Malware Analysis Report

2025-01-19 00:14

Sample ID 241222-2xjwsa1qck
Target .
SHA256 ec32183425f582f636d59a00571e501ad3161340409a73731dc32b956a890a94
Tags
discovery
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

SHA256

ec32183425f582f636d59a00571e501ad3161340409a73731dc32b956a890a94

Threat Level: Likely benign

The file . was found to be: Likely benign.

Malicious Activity Summary

discovery

Drops file in Windows directory

Browser Information Discovery

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Checks memory information

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Checks CPU information

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-12-22 22:57

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-12-22 22:57

Reported

2024-12-22 23:02

Platform

win11-20241007-en

Max time kernel

300s

Max time network

245s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\.html

Signatures

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133793818750738248" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2068 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 3364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\.html

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffda74ecc40,0x7ffda74ecc4c,0x7ffda74ecc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1928,i,2382466238647308266,8538331898553868649,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1924 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1792,i,2382466238647308266,8538331898553868649,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2244 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1940,i,2382466238647308266,8538331898553868649,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2360 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3068,i,2382466238647308266,8538331898553868649,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3108 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3084,i,2382466238647308266,8538331898553868649,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4396,i,2382466238647308266,8538331898553868649,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4556 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4588,i,2382466238647308266,8538331898553868649,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4708 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 170.214.58.216.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
N/A 51.104.15.252:443 tcp

Files

\??\pipe\crashpad_2068_CFFHWNCPTJOIHDAA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 ae2f5bc6a5f5371ef6d62bcaa8c33137
SHA1 f58f916e6aede4159e3e4b270f7b478e0a38aeb0
SHA256 dfd740401e02d12216a1f47b256f3f365cf3e0f11698c4b8725db662cccd6497
SHA512 8df828e5796170d02279215f595feabae467a897b23cb332e24e7640abb5a42f95bce1c5d76f94dfa639cdec13fe7e4859f4e406ff04f064efd94e7282a20d21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6dc85c4f0a8a7a88fa2a77a44b8347c9
SHA1 ad844e9bde434250762e3077d88640ddb0e97927
SHA256 318015d19e72d4a76366bb9dfa4dd4d10d0f78c671638aa8a6e3b8231c44b02c
SHA512 4eb06e64e6c8d9c138754a53f67f350b7304df41e6006ba2bbc46329dbf7db2c21db28afbcc73ff334176dd6488448467b27f7f8371d11b931baaad589b308ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ad44d1d2eb89c9c9747b675a0b369db
SHA1 4127dc5744268ccc5fea45b3d76fd61a8a38334f
SHA256 7438b1540c22d67dd824d6464d1860da7624d8b492ff443c9eeb0d340d0709f7
SHA512 6452d7e7e06350a3c90476263f7dc7cb398d9ebd9f442f69a5c918d5f7da7d1f5d291e1afab72fdc50cfb1181cf8093b4c8a0beb97e92b4cb1c1eb3c33e120a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0de00e11e8bc7e0ae1f05f108312cafe
SHA1 638df650f1aed6427e5cbff4cc55fa43b1032f86
SHA256 2c58c2ab20920adf72fc34b4ec6b4553710456523aa84389c3c0262d7eeeee78
SHA512 4febae3aa377045ca8b5dbdf7f0d0a50fb13f3a2dd636a53b0e5a3985eca2bf5d8ecee7d439c5df275cb2dc471b7bf04de1ff4a21e1e78ab1cab2e0bf7eab15c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bc2f31b375fe6be4714078f2debc4fb0
SHA1 1bf324c6d3819de752f21d5d9969eb905a8d0ac7
SHA256 e0d4ffefb103c83b6894aea6a7b5d1ad179b22e8e588696f7050d9d448819c16
SHA512 c155349dccd6e5cb9a34c63036a0edba4e7aa541019ed7967474acb8aedf2b5ce3a3e4786bb86deaee341e2afc4d3aae6d86bb2a02abd5133a924ebd4d331d41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3fad6856f3fe29bd578db89e614f332f
SHA1 0557cc49888609613d9c8cd95377cbb730b7d485
SHA256 9eba3feff1f22278c63b1b360cb660354228cc714aaef8a969319c41467ea7fe
SHA512 362be1ddc41c1eb8066c1689f450c53335a8760f7288afd9102e34e0f27f0e11e6d478cd640e7b644e9117a0f4b90772e7cd93a26e1d5e7a87c57dc2c20e8a2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8ad793d53a46b47753d7402a45293369
SHA1 af03a3b5606d8dba4fffc979eb47195b4e4711eb
SHA256 af7bb159e61a8183909073e3132255bccadeb00bacfd0756ebd584ccb168538b
SHA512 42f908e14bfc17af7ffe11a7ee4a2c86d7cca6381821969e466ce7ab20da03441562213f584c4216d4f5fa470075557704f05bcf757cbc43f2bb911849ec5963

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1c1679ffd35efcf3e75a50f9beaa51b0
SHA1 6441800b8dce5e68fb75ec7691b13b165c8c7983
SHA256 7c983f45019c2d3db19c574cc4bd6ddea99f56bbc0ac705fbbbb2d86e0e289a4
SHA512 d01fa8f35f8b85ab2da76d50413940fc92f4f97ab35f4828ec84d1ebd00e07f3db1aa4086336ff56f2cadd85bb0f4953f5f2e5a58cbdfba76b6cef588dc12d42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4837a11211dece478c0d81c2ddf2048f
SHA1 47c9300731734d951ac52769a4a3ea27eeb61c47
SHA256 9067123d660486c829720f1a33f6f1b2458a6120d127d53b842447bfed8f5866
SHA512 dc49d052336e6d671fb5a25545c0a5244e27b8c82fee7e0946d399d0c35d96a962de23e2d1efa0742041ae0333bc48773cce377c1f22fd949df4d576c71e4813

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 61ea56847edeafdc87e501a37035c509
SHA1 975ab6b731237e5a75327ec69cf48857fea0adf3
SHA256 0c66733140968609e9877c38a82ced11c19fccf14e6767f1f7bf663dece220ee
SHA512 fca805b7e76bf30de4ae82f6f3d3278ef7f2f8c2dc699fc7204e9aa92c27507cd4b0c7d96b39b5e9914b9bc7599cdaad0eb434adcbb3699f82d6c0bf1e700ed9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 003aeeee6f6c95d779d6395f66300436
SHA1 f7692647d68feb6f425b1ad4b008a8da573e291b
SHA256 b4dea4b8a9e66edf150e8a3d7f74c2915f09b1fc0792f0b3d8588233cab496f8
SHA512 78bfe54f975db5be93c91cfd37a36839b4febc463bebbc0c9974256f0339dd97849fa94cbcb410ed61807ad5fe926cb7305e9a8fda424ef414a70a465b19a308

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b36c9736b7f9ca40588aae2a58db789f
SHA1 dacdb663b0fa61b92c3faf433ae9493d4ba207e5
SHA256 7755dd4e347258aa253ff81fcee3bb17eb9731338854746f83029bf3242bb4dc
SHA512 d8cece3d22faff6943031b459b122f7a243299eb8a9a320da2fc4d7d77f25bdf96741586cf61e4e0df4fc9dacc63258f340adf10f3545e28a248465e3a099949

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da5f4ce3188f608b99712b260142b8de
SHA1 1ecf7944de7d9b3b46174379e5214dad8e913bb0
SHA256 bc3eef4670086734f2b35ecf47d0dd73b76e892fd6568285eb2daee616c9fc28
SHA512 036faeb03e62b6afb173af7d0e5a870623c46b75e374144be182170b129386a0326964d41b55a55e1ae2fbcd21b8d95afffef7281ea88b5b3f3616d1f2b08bf0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c85baf92c67c3f4aac4ec45f73090f2f
SHA1 c7fe818fe80a3f143da496fd58392f727daa81e8
SHA256 6076c0318c4379b0c69fd79fec8006ae892609c58abf365a1b99a93521da19ab
SHA512 c8b38fa1206d35b318c12c3840f2b5214712f8191aa1b4ad623c46bae83bc87de23b54f63f48bb72c2b0486efbca8d671ead38143fa0af9cbb7321aa826b7f57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d75832036604c2bf7cab2ac4e83b48b6
SHA1 10c53aa6b3c4ee2254da99ec5ee8f34a16474b40
SHA256 8fc0d8ac3ca33a7043e6264f829ee8f6d9502977704856f4e7c03a774ab3e43a
SHA512 f65e37fd332272c2d77b5ad73ece7b077e3635b9f03023ad00955045bc809e811a2410540f906af497b3776bcd3e122d2fb57f1fc88a1cf9bc789a1a61ba22e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4cc7ea97ff792ea54bd20510e19227de
SHA1 33092630a4b2126b9421b2327190b9d5d383901c
SHA256 7bb807e7506cebe1816d0df42462af05162398c1c47ae4337e85f71f4e6d7027
SHA512 486e9fae49cfe2c43e3c2d67617a0e7978750adafd3bba663ef7a11ec55090c79a79fa6a22b4888ac89686e6fcb116c9478269aa5a8bdd65e15b4ae473cd9d16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55454aa30ae4a46ddf061a3efc99feb3
SHA1 a54e7dc41b1d9d82d3117186665d04b86ae8172b
SHA256 1db2accf68ba7599d615caa829ea0eefc45d4e6f014a99da68a6ff04b406aa06
SHA512 67527f40a9170b2680f24a4b6ed9c5412a47dc3cb0b298273bb6e2e562485f25028c6c029dc51176a834401837ced2c281e3c5725b297a2144003c947e4855cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7b2355a3a6e44e816ae0f20db5aeb34c
SHA1 5cc8a1524d3d08b9c2b994ebdc98851ba95b6805
SHA256 23b6392876f9fb3d0d2d84076235b6b2627b84741c375c72d5238b7e53d8eb2b
SHA512 a90251fcbac3e76816afa0bf8f4edbf17fcedf301b81fba97bec4e2b768e901d775eb3964ee2f4e8655a47f569844262d3d48bc40e2612dcc91b6375d138839c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a85f7d3a24044e0ecf735aa204a8669
SHA1 f7471a431b8520b58e919eff02c6873af2d0d059
SHA256 b78509b4ba9c9ad42183d80186df0f21e46f91d6f62bcf4ce3bce051f54fea64
SHA512 54612bd73265f26076f0956b128e86d6de7ac9ed2d9d877e6e9a0abe2e538e951c7204bc3e0471ecbdf81be9e5b474ef54e4f7d3594ade6caf3017b1ecf981ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 891a219d49163819034d00eae7f83b39
SHA1 667da0e93f890c1cacf75e8af29a227133ea4b07
SHA256 ce2d899e82c1ae90ec3c67137c78ad04a19127e8a007464e88dc5c726ab9dd11
SHA512 8108d67c61e52abb0f05c3c55adf2a93ec8f0a47758c2afa5e63b61c8c4da6701649ee716d0775ff212bf72011578bfb553fdcec51e5f5bf6f222408ba7fc3fc

Analysis: behavioral2

Detonation Overview

Submitted

2024-12-22 22:57

Reported

2024-12-22 23:03

Platform

android-33-x64-arm64-20240624-en

Max time kernel

287s

Max time network

304s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.228:443 udp
GB 142.250.187.228:443 tcp
GB 216.58.213.10:443 tcp
US 162.159.61.3:443 tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
GB 216.58.212.202:443 remoteprovisioning.googleapis.com tcp
US 1.1.1.1:53 gmscompliance-pa.googleapis.com udp
US 1.1.1.1:53 accounts.google.com udp
BE 74.125.133.84:443 accounts.google.com tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.169.14:443 android.apis.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.180.3:443 update.googleapis.com tcp
US 1.1.1.1:53 rcs-acs-tmo-us.jibe.google.com udp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com udp
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
GB 142.250.187.228:443 tcp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp
GB 142.250.187.228:443 udp
US 172.64.41.3:443 chrome.cloudflare-dns.com udp
GB 216.58.201.99:443 update.googleapis.com tcp
GB 216.58.201.99:443 udp
US 162.159.61.3:443 chrome.cloudflare-dns.com udp
GB 216.58.201.100:443 udp
GB 216.58.201.100:443 udp
GB 216.58.201.100:443 udp
US 1.1.1.1:53 gmscompliance-pa.googleapis.com udp
GB 216.58.201.100:443 udp
GB 216.58.201.98:443 tcp
GB 216.58.201.98:443 tcp
GB 216.58.201.98:443 tcp
GB 216.58.213.6:443 tcp
GB 142.250.200.2:443 tcp
GB 216.58.212.206:443 tcp
US 216.239.32.36:443 tcp
GB 142.250.180.10:443 gmscompliance-pa.googleapis.com tcp
GB 172.217.169.1:443 tcp
GB 216.58.213.1:443 tcp
GB 172.217.169.1:443 tcp
GB 172.217.169.1:443 tcp
GB 172.217.169.1:443 tcp
GB 172.217.169.1:443 tcp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-12-22 22:57

Reported

2024-12-22 23:02

Platform

android-x86-arm-20240624-en

Max time kernel

115s

Max time network

301s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 142.250.178.10:443 tcp
GB 172.217.16.227:80 tcp
GB 172.217.16.228:443 tcp
GB 142.250.200.2:443 tcp
GB 142.250.187.227:443 tcp
GB 142.250.179.238:443 tcp
GB 142.250.187.227:443 tcp
GB 142.250.179.238:443 tcp
GB 142.250.187.227:443 tcp
GB 142.250.187.227:443 tcp

Files

N/A