Analysis

  • max time kernel
    150s
  • max time network
    148s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    23-12-2024 19:11

General

  • Target

    Released/BootstrapperUI.exe

  • Size

    292KB

  • MD5

    b0a74e83add05a9c0860e95c7c4a568b

  • SHA1

    7d2dc67ce9131589072528f8ae8c8e0be4bf0dea

  • SHA256

    74570a5fadda2982eb8aa481b04677382f04d24c78b8dce3dca4bc526b85cc37

  • SHA512

    adcdbad014c11988d6382f481759031b3744e79a9a03068040df6f21cde1f435098aae9dc8f7a442588c699ec3fbaae10fd866efc4d3ad58cc0b52c4dc25cb50

  • SSDEEP

    6144:tvKu90jCF+IPsir88THYrBBoJvEV1i9q9F5fN:dKu90jAUi1THyMszi9qL

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

https://spellshagey.biz/api

Signatures

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

  • Lumma family
  • Drops file in Windows directory 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Released\BootstrapperUI.exe
    "C:\Users\Admin\AppData\Local\Temp\Released\BootstrapperUI.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2112
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2112 -s 968
      2⤵
      • Program crash
      PID:548
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 2112 -ip 2112
    1⤵
      PID:1408
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:3152
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe"
        1⤵
        • Drops file in Windows directory
        • Enumerates system info in registry
        • Modifies data under HKEY_USERS
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of WriteProcessMemory
        PID:3664
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff87ea2cc40,0x7ff87ea2cc4c,0x7ff87ea2cc58
          2⤵
            PID:4808
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1760,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1752 /prefetch:2
            2⤵
              PID:1820
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1520,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2108 /prefetch:3
              2⤵
                PID:1688
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1672,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2196 /prefetch:8
                2⤵
                  PID:5016
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3080,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3128 /prefetch:1
                  2⤵
                    PID:4548
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3284 /prefetch:1
                    2⤵
                      PID:3612
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3548,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4484 /prefetch:1
                      2⤵
                        PID:2104
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4740,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4768 /prefetch:8
                        2⤵
                          PID:1656
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4772,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4788 /prefetch:8
                          2⤵
                            PID:1292
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4788,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5064 /prefetch:8
                            2⤵
                              PID:4332
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4716,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4792 /prefetch:8
                              2⤵
                                PID:1404
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4940,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5076 /prefetch:8
                                2⤵
                                  PID:3924
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4988,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:8
                                  2⤵
                                    PID:4728
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5156,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5208 /prefetch:2
                                    2⤵
                                      PID:4332
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5316,i,18077429772718797525,10511501090721747360,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5312 /prefetch:1
                                      2⤵
                                        PID:1776
                                    • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                      "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                      1⤵
                                        PID:476
                                      • C:\Windows\system32\svchost.exe
                                        C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                        1⤵
                                          PID:828

                                        Network

                                        MITRE ATT&CK Enterprise v15

                                        Replay Monitor

                                        Loading Replay Monitor...

                                        Downloads

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\50a8226a-1dfc-40cf-b415-241529199ce8.tmp

                                          Filesize

                                          231KB

                                          MD5

                                          9409ca13c76b7de03ef7123422eb4f99

                                          SHA1

                                          040ad11add4eebb08b703a78822428399a47ac13

                                          SHA256

                                          e40675b0064f82e9ea277cb4335f49d98d7985bd07522b4675905ff7bcf20de9

                                          SHA512

                                          45563bfd75d39e2bfcaf0674a66bdf482d550c936b0b4afb0b8d50a37db51a5ffaedbdeb8b8e86685a7284fd9d7aa05009fe9c91163399385be59e5baa12f7cf

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                          Filesize

                                          649B

                                          MD5

                                          66dca7bc7592763154e99779f8dfb382

                                          SHA1

                                          973aabe0f2f1ed25f640154b0c238fdcab082402

                                          SHA256

                                          1f537d06eb3e2e0db9a91da4cee51ae675551ec91bb1fe3bee79bd576fcdf8b8

                                          SHA512

                                          93551292d0d4126b1f4f9ea984b92688131c38e841952b51cff2cc52dc02727f075bb297624299f1b71a4665e2de8ccbb1cc62d7ec8abe2054c486758127c480

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

                                          Filesize

                                          215KB

                                          MD5

                                          d79b35ccf8e6af6714eb612714349097

                                          SHA1

                                          eb3ccc9ed29830df42f3fd129951cb8b791aaf98

                                          SHA256

                                          c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

                                          SHA512

                                          f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                          Filesize

                                          216B

                                          MD5

                                          ace5c0640e4e17914cc00261c29a8a43

                                          SHA1

                                          5e43a9ea3b76e1fe0c044b36e058a4857c02f038

                                          SHA256

                                          9bd5775ae34e825763a26a6e7c2e78aabdbd7fb962ef5e80a4a6e5fd8e207f06

                                          SHA512

                                          44963d4b852c77483e7f1a31560c2de75de10055ef6892c873c8264908c963331da49ad1b0c0de44cad16e79de4b49470901796d97df67b7c64f60ec1a2895d3

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                          Filesize

                                          216B

                                          MD5

                                          b1eb2b83997a332e7931d862900866ab

                                          SHA1

                                          7d19d5c14a4cbd403ee29de25022da57774ba02e

                                          SHA256

                                          1a3a4fd21a69e4a323742ae417bf06b0e8e2209b56402627467861a78064857a

                                          SHA512

                                          4e1daeb1c40696d252f82335c921071bd68b033dab1b9f58b46d886115b05055c430e74ad1599653aabfa11de45832a6ed0082808f31c65c54471c4e5c1fedb8

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

                                          Filesize

                                          851B

                                          MD5

                                          07ffbe5f24ca348723ff8c6c488abfb8

                                          SHA1

                                          6dc2851e39b2ee38f88cf5c35a90171dbea5b690

                                          SHA256

                                          6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

                                          SHA512

                                          7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

                                          Filesize

                                          854B

                                          MD5

                                          4ec1df2da46182103d2ffc3b92d20ca5

                                          SHA1

                                          fb9d1ba3710cf31a87165317c6edc110e98994ce

                                          SHA256

                                          6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

                                          SHA512

                                          939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                          Filesize

                                          2KB

                                          MD5

                                          38ef0fd0b317d76b66d74ae95705a7a4

                                          SHA1

                                          e10e6916205846b16cf9802590a6850aeac3b023

                                          SHA256

                                          bba097baad3157cdc4f515fa4d13c1417fa167ff60d5257f19d8783e7a8ca710

                                          SHA512

                                          2c2df405c28e5338fa6bda591aaef91ebe1a49b4a9e549ab9ae9bca953a0cad9aa85a11e4b8fee1c0dbf17a7a8d0df0e6bb41b0e0a6c2c4ea3c8a4c9591dc8b3

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                          Filesize

                                          2B

                                          MD5

                                          d751713988987e9331980363e24189ce

                                          SHA1

                                          97d170e1550eee4afc0af065b78cda302a97674c

                                          SHA256

                                          4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                          SHA512

                                          b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                          Filesize

                                          356B

                                          MD5

                                          6be7368aa8cdd35161b94acc2e350e25

                                          SHA1

                                          88e2b4a8b55977ff7617164d151885830f9665f8

                                          SHA256

                                          110b0ea6caa44c0562e74e410be052b1e74d57f6469aa7ee9632ada951fe7587

                                          SHA512

                                          e5bf8322505731da7ae1673339dc1e63e983b5b84a32ab98b95a54bbfa17239b1f96ce3bb341ce19e3f016ef4d3a5e7deb3e3d100df075d03b21b2aeffdcee4f

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                          Filesize

                                          356B

                                          MD5

                                          e0613ad96707b52a9c55a7932cd1bc05

                                          SHA1

                                          2650976dd093c68a1ac38cbd48aebd6c2971d2b9

                                          SHA256

                                          d764505ee6ea6fe4ebdee2843dad77299e5699bbe1aa8b5f62d847f82f43a421

                                          SHA512

                                          85a485af061c30da3acb2f46c4e00c8a5dec56492a21659ad9f77a8f1b002767b5ef646c34f33494c854b8ad4dea9ed9d674feed5ec99ff088a8fc6d9bd9ee50

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          9KB

                                          MD5

                                          4fc37fe4fb85f4f361eaa9d7877efa8d

                                          SHA1

                                          aae8372216e3833c91cbe0179d52f31d8680bdf3

                                          SHA256

                                          e3446dd9e18caa110153241b4d3ada116d5a0f485c326653d53726c94c275e87

                                          SHA512

                                          e8b1dc049d961ebe638af0200d0aa2411385b0278e86abba23159a5a3bd0a65f6bb35eadef7a4a8dca52093c551af6c2c963dea98ce95d8b07ce5a860d834af4

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          9KB

                                          MD5

                                          8dffb2f91a671438d4acd045451248df

                                          SHA1

                                          9cd0a6499e05d16dd4a4fb68799d7dc07d46cfe9

                                          SHA256

                                          e2b4088a07d9fce713faaabbcfeccbef89616669efa29300652633eb22ee6ca6

                                          SHA512

                                          c4a1f21d4229bf5c6779c1fddc22c985b9fae4d2fe653af26a73bd445948a9d3dce320fa3655f8728f5aa41441ca95568e8df55fa41009472ebc7f0e9b763671

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          9KB

                                          MD5

                                          949ba24082832e2b14cf4ccf8f046e72

                                          SHA1

                                          0e472f1816718b5ae29b690b3441d4b29afee3ac

                                          SHA256

                                          728a1b986ba25e1d0586a6e06900c099195cc015037a1917507822580d717c2c

                                          SHA512

                                          0cad9930718ca2fd8c6558b312466b110374ea4ad6027be2176d7ada0e8dececc07bcc9b3a4ce8bfae9a6308940512fe339b95c2227d02388b1c78dec4646a5b

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          9KB

                                          MD5

                                          9415bd2eb4e8282ee73c0e9bd801153d

                                          SHA1

                                          36a4dd6f31d15fe3ef29e9e65bab34c30a9c0638

                                          SHA256

                                          6c404ea1a1eb3c997335d7a8c79441392478f60f2d0004227769e1935a1d5a25

                                          SHA512

                                          c82aad7172f99257d3120cc72b3b504f8c772f0fc1d712b7842c79ffd9f4c128a8e580d6328188ca0322816c8098042e00d123de5b4ced0dc44d86d2004154e0

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          9KB

                                          MD5

                                          0ddeae8b72a74aba9f17f69856626760

                                          SHA1

                                          9f3a13ddea2ff1554d770ced58a27db73dd11fd3

                                          SHA256

                                          2e69e9bce2f0517a551e93092c2e21e9429ff58f0233943eb1d2ca30fb70bd20

                                          SHA512

                                          1510de84133b8602c779e718efccd64b5aa3d40bf102cd5cdd2b45a1de34f5bfbebd0ea8307c8bdaa952d111f9b6e199dfd91d2ffe841c70bc048b6c7e9d01fe

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          9KB

                                          MD5

                                          ebcfcd1f768024013541b9366adcf2f6

                                          SHA1

                                          e05fa33d2ce206e8049b6d7805d1e1c6d1eb5737

                                          SHA256

                                          5a00bcd101191d4af2e50f3821a33665f4704ddf439545f7a1d649f33bcf1416

                                          SHA512

                                          becd59ab2899acf9f6278c600a35fda81d2c2cc4f30013abf8639009c70237c67d723b96ccca59daddb417e8edb30ae22cb080d4e3e90cdec7f3795f3a3527ee

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                          Filesize

                                          15KB

                                          MD5

                                          223eb17f92ccccd2f557ef51d3fc03b2

                                          SHA1

                                          037e32b19c6c0bb871f4b46992d774a4fd2be685

                                          SHA256

                                          add4d600e8153e5f711c7566539deec8154f7b9e3602d49734f4874a70a18913

                                          SHA512

                                          e90284c814e6ced1b8c339e37028db5cfa5e24a6598080ba240552319c7c4d6f045fc340b70b0686ff918b5f09af43c6e25e580392c2acf27000e20bc087fa7f

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                          Filesize

                                          72B

                                          MD5

                                          5cabde997d5a7b049022559800ae4351

                                          SHA1

                                          9e7467190be8a3bce21d2351b9dc6e38257d62b4

                                          SHA256

                                          b35272d091a29a1ee1c6e9d3fd5beec3842dabc3b86495fcf56f841502def293

                                          SHA512

                                          091aa9355731ad634698653efdf7458fdbe9ae93d77f3a32d4de5725c2fa8144226e1aa01fa04a1f422808fee20cddaf3e628a93cba1cb2cd850740a24631505

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\fb37bcc3-1558-4c02-9fee-b6dcaf7e531d.tmp

                                          Filesize

                                          9KB

                                          MD5

                                          f33e029c30a607482e36f51a44008e46

                                          SHA1

                                          53437364a177f948dfd0222da1d0e8af2cf3de21

                                          SHA256

                                          b3785e1677dc834354726fa21f949c8226e722f39ef8bb74fe2ec0aaf2405fe9

                                          SHA512

                                          bacfef932c43dd59cfc7c2ed0efb99dd827f1f2e3e99577c36c43aa0136ecd37a7405ec442257f898fb2fc3633cb8cc2f231d8ca76e031bb261e5a3663f3c1fe

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                          Filesize

                                          231KB

                                          MD5

                                          f79f93dca10bd5f0a9eae7f38a40464a

                                          SHA1

                                          89e0e1b30d87280b7bcdee68ead19d4d53de3a68

                                          SHA256

                                          981b0d102fa8b1fd0e644c78de2eb870b67531d7c8e05c4cec76ea9a190a74e3

                                          SHA512

                                          713b2c4f50d7a7f0fa43f6888b0101b3cd2f4875271694d1b8309ee8513bb9887ae2e201e01fd5c8bf24e3e7c7566320ccb4034bfdec5c7d2a6ddc959ff6a3fb

                                        • C:\Users\Admin\AppData\Local\Temp\9524c8d5-964d-4430-930f-a028496ceb05.tmp

                                          Filesize

                                          150KB

                                          MD5

                                          14937b985303ecce4196154a24fc369a

                                          SHA1

                                          ecfe89e11a8d08ce0c8745ff5735d5edad683730

                                          SHA256

                                          71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

                                          SHA512

                                          1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

                                        • C:\Users\Admin\AppData\Local\Temp\scoped_dir3664_2070984787\CRX_INSTALL\_locales\en\messages.json

                                          Filesize

                                          711B

                                          MD5

                                          558659936250e03cc14b60ebf648aa09

                                          SHA1

                                          32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

                                          SHA256

                                          2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

                                          SHA512

                                          1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

                                        • memory/2112-3-0x0000000000400000-0x0000000000458000-memory.dmp

                                          Filesize

                                          352KB

                                        • memory/2112-4-0x00000000022A0000-0x00000000022CC000-memory.dmp

                                          Filesize

                                          176KB

                                        • memory/2112-5-0x00000000022D0000-0x000000000231B000-memory.dmp

                                          Filesize

                                          300KB

                                        • memory/2112-2-0x0000000000400000-0x0000000000458000-memory.dmp

                                          Filesize

                                          352KB

                                        • memory/2112-1-0x00000000022D0000-0x000000000231B000-memory.dmp

                                          Filesize

                                          300KB

                                        • memory/2112-0-0x00000000022A0000-0x00000000022CC000-memory.dmp

                                          Filesize

                                          176KB