discordrat | bdac8f36b0f8302e8a45f6a81d0292517d10e7344195b8c43f2b5443f6e14104

Analysis

max time kernel
1049s
max time network
976s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
19-12-2024 04:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

release (1).zip
Size

445KB
MD5

849ee0eab895dc239d1dee5d6c574112
SHA1

1434a90cb4bf1a448574a29cb70dfd417b91c081
SHA256

bdac8f36b0f8302e8a45f6a81d0292517d10e7344195b8c43f2b5443f6e14104
SHA512

1596ea98649521164f30f3e96652b05f2b26bad2297b57b47ec80235a644082cd60d1537dff5cac85369cb42f04882d85a94f7ac872454213a44cfb645c223ac
SSDEEP

12288:BfJ13+GoLo2d5ifXHE8134QwYOwFSFRiLQ9:BKGo8EifSQwYW9

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Signatures

Discord RAT
A RAT written in C# using Discord as a C2.
stealer rootkit rat persistence discordrat
Discordrat family
discordrat
Downloads MZ/PE file

Executes dropped EXE 4 IoCs

pid	Process
4000	builder.exe
2348	Client-built.exe
4428	Client-built.exe
3308	Client-built.exe

Loads dropped DLL 2 IoCs

pid	Process
4000	builder.exe
4000	builder.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	builder.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133790566739334054"	chrome.exe

Modifies registry class 51 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\NodeSlot = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000b3ba73aeaf18db01639aa0eab618db010cd72605d051db0114000000	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "2"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 200000001a00eebbfe23000010003accbfb42cdb4c42b0297fe99a87c64100000000	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Generic"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616193"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616193"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	chrome.exe
Key created	\Registry\User\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\NotificationData	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2096	chrome.exe
2096	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
5100	7zFM.exe
4628	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeRestorePrivilege	5100	7zFM.exe
Token: 35	5100	7zFM.exe
Token: SeSecurityPrivilege	5100	7zFM.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe

Suspicious use of FindShellTrayWindow 42 IoCs

pid	Process
5100	7zFM.exe
5100	7zFM.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4628	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2096 wrote to memory of 3708	2096	chrome.exe	81
PID 2096 wrote to memory of 3708	2096	chrome.exe	81
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 892	2096	chrome.exe	82
PID 2096 wrote to memory of 3924	2096	chrome.exe	83
PID 2096 wrote to memory of 3924	2096	chrome.exe	83
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84
PID 2096 wrote to memory of 3012	2096	chrome.exe	84

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\release (1).zip"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:5100

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe8535cc40,0x7ffe8535cc4c,0x7ffe8535cc58
  2⤵
  PID:3708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1752,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1716 /prefetch:2
  2⤵
  PID:892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2072,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2096 /prefetch:3
  2⤵
  PID:3924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1308,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2192 /prefetch:8
  2⤵
  PID:3012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3112 /prefetch:1
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3136,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3388 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3520,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4444 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4772,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4780 /prefetch:8
  2⤵
  PID:3836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4808,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4996 /prefetch:8
  2⤵
  PID:1864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4832,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3068 /prefetch:1
  2⤵
  PID:4716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4564,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:2420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2436,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1172 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3476,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=212,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4408 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4448,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4456 /prefetch:8
  2⤵
  PID:3412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4556,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5220 /prefetch:8
  2⤵
  PID:1356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4704,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5416 /prefetch:8
  2⤵
  PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5424,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5552 /prefetch:8
  2⤵
  PID:4272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5708,i,5537716372664553997,7668972258545848890,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5700 /prefetch:8
  2⤵
  PID:4808

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4020

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2852

C:\Users\Admin\Desktop\builder.exe
"C:\Users\Admin\Desktop\builder.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
PID:4000

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\Nuevo documento de texto.txt
1⤵
PID:2360

C:\Users\Admin\Desktop\Client-built.exe
"C:\Users\Admin\Desktop\Client-built.exe"
1⤵
- Executes dropped EXE
PID:2348

C:\Users\Admin\Desktop\Client-built.exe
"C:\Users\Admin\Desktop\Client-built.exe"
1⤵
- Executes dropped EXE
PID:4428

C:\Users\Admin\Desktop\Client-built.exe
"C:\Users\Admin\Desktop\Client-built.exe"
1⤵
- Executes dropped EXE
PID:3308

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
bdc4572e62072d6745325029070b9dae

SHA1
2eae3f7a6de533815809834850bdc95320d08957

SHA256
97d7ed807f59bfb1b429836f32320dd1adb17fd0dda59bf98e1af0e936395833

SHA512
c65d9b6aa21479e918975ec3aa7f405b94c47b720ebeb25d7c2be5904756e3f653edc6b3a95fffe52ed1e73b51f57d53f1cd758c6c66cd90cbf66966551b5786

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
b908ce04e5d3cbf91a49c7c8f9c34604

SHA1
c2fea9d7b835b52874485a60eb642a39ddea6ff3

SHA256
7e9a4a94645bc89add00418068034be398b732f06a009ea92b03405667027e3a

SHA512
0fcb6a294078ea340ebc574db70c6cacbd900616a94c5044b7c9a8e2dd72ea8486c5538cbf28773f2e06c7e7af3669e81a719d331ec7c70f76c15cdaaa181fd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
590f3563fb75adb512648c6fbe0742a6

SHA1
0c5a33d4841e26a4fb8e69640edb53755afdf086

SHA256
44c07befd9f94280421f7af55ec9c36239f3f548656ff2b108c4e32c3299af69

SHA512
6d53271183d0179f9ea8d5fa6fbdf80b87af0b0a731016401abf07e5cea1ccd7e293f5a45ce00eea7b5346e05ce3862e421895b523bc8288f62f52edc58d595d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
b72a7bee67536d4ec05282947c7558c9

SHA1
c2719e7542d55aa13a4125deda4ec298fc46915c

SHA256
9a35caf664809022e85fd93c6487b54c6df4454c7ed74852631ca0df9d56af56

SHA512
d70be924a12209ebe44ea1f28a76ff6f022e5a67004763d59f28939b3021069842740af93fe602bcda6b09e9529984d5ed6d4a499a938f0a686dcee5fcae2a60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
69258cfa8793432c8c4621f91d7a50b8

SHA1
d6d7a808b74db3b2b47b634a51719634ad037688

SHA256
d1ed5bfb81406f35a968938b80f10df4923e1c8743c155413037334d1ff671f6

SHA512
3a13bc0b5b12e21b71f93fb0793432057854346f81e06873ea4f63c81e00c8d1bbd26c7ae0c840a71d7130e02c0b70ca2df26f21c62a8cddb94e2c9b30801f56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
d373d550c38fca73f3b50464f7115951

SHA1
8ba5e53e466d78a6f828eaf4118c907d8d4ff597

SHA256
d7a3b74dc54f37fb8ef58053372828882508979bf5aab08e4465f5afb3b07ece

SHA512
8162c516c874b82c06f9d938d60667ec5e1e53392cc55386693d1dee73b80e929a1d9ebdd3636e865f1c0691e27a3f08b223c810c0f860bc89cc7f57a1387952

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
d9620fd2050528eb28c5383ce0dbffaa

SHA1
1586c457179d6dfc53c9c97dea971347768c2247

SHA256
767c788b5e66a581eb1c5a99263e97d15d1e58c2eb9b44ef3a340dace4ab0439

SHA512
abb905a7b3dd4484a17ff3da6a4106d29b7e1511ce4343363b68fe12ef16549b84812e4709570a995e737efd1d16942c11aedcc180a3cd1f8b7e75322e50114e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
efec61bd79051d29c9d2290ac855f378

SHA1
44865c76bf42ef59c139f68a20be063b455b907d

SHA256
2a561de8508cc0fbd91b636a365f2214b2b4add63a9dbc08953eddfd5dca2c18

SHA512
a4a67fb5fa79ecff5082cb435bc84bc6091e0b5e7e1aee93154e697f66f7591fad52446febcf9da517cb86bca23709d2dd2193f95b811c51aadc880fc7588ec3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
222e38db664de32f8119500a888d5ed3

SHA1
91a6766f8f9e8fc075f519bad9a1cf8184df5920

SHA256
f92632023e5236c91389deeff4ee84a26106830f9306718e6a1efbcb8362c5a3

SHA512
0136deb6dbc5d2089eb600189cac15f9194a75386d1979b5e7b1f0cae8e6ac059239385e6f93d6da01b91253db045e2ad18b90f7610b507d3a54fc7874b5a921

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
e0724ed974d0e627d7f8fdf29e102873

SHA1
b8a80a9b67d3b26b55d3087ee8f82aaa56f7caa7

SHA256
abb22df8850ede782cb18383947be1efdd12cbd5875425f1adc47d7fbe340fe0

SHA512
5196daeddf72bbaed957594aedc890c516f239631affca328957fdf7d3a8123e47a30ed657fe3306862551255f98b529f23b32012fff8aa5823e0d5877cd0f38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
f34dc39606b446e39dd0fcb921ae2a05

SHA1
a05df74c1daae2f8ad1a704f220c230f7f3be8e8

SHA256
cc7f0289f5e6cf8c9ed509511e53f9c0e7b05444cec756b90ea46810eb772255

SHA512
e8aa0234e1b15c03645ee9c070665197cb1f4cf6b7916ee5c9e4b8098d63873cf11c4f902b656e0bf13ec677185d860a19fea622c0d66e32877ce657e895a1a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ecf69f0860d380d6854e213aae236c0a

SHA1
b37a5f9733ce0af766c63b5bb151173d6d691b37

SHA256
94c2e67dd066bd2c768c94c9705d92bf30bb3c2d5f492f5d76448b5117d65b70

SHA512
1aed89ca5d2aeb2fe674c200745feac18bb1dfdc5231eb4a138b29c8ab5a0b384f6572c2a3499fcf011abe77ed4499c98c24f534b1ba716cf846260d4abd3b39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
909d5b714f40464f7b8c7594daf5e862

SHA1
aae27b645728f8de05028ed0dd41665f3aaa817f

SHA256
b0b4de39eff02bcc2a0f44f194caca2887fed5f2a5df7cece44a4bfd088079d4

SHA512
fce4059ec745404846fa045835b075ea3679e8c54a06a24163da1a5aa06738bcc40cf1c506b74e99fb9b8ea0b11f7c0676a65fc2f18c7410035db08859134527

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2cc71d5181a0755a572afb10bc8cc3a2

SHA1
e37bb4b622c0edd7e63080103dbeab110a3d73af

SHA256
9ab98292f5f1dc30aa174b4dbace8b41dcd66cd4cac1b95746910c90802fffb9

SHA512
582c9552f6e17150b2e00bec2eb914605e4806311b0cb81a10a7f2a0e16e58d15785975feb26f27cd30229d7b800c5990869fcad83d19bf75280d700929e1a0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a46b84b2c9892e23db2fc6c7e7574a37

SHA1
b37bb6784385cc9a485670b65603e3a62b6c7305

SHA256
6957d6551a2efbc22836ba96f6a35369ce83e8e04e598fe5b1a6c8173363f755

SHA512
f5ae7151c468b843cb072be0b7b85e65f42866112ff469a93bc612222ce3af96380d26ed91cb5c8feb3ae97aa4165052b8478c3644224996b776c7f0c231a7ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ca6cb187c281e264e5a35807032c064a

SHA1
0d74ba94aac0a23a5d0838b4ca7d4bbbd7162614

SHA256
189ab7055abaf749128ac56248cee6cde573106fabc00da65d4c8798df66a572

SHA512
170239f7005b337557a8f20c6e29a9897875b1ebae88c35b9bd10287ca466ddcf0979814d90aedea359caf0e02c3c48e54744eeea62821f5c85ade94c5266f00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4a499468d3a4e396433e1c5dac8bcef7

SHA1
a574bb06fbbf16a7bdbc1aaaa1acd82c3844954b

SHA256
45ff9c7019c595c27a6c89025b7f3cdb1eb2a11df57642f597d56450db833756

SHA512
115d24aa8fd9b4bd1ad0dcecfdc568111a191f311099188964bf0364af88f51d42bf627095f24ccfa8bf5cf26529a637cc42cbba1fd1f77587ff82a2137f1e2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a0d74dea0e438d853fa636306cd7a59d

SHA1
d4ffeedfe41baf36a6396f0556c32a19a9764fd7

SHA256
12618abbb8a0add39752810ac08d76bb1e85fafc44e8b50a71c68c72c248861e

SHA512
bf8c2a886160dfc26aa1aa31f26f1f19f2d6f25166d6f52e02978efc8f76935250ab817ffc6e538f51af4a453408ce0dccdfefb09229b4686724946c4c1cbc5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5e1948ad5485a09c6f2dc2a011ced50b

SHA1
175795dd2e43b3c844c8316ca3b1b68776fbfef1

SHA256
02ecca1cb7dfd7c1a7df323bfb29880c53d0352cdf8aac4392bdbbd36e86ed03

SHA512
43cbd8d56dd788e41f4bbdf17bbe2c1b21b13068f115ae2954f530b6ee3fb7b65cd5fc7b6c2f173b6544b5d35f47cabab1e25c55a7d09b9ba0f734a553e2e196

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1574401b5f89858987005d679679db47

SHA1
a789a7e19a34c06add4d8c3e3cdf6eaf9189bf1e

SHA256
ed57250a61e681ef84d680776190c3b84d43319221a5f3a34e0382300cd1b090

SHA512
808be56177e8e0604bac4f94183d0c47eb5964e1c9730eacfabbc35888a0b208af499d5f39b8987271016a194f494b40dda72034a5d4e3aefdb9a91dfa31e86d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b773eed6844484a3fd44479240d64164

SHA1
ebf5ed4347c2b3368b7d7f49d1d4ae7ea5f8b5db

SHA256
d07e0bdf79f0b5b848fac76840c56dfc1ffa9c5040157e0957115203af35cb54

SHA512
b0f4a00e5f204749ef9a732d33d9f77e634061be54d6dfd7c62c61814996ff24dd41c98cfad2d30f1092c8ca4680bbef89dc546ddf32847ed3660e036c68019a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fbf29ef28619b1a2176c9a1da52a332d

SHA1
19ea86489eb53f417538c2dea856e19151c9e0ec

SHA256
0df3bae7c0e090bbecb1b2024b7a5e18aee3694e12f577ce75013b466a86faf3

SHA512
c90a9a325ef1480f32f5851b5e6dbc884d04eddefe5776709035b63aae0fd39f0033cda4b085ec7f781f7e66ab591534c639d071c756cb9db6e2a7a9929e383e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
089ae794a5b480040b8711d292edbc28

SHA1
dbb5ff3024d973647e98d5f607b9c91de01ca397

SHA256
4fd4f099bfc84539e3a914ada1c2a19ce22e35087cb41eccd3508cfa44f89ad4

SHA512
7920b265b45cdf9c4a0437cd22a3ff5e137f90e51d48bccba3742d93d95f2b795c9674ab2ecadb64ae7a12e450afd8be6f7b380e57d9b49225e72b5067d170e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
df8797bccff383b1e68a7dda00104e7d

SHA1
e7e19e2915d325f1d411c41f88049e42cb97e31c

SHA256
983b4c08e731959cfe60aca1487cfd12d4d955b765eadbb904c243939a34b322

SHA512
a27784180f927008002a78ed9055c42a62ef5a5b4b2c0cf1439180722c00e82ff6a3c3488d74345803912b446d2b7ad9090b4ce81552e312c8e97599c18089c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6fd2d2fa7363c2b408a2db694e117310

SHA1
d2d58a3a7571cc4c92f7bd059345380f5fdee392

SHA256
e2f37b9c21bffd2375b94e033746ec5066606340bc1f2edb1de69fb4020c03a8

SHA512
9195044e8ce0530a0729e63be877177d58f96e48ae5d61c4962d1894d8963b3a7fc51c8351cd2542deaebe079287acfe9dbe5f21d82a97ef1668c0c6d58b09fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
23895c83bab736795be70da080162361

SHA1
e04120c813a20f9831f2870594d8b2185005f98c

SHA256
6f03d6d5b3811905fcdc261a9c849d94b6585c01532b2ed81b6b9dc4e1875274

SHA512
2e0316cf1840068bb84859717cef0eea9f5e6e8f09b8c41e88e611e2859cfebb23ed12d9ee31c09d04dc7572aa456c474d2e09fe782950f4709c63c9ac960569

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5dc7a73217133251789eef8e5d71e46b

SHA1
848cf919e3636417af48f2d87e06cb2f1f34bf3d

SHA256
8c705bcac9ab6f409fc0a345c80793e8936dfd2f46074714105471f60a6e8e17

SHA512
ed249e6a4593a021ccf70d1b018df573c9b9ad7992090de838eb783a8fabfb581c03107a779ec80b3dea46c5c9941cb3ae16575b51915d87e09343a61d18578e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2abb64039f0ab615cfd74aff2a5ac063

SHA1
c864fcf1dd2d8fc0d882618ae15d5f899cdeb27d

SHA256
3320559859303a12543be65d336bc6faff38d75876b683ae2bbd0a7526bf8a9d

SHA512
3f55efe0df96b147ea6c9e78dcaacddbe81a571c56df9542b4f92976920c547413a7e8737c6290d1b242c4150d2213c4271dc217d4c01638275060071e951049

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d23295a994371562a675370cbe6f71f8

SHA1
4c6f3487c5fdc77352463ea8dc99633257c55255

SHA256
afd24e6e52ccebc0e5c201dce703974591b6e842f97c2c753b1a95aae6c83338

SHA512
9ca480200a99bc8f15e44a6878e7bcd9bf2e11297d6092ff61df370e99d31d92b90ae793388929814110ea4738f22c769cacf1bdeba750d347664ff461a58d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
796795ed531d6e806e5ecb108a7ae1a7

SHA1
d006d4351e9eafcb1a167a8688c4a0a643fd9e8a

SHA256
80c9b10eb04d95eb2800fede0d1937f2e57d4e0f8b61f184f00a77e457e424b7

SHA512
a25e271634891abf08dea52efb15b53e6a86c0eb0e1a865f568a432cabbac0a2c40107c07207e00cf7401dd8c1719af29e867c056c98fd664d267302534f5c5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1809064ba13bbf7e2955be5ddc2535ff

SHA1
f80ec9ad10efba23d0fd0efc8be76fbc890ea059

SHA256
73d2298c3d17ce8080db6b06fda12097761ef23356aae6ba9970e993232f5445

SHA512
4c04c5144c1a6511c67af4cbe2cfc4cb2f2ed3f19ac306ec1476c9380f6ca4a90990f73a2da54ffcd4128b9e90dd9632b37aa6c6a523c05815a8b3248c95a32d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3a47b0ae69e26a535d3f5cd4136175fc

SHA1
7b9baa74af44472b836aeec6a72d8d2b616bc982

SHA256
e66b55b37bc0e52275e8aabe2d536edf9ea2307e0253af23dddb3f874481a2ae

SHA512
bcc00542638952443c6f5c918082de19034ff3d0f6262f9e06695b19f7a044fde0924315f8a8d136ec5e60b21c262b7a6f3d1e9afd2f74edfe9fe1bdf85287a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1372754a407d4e141adf1b043d38df2d

SHA1
f471ed919776eda00c1b2ada36088863bd83be81

SHA256
02eae62d29a763a07839c734b6210190ae8b3b2632b542e603f535eade20447e

SHA512
f57aa9857affafe73a83a7df9abba5bcc1157bbd320baadd260bf9485364085346ba0b90b1eedb1413334a3e42cd29c5da3c591c6e221a8dd84bcc27da9393fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b60bbbe2b99e8651a528c9a8d71199da

SHA1
3b4ada0fd1bc1e492c26b164c87f26d3621c48d3

SHA256
950ee9b18cb5d3508259df7420dbce966c8659d81e0c0ed37eb93808cd341166

SHA512
05a2274a9c5bcb3d783f44f5e11b3638aebb760820877c0780259e85e7a1506e5e10c78bfbda1060fe0b222bd6f44fb94d1315782f808af93d3d23443d01d59b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
59760a3ef5dc853d1ecd0cf443f41c19

SHA1
97c28c889d1dc269f11e17959524515e3b3dcfca

SHA256
49994329eff41e7451da501fb0fec5db84e17f834be01ec5fcc12e189f40de68

SHA512
2bb2308433a01fc76a5a6f88e5249326c30bafe6cfe65db5beb4baa6d7ed8fc7bd30ea03bfc7bd7c873fc576a1f1a946fe3f3bda6e387705977e737d7a00dc5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cdeef7584ebdc69844d5c5e413b24091

SHA1
5b4886aeac8e7efc1dfaea732a10376d51b93a07

SHA256
fed8e50f2e0f383ea8083151d639e232552b7b8ca909704aacbddaa9abaeeaf2

SHA512
54c36cd7e9f5ad4f8f8a12295bb3d5a2e6e53fde86d2b209ff608ea121e2b9b78f718338957ae21a543b00de07da2ee38a36ea0a168e5aa943a7cf9fb88182e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0f3d5ed516431c131cc851358525bb53

SHA1
8788c7af721704061330f976784d1ab71d631493

SHA256
8b5b7f949088b82b3b9fd995a9077e834a6e11bed893363a72d1c666750de439

SHA512
f92e4e638662d3fc12190ea3ff016222f383212d6e8181236c1e5bb09373475f9c1aa987a4510a87202d6e8fa5251ec5768d3a001ffcbbffe7320a14d4f43515

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
47dbaf98f3087c8bf5766356a00479fd

SHA1
53cb1b938c1b03623ecb58e48cb48da7a1573c3d

SHA256
57f685f132fd6701bb6b45f4cdda4c2803c7d578966dbb3df0ec1a3d70bac76d

SHA512
3d18626fb2f50bace5972f646ae7f51831cf52d3e2d596688f3b891c9991abd815662d0ae17fa2a387c5fc0071196bf700bbe1b255fa70b9bf710944e2f41eb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a69d0ff491c15b1b573b5c42ed7ff407

SHA1
09d12d8814f09218e93ab80ee239272df11d5691

SHA256
0c3dfc7111f5a845109e294b5c371ce64a9fc267024e45a9199383fc6bb11f6c

SHA512
a109ae711241b8ed23aa5131c3598b0ac5d2968da9b24a261cc96a094f9e8bcdd38377914c66320adbe9b9d0abc14a650d788fe85ed87a2ba081d531831dba44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1f28af800152dcf0f6b9477cd43b5b28

SHA1
74256b2f71346adab2c6c4cab2469db31a9e04f8

SHA256
a1cf7bda123abe8b8609adcef56fea0b9f08ae1ce37a397c03219d9bd57842ec

SHA512
886d27786eeaff875056f0accb314fa4ffbead8e72fefac3fa7bd3aafbc6d81343671b483d36a26ddd5ddb8a9baeb752965338cc7ceb2e31a7a25b2ad1ba1d70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
94bba151a5c98ba174bf6d9700ac102f

SHA1
9afe781f235847ce3baa57ef6c4e436519e4d699

SHA256
e47b2890ca593b2f7e31f725d38bf6af841413642d91bd9b89dfbb178fc93fd3

SHA512
0cd62df5fbe26caaca14b4fa3a22b1f352252eede14ac83a234db754f869149b4df8077de658f70f98b86d8fce581ecca148e80a3552295b1db14db56760d3c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e89e3d66cddf2299bd2a76bf15a4efd3

SHA1
271c22371bac5f39d68c0edde25f50b4cae46803

SHA256
8fc5fe28e0ac0509f7b708cd7699b063de89f753f0fd842a2a9b703180791805

SHA512
cdf6da67b4b03542646d435525b9e4b3ebaeec0bb24ed13644101152c65d8eadd5206dece21d344fcfb071dd54754a436bc46578a026ffbdb05122240dd2518a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
207d35774741de4247d0f66a2f6d1ef7

SHA1
64d5bc0b24eea371604e2c7e0d64bfa5e451df8f

SHA256
e79e09a04b1812d27400c7946dc00c769f5351a9abd889e7ef7957392501f2f9

SHA512
88bfcb47e01ec1852752c2f7ac8ada4472b5f379a0873ce2e782106f4f56139c716f6336191ab4cce300c9bb37eb25133946645ecee4742e9d9ea73aa8e1e26d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8f8b6b8fefaf6de5b9833ebae20df0b8

SHA1
f0a1d1bff622987ef0745e97b6e89c991a948f6f

SHA256
9de3e2f1949268b5b56b3ef5a44719a529b9661472c41ce68bca8fd29cfa101b

SHA512
82ad10101f4e6b8b2281a986330350c761b12749b34dd9091eb7fa8978c42407723fad01757424fb391880698f8f0c16de601ba6f3453537460634dfda743ce6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
19b7bd027a97bee23baf72a6c683b8df

SHA1
ae48895c1ce3e42324e4bd6c279fa4d69d76726f

SHA256
cc9075e843ba8edfaeb0b73f877ff6dcdd93139dd8718a7c580e85ab99fd043d

SHA512
d6d2ef17c371689fa6eb28a4f7f2d42e442612dcec915e4fe78c1b180a91b019a73b78a4b2a6f7eefc930f22d68bb9e00fd763bc45a21824edaf73035b83c067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0d5440afb19082d92ab6f9ae0b6884d7

SHA1
c82d209511d76f5a3516bd5ccc5bb7286a86ecbe

SHA256
000565335940755a0261db9f8cd2468702f96181a81e8fd53b0555347bd46c4c

SHA512
3908d68d6812647e5f06b460a0cd579256144fbd63ad5f57576e8c5c232e5b2c14ac1755ef8d802335ac74c7b15feed149d494a486b4bdc3012c65d883ec8f26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9a9ef1a9ec069547562bd635516c620e

SHA1
93854f2aced2b873e57d7263ab293193b673b47e

SHA256
819622d11bbca8f53870711477fb52ea4317fb9f102ddd3be69611f9bd1108f8

SHA512
7900c3874ea20ebd81dd9a6333909e366e4db4175f8cef8d2b60a71b38d2a759fdef147206ea8232514067d61f2212243d4e69f1dfecefe9a4b341da50db23f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3972ecfe51b4f5a56ff5525093bffa3b

SHA1
5c95451b03cca0fb8db84f72ee68bab312858c3e

SHA256
613c33ab720d108e93ec977be0d8fc8d7717ba570855581adc06837d65346f94

SHA512
9865724b2602d2f5d2860bac6c7a96b277ac58e2103ad47b15148a69fa2b83e43a3f9af3310d5a1d734e0b4c760b77e08d27e3a2c03f371d35d12ac7f7a76391

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
20d4935d6f6faee97efa267f038acd6d

SHA1
eda71d724238a7a6067713167974495930848d80

SHA256
876775411f84cbb2c37e430222e9ceb64c3a6b8d7876224dba164bdc7131c743

SHA512
c0cda5bfd3072967a319b86885b00e0acbba0525ec2e59d3e14c74d0bdffb99bdb39f4dd614499c096b4e52bb03da20c15379e2d7891b5a8fe24d7b607baf505

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7b93a3e5efd4618a04ffc9a504fcfa83

SHA1
3200a6cfa6f4cb3fdf51d6b23a7ba4e881a1ff36

SHA256
78dc06cb1cdf500fab3be05b2134297674467eb589de33bc3c28831a1cac0a35

SHA512
5fbec86bbd0aa09fea1aa0ed518c127f5174fc271ee50580c7a92eb850d716b3528d01b31aa51594586373b5eae59efad16ae1010d100493c1eae57c241a888f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1142c2b7cf41b125bb8cf6ac34ab24d0

SHA1
701b368703de9f410504dc4fc4d6254e937497d4

SHA256
cf0d5f2001bec77a4efbf9e2575efc325891f7249a701a01db1d1602329290f1

SHA512
b020aaf63c40f11a71aadc34786c2540e6ee79b1c43d152c2b04804f4b2bc75cc1f780040fecf0ce911d503a9aee32d54d19aa5c3e536b777a3b0050dbd3453e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b3b1e3c33dd04c38a0e0a2aad8a948b8

SHA1
08d61bcb3987a68e808e8a85f92e80e84284713a

SHA256
8074b1ea7f549e525ba268d5aea2d4bbae35040f9e7d43c80c4abf534b8c895b

SHA512
20042b7924e8e7bd853b0c77cd141cfe110e8643a4d002cdc632c9a4698420bab2c989ef47f07bd6184c2ef5f0cbe7d0deda198474380e58cb286832d15f114a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fc5be65a6557694542d4b107c24ae7ab

SHA1
d153897f40f44cc055c44e028470df4cb3742a80

SHA256
b293f850d57d51f4f6f5cdb1fe357d7f632e964bfb4623c62737673ddec62daf

SHA512
327b0ea84cd1a5b518a9f252362a6d28891060176746e2e4b27cda4edd0914df08ff7d5c5158e69fbc976844c1b26bbed3b5922d423126925fe1dec43ca2737f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ab1b321e77755f8a3778db34405a8a03

SHA1
c9010786e16d66f6c97a64d23db4c8df32b7fd67

SHA256
6b9ef8d04514e9e0dcf68be3da1308ab486cb74fd25d207a19d5b178b394bc5f

SHA512
c001bf6eca9fa5a84f3841fdd4f60184b78c2f738bf08b1b53119f67caff9d6d92e334b82b75c6062d91f22e39daad0a5c239f600c871639bd31888a087cbda6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
372c9d555d3caa6a03a48bdea00423ae

SHA1
d200cd28019f3c4204024f3d9b9fc4176428947a

SHA256
7263cb4967fb50dafc5f73e4a6ffacce71ab50ae8cefea5c06aab575c32f2977

SHA512
77cbeb92bcb10b9ecef026b34c95ce0c2efc8e731d95b6f789f940d386aa07c18fc9fe52b7295387bb21175a4984d30baa014efe68b58897a3ea4a8759e9fadf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
63f5ad1b867835846b7944920c245a69

SHA1
275f35199308cefb148276989f84786f29f32eb1

SHA256
040eb4996980f89a2f87be6693ee35ec4015dbcfbe042b3ce5645da211534034

SHA512
767492cd05f3ce31230edf84ceb8993922ef8d497f091e88d2a74afe1b938f219591b74bd2c63255fa93d711179f9802ba3d0259a639bc509eea985f2887a922

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
79fe183c8a769890974ea40680880491

SHA1
0b96f014e8dc463ee474b800e6ec63474f174676

SHA256
39d6998d714cd13d5813a40dcad632800d36c722684ed575bbb22d4f9748ce14

SHA512
ea9be50921ab06213e1ca34fad9f6b9f3a6e976a00cb4990935cebabf3187e63d5a3387851098fc3e0f07dff4ff9cd9a4afde86e93421766ecbb72426cffb726

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
807af09f0150ab79d3c671dd19072bf3

SHA1
c082a24f3efdc3f702e896c8f8669551f52ca0d4

SHA256
6f319576280835c296ff137e19970063e7134df72df07db5d3c3b02841b22281

SHA512
037b398d6ef03bf53ff44be181625cd6d91fd2ba162253eaabdc6008fecd4e3d79ce0149ce5e0a4f61afa78217777fb53bd1e2437662257643f0c4a1f74b2f08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
72cc4c99fbe3d6920f9c6aec5fa2c17e

SHA1
05a06d3dcc01e8e2c94784121113fbe5eb4fe1dc

SHA256
bb46f7e6ab7c7e22164f9c1108d6329331e73642bb70cd19fe8268da1ae80750

SHA512
f763de0478ca28f7b32a29edd5e22b4bb74b6bd237ef483c49b46adfea0583dc4134be454c7c8577e8bc40c359c0f6a66bd90f92ca48004c5d79f424df631e47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
87da0089f32a18e4e4305f8b3c1c2856

SHA1
c103ebf434560f4c9e9f387fdf25d373c6fe5e97

SHA256
2ec42d017031a05921aa69bd3c93831dfff86ced99210c6509b9c670a47647bb

SHA512
e67ed90e97d0b6540cc6a0f690ff45d6c4d1778978c40a7841fde406aa4ed0c5cb42327efd91c85575b0319523201446bebe28f74bf97c49cc1f9e8d0b722333

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4d0fd9c639783fb5dd71e1f02714cd56

SHA1
f1c6a4896adee986a6e07db1db578a113b33e950

SHA256
25fa4e5fb7d9d3694e82c624ebe6d64e206ce1222665331da2a21898bca0698a

SHA512
72d0721a9e46a8ab89464da1c9eb2103a7590866ae1e3582ca35fc7349cca7e209e667304f4800e1657f70bbe5f4e28ac5b53eb77a39151b7333525d5f5cd62d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4571beee0c50413c862bdd42113ddebc

SHA1
543d2c50481d7df2d0d0f4e890479637263ebf1a

SHA256
8df1e96679a7f8053901552b49e251a4bc0b30bfc0de6320e402559d64af18e6

SHA512
19d79fbb51ba3e83ad4ddfa3db8b51216ead97b824ea7e7b7041455f865175169f739ccbc8119e7591d0e911af67997fb80c93e1b3b9d74fcae95231dc806bfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
24d13c0f72d1b763e6866536151ca06a

SHA1
01a523f80fa279839c852345d5126c9a060bffc3

SHA256
c0ce2f1429e6131596a887c36e8a01f70911f1c1e37d9676a4feae08832e2358

SHA512
909fb87b5165dc6b186eb4e2a1c6fc4ad3cef2d1b378dc5298748ed81bdf694379981e6ff2026b31545bcac0fb44727cabb966b3b17720e7f1daba6695e41544

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
1b8a1ec91bfa103a916c1a6ededa9f81

SHA1
4170a16040d4ea46d2337678f831d06ca4e30d7f

SHA256
676ab7b3d49fd905fdfba737c1454e86478c11e09c1b278dd17aa72d6e450ff4

SHA512
28feeada2f26b70607c9c04b35e041a780a679f11f2ce649d02f84f21bc4dd7cb067c452a37f3b8c1bb7f264e04f224babbc82d04cc0a8f14e6cd590822d0d65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
795501f3d50da9ceab63f304a55663b8

SHA1
8dc033b79d1daa4913644324ff717ad3395ce544

SHA256
57c1c8da06ce287e7828087ed28ff73e01c329431cd69d6131653fc29ef1c220

SHA512
bb751abe9b72ad680a9c75e62773e5aa88ee45a4aa2b602aab20e4db2410e1e432f410949494affec5da52b927ba694060ede0524fe989abf2a2f74088189b33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
47b2c45a41dc55436395cf2e22cc4aa1

SHA1
3361415c31a6ef115f8a779b55c296d610687a42

SHA256
d69a181eaa6096393831486d61f009dfd589311072a63e31d80b33b3613c2103

SHA512
66ae0689e3f6301c2bf305f3f27fdcd02836efe16a60da1697b32afaff28e16d2c9c6d8842cf508f06f10efe1c102a4af0a3f7a0665163ad6dda9001f132833a

Download Submit
C:\Users\Admin\Desktop\Client-built.exe

Filesize
78KB

MD5
eb98515119ff712596ded5d140780d2f

SHA1
0f1f0877652f2a0cb4b7a42585e7823bae3bab86

SHA256
428beca0a62651e9df211675fe7b2cc0a2ac1d495bc5a0750c19e5f9f43e20ea

SHA512
213e2e57ac4005377f3f838c1500d82e5a411bb952d612a0dbf16b9bb0b092333dc83b05d1d55f49e81fac62fd91497f873a4c4b79da27e5c46ca747890608d2

Download Submit
C:\Users\Admin\Desktop\Client-built.exe

Filesize
78KB

MD5
621d0e812a7383a23939594620bfe33b

SHA1
b5d3947d47e5fd4876f9fdbb33467395111f6af7

SHA256
add7c124dbb4cd3a0b94775ccad58eb634edc9641fd84831220915a2408761f6

SHA512
9d0f96eb59781d0d2eccd7223ff1ad8b33d65dbb5402392bb0d1e5de7d1dd72cd11d2d90967d6b3e165753b22e3291883151edd90a0fd47426068a27c836c2af

Download Submit
C:\Users\Admin\Desktop\Nuevo documento de texto.txt

Filesize
92B

MD5
347cd9fa15798f1e7eb088e66ffdadf8

SHA1
82714b401e6a85f011e914dc866842981689ca2e

SHA256
a194c004f5010fda7a7dcc8dba9c10f7bff3bf66f2ff39ef74ef28bd52eac438

SHA512
06cb39358b25e42d02e07afa7fa3f92fb104c7300fa0fec4fe9bdf146bc6ad881b79cc5691a048fb4b39e73846b7e2d5434d9ba3ae9709391bbb49b818ddb3eb

Download Submit
C:\Users\Admin\Desktop\Release\Discord rat.exe

Filesize
79KB

MD5
d13905e018eb965ded2e28ba0ab257b5

SHA1
6d7fe69566fddc69b33d698591c9a2c70d834858

SHA256
2bd631c6665656673a923c13359b0dc211debc05b2885127e26b0dce808e2dec

SHA512
b95bfdebef33ac72b6c21cdf0abb4961222b7efd17267cd7236e731dd0b6105ece28e784a95455f1ffc8a6dd1d580a467b07b3bd8cb2fb19e2111f1a864c97cb

Download Submit
C:\Users\Admin\Desktop\builder.exe

Filesize
10KB

MD5
4f04f0e1ff050abf6f1696be1e8bb039

SHA1
bebf3088fff4595bfb53aea6af11741946bbd9ce

SHA256
ded51c306ee7e59fa15c42798c80f988f6310ea77ab77de3d12dc01233757cfa

SHA512
94713824b81de323e368fde18679ef8b8f2883378bffd2b7bd2b4e4bd5d48b35c6e71c9f8e9b058ba497db1bd0781807e5b7cecfd540dad611da0986c72b9f12

Download Submit
C:\Users\Admin\Desktop\dnlib.dll

Filesize
1.1MB

MD5
508ccde8bc7003696f32af7054ca3d97

SHA1
1f6a0303c5ae5dc95853ec92fd8b979683c3f356

SHA256
4758c7c39522e17bf93b3993ada4a1f7dd42bb63331bac0dcd729885e1ba062a

SHA512
92a59a2e1f6bf0ce512d21cf4148fe027b3a98ed6da46925169a4d0d9835a7a4b1374ba0be84e576d9a8d4e45cb9c2336e1f5bd1ea53e39f0d8553db264e746d

Download Submit
memory/2348-115-0x000001FF64730000-0x000001FF64C58000-memory.dmp

Filesize
5.2MB

Download
memory/2348-114-0x000001FF63F30000-0x000001FF640F2000-memory.dmp

Filesize
1.8MB

Download
memory/2348-113-0x000001FF49830000-0x000001FF49848000-memory.dmp

Filesize
96KB

Download
memory/4000-103-0x00000000078D0000-0x00000000079F2000-memory.dmp

Filesize
1.1MB

Download
memory/4000-77-0x0000000074DEE000-0x0000000074DEF000-memory.dmp

Filesize
4KB

Download
memory/4000-78-0x0000000000530000-0x0000000000538000-memory.dmp

Filesize
32KB

Download
memory/4000-79-0x0000000005710000-0x0000000005CB6000-memory.dmp

Filesize
5.6MB

Download
memory/4000-80-0x0000000005000000-0x0000000005092000-memory.dmp

Filesize
584KB

Download
memory/4000-86-0x0000000004FE0000-0x0000000004FEA000-memory.dmp

Filesize
40KB

Download
memory/4000-87-0x0000000074DE0000-0x0000000075591000-memory.dmp

Filesize
7.7MB

Download
memory/4000-98-0x0000000074DEE000-0x0000000074DEF000-memory.dmp

Filesize
4KB

Download
memory/4000-99-0x0000000074DE0000-0x0000000075591000-memory.dmp

Filesize
7.7MB

Download
memory/4428-161-0x0000025E9A550000-0x0000025E9A568000-memory.dmp

Filesize
96KB

Download