hxxps://magik[.]software/dashboard

Resubmissions

12-12-2024 23:11

241212-26nw4azrbw 7

28-11-2024 00:17

241128-ak31casrep 8

Analysis

max time kernel
192s
max time network
183s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
12-12-2024 23:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://magik.software/dashboard

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4552	magik spoofer.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133785187193899342"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\loader.rar:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
4596	chrome.exe
4596	chrome.exe
4596	chrome.exe
4596	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe

Suspicious use of FindShellTrayWindow 36 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
4744	7zG.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2688 wrote to memory of 3912	2688	chrome.exe	78
PID 2688 wrote to memory of 3912	2688	chrome.exe	78
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4828	2688	chrome.exe	79
PID 2688 wrote to memory of 4720	2688	chrome.exe	80
PID 2688 wrote to memory of 4720	2688	chrome.exe	80
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81
PID 2688 wrote to memory of 672	2688	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://magik.software/dashboard
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb797acc40,0x7ffb797acc4c,0x7ffb797acc58
  2⤵
  PID:3912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1848,i,8310892089987706450,18011915210622503556,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1844 /prefetch:2
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2100,i,8310892089987706450,18011915210622503556,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2120 /prefetch:3
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2208,i,8310892089987706450,18011915210622503556,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2356 /prefetch:8
  2⤵
  PID:672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,8310892089987706450,18011915210622503556,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:2444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,8310892089987706450,18011915210622503556,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4488,i,8310892089987706450,18011915210622503556,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4496 /prefetch:8
  2⤵
  PID:1088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4852,i,8310892089987706450,18011915210622503556,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:3424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4776,i,8310892089987706450,18011915210622503556,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5056 /prefetch:8
  2⤵
  - NTFS ADS
  PID:4272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3204,i,8310892089987706450,18011915210622503556,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5124 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4596

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4372

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3576

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1472

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\loader\" -spe -an -ai#7zMap29461:74:7zEvent26016
1⤵
- Suspicious use of FindShellTrayWindow
PID:4744

C:\Users\Admin\Downloads\loader\magik spoofer.exe
"C:\Users\Admin\Downloads\loader\magik spoofer.exe"
1⤵
- Executes dropped EXE
PID:4552

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\loader\run me.bat" "
1⤵
PID:4492

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\3416b098-6762-47a5-936b-91aae960c73b.tmp

Filesize
116KB

MD5
ff5fe75b4cb551c018c79120cf35193a

SHA1
b3ea12bfdc192736f2531fed32043f48aee78bb8

SHA256
e5e093d1cdadbbce428cf14add2bc86fa6da04efa794a9bf86732f03bf1e1007

SHA512
b0da897728d802351cbb52f0f4cffc86ca09025afafde8dee2ee6d27ca65c67f8f125b26fc09fea715cbf4409bd24aa11826d5e3f76b6e84f5d490ccdf633143

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
7e7b3b12818318f5501b71ec3441c2ec

SHA1
83b5f91639fdb377de61ee931ab1fa685d23f8e2

SHA256
d23880badedbe560b5f51fe599309bac77a1e64130173071f22e2f7f2a9ef26d

SHA512
ef4cc3d97f42dd19eaeec801a27c9b5746b9147440cb98b8235d729c436c2f37336ca888225337499636e176c7feaf7f294872909d807dfabca77fa8e532e296

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
27KB

MD5
f1850de8495640ca2f91fe8724cd9d94

SHA1
6f3867321b05ecfc69f8d11458449a1f6e2a6889

SHA256
1cfbb917224e2df847f40e46c6d21ebc85d64f5488c8247d412cddebcc903192

SHA512
058359b50c5d141411437e69cb709731b16b95cdc2692255db08e249151ecd0c0f96211ab3f1be0bb51bdfe080a63a36d71352ae2c6684b3efae5e30004576cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
49a1d4c6641172ca5ddc1440640bd388

SHA1
48d4aba60fd56a157b75c70edf77149a233558e3

SHA256
89f49d38ad5963eafa1aa77b5279bdd0f57b22002021c281cb6dcf0043ac75ee

SHA512
499343f72573ca7f781e8f8a7aa637d24221f4315f30bbcbb222475f5a0cc8b37e72238cdbd8ee2ab0a964bfd9821f5baedf0e1548a3d7ca423092f1ec42c215

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
dc8732cb2947010af6bc6b9e6bba4249

SHA1
c96edd7700b42b71712c519d5b39cc99213d6eaf

SHA256
cf9ec2d9938700306f53d46e3a00a1596fd00109f35c0c1f5b7a3e7c6088f739

SHA512
d6f8f6293f4192e7e5f9b79a19935a3b4b6cbec0fd931a45d92261bc843227e30ba7342b491f69a293e0a4695e07059abc96ee1873efe160742afdcc28936af2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
cf74aba287da414fff65e70042e0ef80

SHA1
4baaa21c6b3fac6f3677d03bd8837d01dca372ba

SHA256
3352e351e9da827d2c4c9e14bd8b2cb5a678ea3703b3db5fc44b912c4e1d57ef

SHA512
ff65cf704f78d8eec03b49e5d82820a93c0a1f34849bc72db9c279ccdd54143ac41dd4a510531edc08275f2e6e262ae667ec0c50fe694f6001a3caea31637ff3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
520B

MD5
71e3047d8f7bc74823f02eff505bb6bc

SHA1
2066efe39987cc0379da8726287d6dbb53e7716b

SHA256
cf6759a0a0fd404251293aca931a25484ad57df4faadc365867454ab65689e26

SHA512
deae76955f94e0e37258e3759a0578e35589280b8c9b40354233598fca76564e482f0ea918446847ba6a96f97d51e3e3470672ff6c858361c315c6f8c6c210b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
855B

MD5
10110a52dfdabbf51c339e703a53d03e

SHA1
0b5a3e7f5c6e72ae9c1510032b057a75146c00f6

SHA256
ef4976e308367f2994e694a60f5f670dadbc0219837297947bf0fc6049174557

SHA512
5ec1346512209e80e624759f8574d4b5d5f22ffbdade2bc7dd9312d8e0d1bf9afd3c95bddb5fb8a3985b420ae48c3d049617b1771d358b48f4aef0269c1ecaa0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
688B

MD5
e766414b323b851711b70d711fe7c572

SHA1
bce61d99f93cc8e24dcddfad7bb00f3be3bee0b7

SHA256
c1cc85cb0c3d62046fa99b142e97f281e5cc8db13da9fe6518e592cee5fd1a0d

SHA512
9912c7fa6340ed643d9dc018534d201751ebbc2ca7e3aaa768b407c521bd7bf815bc8d06da8abf79e9c83042551f4d83546d27f797d5eb6f8485ec34d91a6a60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
aab8b755687568b03ab251fc4d7bbca2

SHA1
717a4774c035cf81d1273c95ee875d85edc4d915

SHA256
1fda954193e7f11c34158942202cf8ff40949e82d43f9a45ed77c93bb51ec44c

SHA512
01c8451f5a9606de75d5210f4e35f99c178693a2d5da462fec05061a93d117ad541127a8a0e3e9f0059eb7383d0ab6cd86aabcf73a0576b08ad0644cc401291b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
752eba2521b62bf3b08e9a5999e28ea6

SHA1
2ee0f15d88dd6bdb19637e766bce9b930b9a9d91

SHA256
36e5992bfd7fa853b7c07ce671b1b367b3a3253be00c8a19f22d0d5cc3688daa

SHA512
9ebdf2f6ea62c6aa84c843675da758ecbddceb1ff9f1dfda4fafe5a4f8cb23b3a26c029eebe11792cb7e5bdb5bed05eeeab3751443f75e5cab1537af067dbedb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c50e6e38940bce720e3565bd713cb430

SHA1
f971772b2aa3d5102eb092078c0c06be215adbf9

SHA256
068a153d68ad837914c72d246b008a3926dfa5c2e14d084064a94812b96c433d

SHA512
bc80ef38b3b37f6ad3274e886e7e62f61473f391841ec1cd90b5eec022ef507795df10741880be53a1de64b98e199b288c116d8175aa808e9c1e3babee2a221e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
16b9525f33c9d3c91aa9b49da5678eef

SHA1
9e0a765f749af7b4cce2cede1c7ca684a8fbc9dc

SHA256
a79b290b3d525f9f10f1799447fe4da31df0e4b466b12b994d60a3fafca181af

SHA512
5ad79efca3a4e1e1132d2dbf81b1ee6a2ab02c3cf10b463786b966e79484e5301b8b73c2cab5ab743331c314d517c5c0be23f9801dee95ab15bb4c243c298c7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b1e26a249ebfdc1269f5e7c8048236fe

SHA1
e1b2d6facb1cea8f8513a7462a1a7badc8d32ae7

SHA256
f5bcc03f6d5a5e424269ee91b3f6b34a2b4f5c34b369aae3b824544cb3a2921e

SHA512
58fc1255ab9541f879090ea589151cc6e03bb0545c7dcfca9a88c9f020fa3fd1eeb53ca9e1a921d5ca7ce4094c2da6a821432f12f00fe3e3a601847150cf84e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ecf17110a283844a22382f9d7f37e9d9

SHA1
068a192d81353354d1ee20288ae09e4187ee94e6

SHA256
48db6aacb22c976dc43f686926f88eb32b50442d9130e55fd86cf42a1741ca11

SHA512
88641e93b49c4522c448d233d0573584f5a9ac0a3c53f74118b6112118462059c65f16fa73ff32381b7eefe7d624c3bf5e391fe03033cd888f10beec98fc031c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8787de8822b4a82c87874d595e97803d

SHA1
a79cca4d0c9999390dabff0f6e4165763a9222f4

SHA256
174606bcc86f4017a02861ea76b054dc7af755de9f3545b97107680d196c41e4

SHA512
9687ce9df62d71979f8bd75913c568f9e3a91967c4bf4bd0e16ff1e410d060530c745252502301de53e207bd3be58aa95b5d303debd77a9d1ee219b3a7edef09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ab1171b9435a1e1c12990f5d7ef0cfc3

SHA1
6fb3c8ae1c097c687ba321f02ffd9c80449fec6c

SHA256
11bfabf8e20e4de0a8e339b81270d4845be11811e512814d722f6f559b51938c

SHA512
e8b476feffb5088d0cfde06ed10287910a08dce8cdcbe3938396e20e2f59375c3f179ef49198eb91c802a6d81c4d59ec174ce9f4ee16fda14dc66551003477da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
40021495f0104a5887ecf749e53b19c0

SHA1
d4895f52c1eb4b3c090e4b1378e1c50aa407c29e

SHA256
ae8d9d5a8812630e03293c0fece90eb4d0a1e7d8f00d5a81f5650570af6f46ac

SHA512
700fb3960149e688a7d8029f634c66c271b4b2c212960f930498d5fdbc11d4dd34c5461a84f3e6224c60dcaf87424106a4d6b9f7a731b29552071a52c616b355

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
01afeecd06eb10fed338fb12e9403886

SHA1
599bd090c81c3de75e4d8c7d0b376468023d567f

SHA256
63607e1f6df4018ce111a1b6b0d49d60114c3bba732fd9a68eb559d399d9ca9d

SHA512
c43a331199e9aa9dccc08e9f2c64550a5eff66897b0386ff2fdeee1acd2fa9be39503a5294fd69abe47d726739812a73421aa0bb3dd53cd71a024a23be761a26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0305758ca86aff1b0f7acf92f8b44e13

SHA1
e412d2cf7cae42e1525da687ab2d3d6b3d87e0e5

SHA256
235598d47d807b4666a8ebf38be3a7526d22c6e93bc047667079531fa34eabc4

SHA512
9e9cbe6fae6b43e2f3972ef799e760b1a856a5bb0bed3c4d8711e9a59461361c391ef03c569d3e7fec4474924b23bc35ce989d1f3068c5aad0e09d4a3030809e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
009aa37a43e2147a06f57cbacc991746

SHA1
fbe72bf963ca07ca7b92d9345177d97304fe806d

SHA256
04f947cc940dd5b1a8a396a933719a8902e9d0eae15d40b3e409e25fd8636a2b

SHA512
41d6775b536fe52fd6787f4ff93688397648d3eeaca7a0666f380095452c81b56d5dfa7cb0d15187ccbd650103eacc80782e847bff221217340f39776f1a9407

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c1c4e550c9657244f40d1d7dfcd7d7ec

SHA1
566588cbee14b974c77c3c0c9b7b1b9907e98426

SHA256
22e90a4dd2a427df61b827a40d2e5e6224303842c5999e8ce252ef40511b9017

SHA512
7dc7c4d8811ae977d3bd03fa12adbe69f24901470dfda5ac80dafc674b3b3d70c649bd5368875038348dc23ed1cd9e8353cc2dc7a5b276d62d37d1f463cc32c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
87c90cd4c885390632ba98217ea78943

SHA1
d4249cf6d3183e810f6624c888007582e51c2d90

SHA256
f852e777c84995b113c6b5ed4ad99ed638ed57733a6c72a5366214bb8415f9a2

SHA512
f60f66a9e141ffa1d88496adf03829edad007ce287c32e21c372d2b4f38890ef3667491afb50bd7dc0bf7812455db77a5720174589fbddaf29081125e75b521b

Download Submit
C:\Users\Admin\Downloads\loader.rar.crdownload

Filesize
7.7MB

MD5
80941265fddfed26ae161a796c637e28

SHA1
3019a7d88e350089f019d30cd7dcdded85eb0a55

SHA256
45e7400b0621c54a52a66f0116ec2525c51aab14f9605358a84524a5daea53d4

SHA512
acfc88ea0bb4b3073d8f9fba27a43ed3be9b19fb072004cf71dc0d7ac2bdb6158c39847bbdee4cfba1365aff74244655b1353aad9cc88894f9a7fd18bd3ac758

Download Submit
C:\Users\Admin\Downloads\loader.rar:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
C:\Users\Admin\Downloads\loader\magik spoofer.exe

Filesize
7.7MB

MD5
4aeced27b3b23c2e44277844d0831749

SHA1
d74c5b81b26c7101b8a37ed4b2f18aea8c77fdbb

SHA256
0d67b7093baab3166dbfb3567b12b5a6d3aebb4b0c02cc900da4a4cb75fcf40b

SHA512
7827f31c5b23cf4e2c25b3da1677dfbd2cc0c5252a058baa131aa92b5e0fcf45390779bfbf5f9cb9ea0113e94fb818a56d5d73d706f61e26bf8070a5a09c3a31

Download Submit
C:\Users\Admin\Downloads\loader\run me.bat

Filesize
1001B

MD5
f231be56f8dd034fd9e62fe67b120dec

SHA1
c0a4b9d91f5934f00a6cc28cdad56dfee45d3116

SHA256
ff5735d7157d43beaf0ea13eae9dc29619d9384a79c0009c7b0ada9d722f0a30

SHA512
0da567136e8e24ed1cdcd27633ba2f68c26c9fcc3038d1d7a041516e187d97c9a1fc22eb57552f4a4378e58daeb297991e95f388530fa38e12c67ddcf50b22dd

Download Submit