA512
21b3d485f8f798529b953416f10caef2f68f8415b1a194cbd018ff47a23feb1240043fe074fa0de71096182645d882d9fbe5bdfb0204e61eee6e884fc5e39ab1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
fcf01112037c1d898481867864c7e33d

SHA1
75f54f35a472aaa3744a57b5b1ba19403db2b981

SHA256
969ebc58c2152d667e3d8a2472ccf93a8f41d08a4c1f5cf85698128efc013706

SHA512
d662af036659e348bff1b6dbfdfa88fd157da409b349a7783460c31617be6b2a44e6001d03d8e6523fd04ab2db96293e4cf3be5abd837d0b05854a4c539e309b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d22073dea53e79d9b824f27ac5e9813e

SHA1
6d8a7281241248431a1571e6ddc55798b01fa961

SHA256
86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6

SHA512
97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bffcefacce25cd03f3d5c9446ddb903d

SHA1
8923f84aa86db316d2f5c122fe3874bbe26f3bab

SHA256
23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405

SHA512
761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3d9ce596-89a4-4516-80ae-b2b74df1d224.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
085cc110366ece589d681e7697711ad6

SHA1
a679c0e55cfcf785dbbcac2afe49737b5a5fee08

SHA256
015241dd2e0d3b535daf5b80d8b52de94533cb2859d54f1dfbceaa1fa89d0c65

SHA512
5d8c95cc7e78e49b81b4af65acb589f70a272aeea85c8e380fb4ed919883081feef17fad87d2fd3cc29d9cb41113f1f61ba6c1043efcfbb037c035f7cbf559c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
879a6c2847c4dd1302e979d650822146

SHA1
3515e73e477b25e495e66da9833661f3e559b800

SHA256
bb61f77704103ee7d867086769a4aeac31705694f0b8761182253e2491962bae

SHA512
d34708aa7a70e80a6ff193235f705e265c9a8710eb02f575334d84dfd037375b35c41246ea875442acb82148939c42f94a195600f81ddf8eada1877d3e7ed502

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
10ecbe839a5d271c20f550aad6ac0abf

SHA1
7df7189b69503d245407a4fecd7170e9bae8549b

SHA256
e1c541a6ad6bc4cc0f4f8f4a9f103e73878d17037b808a39264ab0a0a0f5ec67

SHA512
7151eaf64244635305637325c6d98e6c10fe2bcf4796115526aba657e0d3e3fcfce604e268adeb26a43af4137c4a144e3f6db6339055edabd4798a35e77314e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
313ed0ef922180002df5c983d2f37fd1

SHA1
b16f995be2dd5eeec3fa49c4d93350339f4ffedd

SHA256
d5145646da5691fe715cb2f67ad5bdb581885c8d627deb59ce890a35f505636b

SHA512
9976a456b749dafec3b7f216e7663eea07256e6fd0f6e285f5af170b75cae180d0f803fbdf8337fd94cd5b0855b3ff9e798bd8246d6e5c1660272a39ad0a9313

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeam.exe.WebView2\EBWebView\Default\DawnWebGPUCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeam.exe.WebView2\EBWebView\Default\Extension State\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeam.exe.WebView2\EBWebView\Default\Extension State\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeam.exe.WebView2\EBWebView\Default\GPUCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeam.exe.WebView2\EBWebView\Default\GPUCache\data_1

Filesize
264KB

MD5
db4b93b7cf8ccefea20d2d0867c3aabc

SHA1
4c30e7c9e9882ab38eb0b191786f1bfc0546223e

SHA256
fb99166ed957565bc86f73bc75ce8f0d66771f7ffc1d34767a2518f529fae06f

SHA512
4eea10541a43dff86d7ade189bb7c3ed68933f0c77fee1644aa0404ad85f2108ef37903ceeeb9834176f1338e43b0312889d6225f8ccfd692987b059f1b3a0b4

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeam.exe.WebView2\EBWebView\Default\GPUCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeam.exe.WebView2\EBWebView\Default\Shared Dictionary\cache\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeamWindows.exe.WebView2\EBWebView\Default\Extension Rules\000003.log

Filesize
38B

MD5
51a2cbb807f5085530dec18e45cb8569

SHA1
7ad88cd3de5844c7fc269c4500228a630016ab5b

SHA256
1c43a1bda1e458863c46dfae7fb43bfb3e27802169f37320399b1dd799a819ac

SHA512
b643a8fa75eda90c89ab98f79d4d022bb81f1f62f50ed4e5440f487f22d1163671ec3ae73c4742c11830214173ff2935c785018318f4a4cad413ae4eeef985df

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeamWindows.exe.WebView2\EBWebView\Default\Network\Cookies

Filesize
20KB

MD5
a156bfab7f06800d5287d4616d6f8733

SHA1
8f365ec4db582dc519774dcbbfcc8001dd37b512

SHA256
e87b3d155c7582d4c1d889308b58f84e8fe90a1581014b21b785d6694bd156cc

SHA512
6c8eeab3ae6fb0d5be7758cca521665b216f31aed1aeeeaf121c99dc9f0192b385de0da36e94f90dd4a9bbbac6be2c5a55d2f284a24ccb7dec2c5302fb9b027c

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeamWindows.exe.WebView2\EBWebView\hyphen-data\101.0.4906.0\hyph-as.hyb

Filesize
703B

MD5
8961fdd3db036dd43002659a4e4a7365

SHA1
7b2fa321d50d5417e6c8d48145e86d15b7ff8321

SHA256
c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe

SHA512
531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeamWindows.exe.WebView2\EBWebView\hyphen-data\101.0.4906.0\hyph-hi.hyb

Filesize
687B

MD5
0807cf29fc4c5d7d87c1689eb2e0baaa

SHA1
d0914fb069469d47a36d339ca70164253fccf022

SHA256
f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42

SHA512
5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\FluxTeamWindows.exe.WebView2\EBWebView\hyphen-data\101.0.4906.0\hyph-nb.hyb

Filesize
141KB

MD5
677edd1a17d50f0bd11783f58725d0e7

SHA1
98fedc5862c78f3b03daed1ff9efbe5e31c205ee

SHA256
c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0

SHA512
c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE4F7B1987\FluxTeam\workspace\.tests\isfile.txt

Filesize
7B

MD5
260ca9dd8a4577fc00b7bd5810298076

SHA1
53a5687cb26dc41f2ab4033e97e13adefd3740d6

SHA256
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

SHA512
51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7

Download Submit
C:\Users\Admin\AppData\Local\Temp\844b874f-62ed-4e97-baf7-93c8100091e8.tmp

Filesize
135KB

MD5
3f6f93c3dccd4a91c4eb25c7f6feb1c1

SHA1
9b73f46adfa1f4464929b408407e73d4535c6827

SHA256
19f05352cb4c6e231c1c000b6c8b7e9edcc1e8082caf46fff16b239d32aa7c9e

SHA512
d488fa67e3a29d0147e9eaf2eabc74d9a255f8470cf79a4aea60e3b3b5e48a3fcbc4fc3e9ce58dff8d7d0caa8ae749295f221e1fe1ba5d20deb2d97544a12ba4

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1596_283954863\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\Desktop\FluxTeam\FluxTeam.deps.json

Filesize
2KB

MD5
359ea6692dcb533e74a326394f9d65ad

SHA1
80ad7f4e5f51ae52926bbd235530df3ed54c0ffc

SHA256
04c8d170304e279a316f172c57965b4b69317538028fe10a4e04e83ff18957ab

SHA512
649feec2760e66a4036b0488d6b293685a5b0eecd67de570dda3f138ab6d004a852ffada570bd57d6e3b5833fed8173aedb5a9e4745e500a0b2643a7d1cf3cd7

Download Submit
C:\Users\Admin\Desktop\FluxTeam\FluxTeam.dll

Filesize
629KB

MD5
e2c5ecfb2aa46da05b90dfc8d411abbe

SHA1
426fd9d0b32203834d735550e2ad8e2c08c8520b

SHA256
131a9ce810664a6255f43b6eb59500486eeeff5803e922576eeff1c5310482f0

SHA512
7a0ba0ba2c5c2be915844ac1a6962632ad571129b3de0a4140527e106ce2a94be8c8c120bcf8eb11900763cfde617b3b00d21e7d8f377c252ce86eeb2e30907a

Download Submit
C:\Users\Admin\Desktop\FluxTeam\FluxTeam.exe

Filesize
312KB

MD5
a3dc991b20ee8eda250ef041abeec5b5

SHA1
227544f87cef0ccbba2aba95e6f03be81bed54fe

SHA256
3b8d55e55f2f36372bf1df0c425f314bf5f5a2ba4a472259e5f7709378127971

SHA512
5298122a307d3b74dc38b3650efe53360624ea0af25de250e30448ffc2b51c53f62bf4bbbbfe756c62c554711d2fc5aa145374c3c970731341b370c745b611d9

Download Submit
C:\Users\Admin\Desktop\FluxTeam\FluxTeam.runtimeconfig.json

Filesize
458B

MD5
07b9a30265ca4e69c7016a1b6e3ffc27

SHA1
3a4af82a2695b1423aedd8b60a5c86793c011b02

SHA256
c71152bf25e40d647b2440c5b39be157a3d356106be9d5b678ab97bb87b4e782

SHA512
efd582f8edcdba5ef48d02eee5f73d83ff35071af99b49e08e0213928568d728d0856e3b903bfcccb9237f786846cf94da83139f99e9bee86287aff2071c3f1c

Download Submit
C:\Users\Admin\Desktop\FluxTeam\Microsoft.Web.WebView2.Core.dll

Filesize
557KB

MD5
b037ca44fd19b8eedb6d5b9de3e48469

SHA1
1f328389c62cf673b3de97e1869c139d2543494e

SHA256
11e88b2ca921e5c88f64567f11bd83cbc396c10365d40972f3359fcc7965d197

SHA512
fa89ab3347fd57486cf3064ad164574f70e2c2b77c382785479bfd5ab50caa0881de3c2763a0932feac2faaf09479ef699a04ba202866dc7e92640246ba9598b

Download Submit
C:\Users\Admin\Desktop\FluxTeam\Microsoft.Web.WebView2.Wpf.dll

Filesize
50KB

MD5
4a292c5c2abf1aab91dee8eecafe0ab6

SHA1
369e788108e5fb0608a803fa2e5a06690b4464b5

SHA256
b628d6133bf57b7482a49aa158e45b078df73ee7d33137ac1336d24ac67ed1b4

SHA512
ca22adfff9789730e4c02343e320d80b8466cfc5a15f662cefe376b7ee29dea571004c1c26cd3f50c0d24e646f2b36b53fa86835678f46f335d65eec52431cde

Download Submit
C:\Users\Admin\Desktop\FluxTeam\runtimes\win-x64\native\WebView2Loader.dll

Filesize
161KB

MD5
c5f0c46e91f354c58ecec864614157d7

SHA1
cb6f85c0b716b4fc3810deb3eb9053beb07e803c

SHA256
465a7ddfb3a0da4c3965daf2ad6ac7548513f42329b58aebc337311c10ea0a6f

SHA512
287756078aa08130907bd8601b957e9e006cef9f5c6765df25cfaa64ddd0fff7d92ffa11f10a00a4028687f3220efda8c64008dbcf205bedae5da296e3896e91

Download Submit
C:\Users\Admin\Desktop\FluxTeam\settings.txt

Filesize
10B

MD5
4c65e2f855d8696d18ab503ca9f4cbfc

SHA1
448a8b537b3dfa966682a496168bae8555c3c889

SHA256
268eef82beb074b0ebad1eaa73261d87f97ca50dbcdde8fc5621ed50c5f1faea

SHA512
c127295e977a579679201f36c9c70233ebbf70bf1cc8f6a83283d75c853935902172de3dc8b19eefddd64e182219926d5ecae944a993505e86994cc813e82b59

Download Submit