cdba7b5aba4ebcfa1564d8efc70a08029fe8252a1624221bed0cc215d99f6465

Resubmissions

29/12/2024, 16:27

241229-tx9hfavkbk 3

29/12/2024, 16:21

29/12/2024, 16:16

29/12/2024, 16:13

15/04/2024, 16:17

Analysis

max time kernel
150s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
29/12/2024, 16:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

[✨ NETFLIX ✨] ⚡️2X NETFLIX PREMIUM COOKIES ⚡ NETFLIX PREMIUM COOKIES⚡.txt
Size

3KB
MD5

2b77a3afda4c3f40b2e2ac3c536b6931
SHA1

5734b1a7c3d0776b9e6c9d72e4fd51632434380a
SHA256

cdba7b5aba4ebcfa1564d8efc70a08029fe8252a1624221bed0cc215d99f6465
SHA512

63627892f03c65685e06524e05d1cb7dda59cbd5b565c86ad45cb060f7fd0c1b7427e7ad42e3cbc54dc069d28c42b4cd62838d1c46086c9b9da217bc327947ff

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133799624776140468"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1984	vlc.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4028	chrome.exe
4028	chrome.exe
1512	chrome.exe
1512	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1984	vlc.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe
Token: SeShutdownPrivilege	4028	chrome.exe
Token: SeCreatePagefilePrivilege	4028	chrome.exe

Suspicious use of FindShellTrayWindow 59 IoCs

pid	Process
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
1984	vlc.exe
1984	vlc.exe
1984	vlc.exe
1984	vlc.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe

Suspicious use of SendNotifyMessage 51 IoCs

pid	Process
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
1984	vlc.exe
1984	vlc.exe
1984	vlc.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe
1512	chrome.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1984	vlc.exe
1512	chrome.exe
1512	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4028 wrote to memory of 3428	4028	chrome.exe	101
PID 4028 wrote to memory of 3428	4028	chrome.exe	101
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 640	4028	chrome.exe	102
PID 4028 wrote to memory of 4932	4028	chrome.exe	103
PID 4028 wrote to memory of 4932	4028	chrome.exe	103
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104
PID 4028 wrote to memory of 3908	4028	chrome.exe	104

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE "C:\Users\Admin\AppData\Local\Temp\[✨ NETFLIX ✨] ⚡️2X NETFLIX PREMIUM COOKIES ⚡ NETFLIX PREMIUM COOKIES⚡.txt"
1⤵
PID:5088

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd2ed8cc40,0x7ffd2ed8cc4c,0x7ffd2ed8cc58
  2⤵
  PID:3428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1752,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1828 /prefetch:2
  2⤵
  PID:640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1796,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2400 /prefetch:3
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2472 /prefetch:8
  2⤵
  PID:3908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:4764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3196,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3428 /prefetch:1
  2⤵
  PID:3324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4468,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4572 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4916,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:8
  2⤵
  PID:2616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4960,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4952 /prefetch:8
  2⤵
  PID:4752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4724,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4940 /prefetch:8
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5116,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5088 /prefetch:8
  2⤵
  PID:2620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4928,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4956 /prefetch:8
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4548,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5232 /prefetch:8
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5488,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5380 /prefetch:2
  2⤵
  PID:3192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5664,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5328 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4800,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:5008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5712,i,3717886000978456514,12362766971695028844,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:2888

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1552

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2248

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\UndoConvertTo.avi"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:1984

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:1512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xe0,0xd4,0x100,0xdc,0x104,0x7ffd2ed8cc40,0x7ffd2ed8cc4c,0x7ffd2ed8cc58
  2⤵
  PID:3156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2112,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:1168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1780,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  PID:2696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=552,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=2264 /prefetch:8
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3128,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=3176 /prefetch:1
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3136,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4484,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=4384 /prefetch:1
  2⤵
  PID:1844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4828,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=4836 /prefetch:8
  2⤵
  PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5044,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=4864 /prefetch:8
  2⤵
  PID:3176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5132,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=5220 /prefetch:1
  2⤵
  PID:1116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3308,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5336,i,6845907083466673516,11258502278416980512,262144 --variations-seed-version=20241225-174432.450000 --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:4016

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4404

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
0cbe49c501b96422e1f72227d7f5c947

SHA1
4b0be378d516669ef2b5028a0b867e23f5641808

SHA256
750530732cba446649e872839c11e7b2a44e9fb5e053fc3b444678a5a8b262ac

SHA512
984ea25c89baf0eb1d9f905841bda39813a94e2d1923dfb42d7165f15c589bd7ff864040ec8f3f682f3c57702498efff15a499f7dc077dd722d84b47cf895931

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1d87129a-da89-4342-8c4e-41c201cb714b.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
a52a56b41ceb03c4ee7eacaedf021ef7

SHA1
f8adadff30b84307f173004b5ae1830ffacb4733

SHA256
e4fd882485bd4e2c0544298fc82dbf6d2b190315e0e6c040af8130b53df7691b

SHA512
1c4f4e0f35a71eea96fef42aeaa73e49d319bf9fb75facf9cd9bb5c536f72b5b7d0602a19c73a4ac01d8425e954acd319c4efc3b0201156c7f86641837c3ebca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
767869f66eb386f88cb9849d6b965537

SHA1
d0c1381f34a17452fbd988008131949436f6cf56

SHA256
2e38d0d4f9bd1ab8624c61950af149e1c8527ea2f3aceaad1baecbaf83e890bb

SHA512
324d726cfd9e8ebc23ab7874f6bd7687f29047356f5d8243fe45d639d5bf935bf9249e74932b97aabf47f9936535e63e708760a0dc84fe398585a1194fa93d85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
726debab3cee6160c79a3215eff24c46

SHA1
e03a4887f76fe2303880e6510becc314b6e1f0c7

SHA256
7cd22c3e613cf171854d8e4d94a4a2dc2b6c6ba8b9f924814b831c0df27c131a

SHA512
aa101f7135743bb1300707337e74a96c317fc5e0fc88f9edf2da9a9905f3ab1aba2712df75a2abc120cafa1eecf32e3c5bd04ab53eee228f0862fe4fc2e6efcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
0c91db6214f5ecf8315eb8602ae41c64

SHA1
16f959dc12b3c9852bc72fff9ee74c7d674d23e4

SHA256
435bd888d4776201552bdea304d975022cb88afcc14545003409a18ccd7f70f1

SHA512
47113c84479db4b6702bf71436502e3476855b7bcbba1d4ec6c3a1e33efde3a4b94d556d955bff29fb3e0f56eb2bf92cc6f6b04a69d19c5c37c867efe55e89e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
d6aae91d63ecdda49002fcb0d6e1acde

SHA1
8c80a0c3b2b2744550bc57c58dabf8db687daa18

SHA256
b2f8ffd7bacc7eb1cc802a4664ed597db55c671841f5a631d58f989ecda66f35

SHA512
381ccb1b6b13b9b3346abc09e826aa35d14d319ef3f292ca04008a65d718513a5282789cf1f30350a0a4c65cafaa67ce77ef50b62e4485fa22ca576e09ac57f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
41KB

MD5
ca9e4686e278b752e1dec522d6830b1f

SHA1
1129a37b84ee4708492f51323c90804bb0dfed64

SHA256
b36086821f07e11041fc44b05d2cafe3fb756633e72b07da453c28bd4735ed26

SHA512
600e5d6e1df68423976b1dcfa99e56cb8b8f5cd008d52482fefb086546256a9822025d75f5b286996b19ee1c7cd254f476abf4de0cf8c6205d9f7d5e49b80671

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
39KB

MD5
0eb14c44906ed2718f1b5027dd758edd

SHA1
4f35229370d126ba57aecf65b925eccc76b49892

SHA256
67ffac0eb425be57262d8d2a07619c8878080b17910d8481ae83b0a32d389d2f

SHA512
8392481cfb8064a623bd77e18daba51a2523eedded1d05f5360c1780f89471eb29cdde7dde1c5f1cf7bca5093c76ef4175f0d5b0a160352e5e1332d697c49e8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
33KB

MD5
01b543adb61df7411316401b6785185f

SHA1
547fa1af3c17029253a4453a2596b9585b2c95b0

SHA256
856ee55f1f88e843534d1420232c12f4b9a2266d98dcdff0c57d6bf7e998b69d

SHA512
a1c914e62dbc984ef4653b6a9b507c7431885201000ad34dfea7eebc6dcc3632f02eaeb5717c0464b805401078800babbf059c0f8512a510740795ce589a1390

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
27KB

MD5
e51e974c371d0a0a004f5c8625b52574

SHA1
f09d46c0f543b3d85047a4f760cc691909d913e4

SHA256
aa7dc89e3719f14e01043dd6c6c6b3a9cb8f44caafbd38484e22e2c7aad1d1ea

SHA512
cf9f800ccabc1d1bb58c4ee32cc422d62886e4149f5376ebe97ae2812405181e55ccb89989073036599f044a762560ffcce36589367513e684f6e239ac2f1559

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
731508b32e5c9d7e283ab2bef28dcb08

SHA1
2e6b940076dda141d95353c259638c6a13673707

SHA256
13dfa334cb398f2582c549018ae63985cf9fb5eacf51ebb4af820512ca68b25d

SHA512
428d008fe6fd9921084182869847fd250765a1ce98fe25cabb947b38228474df2a4f27c9c446213a1fa38572d11b22f413afc691a547b74536c3be076d654012

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
294d7e241698ea9bcea862a43336ec50

SHA1
90e6511b8742b893165802c470cb73235f4a12b9

SHA256
c11cdcb49636ea5694604158f712938458391151b62048741249285817b03900

SHA512
3138dc5a76531d9d938f967db7b9cd5f153d0ef1bf236d46a58d6e39a91e1e11dbf1a8b9722805c9a4c81089be1a86ce9bee5bfe8c5e7a184fa94f1c5dd943b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_metadata\computed_hashes.json

Filesize
5KB

MD5
b60565bcc498024ac6b314bbde5fc51f

SHA1
5a56ef1f2db4075458d28a8cbfa8c2016e132d12

SHA256
2789f5c2c30836bcd23b16b56bd75e1adb34464d81a0985c7f4333d851d5d0b4

SHA512
5089f9447e4f942109fa4f6d178269ac112bd404376561b13360e4fc2dff852b592e8880fe4e239f2cad83d718ce5aa079eba5c5bbc620fcb23c3217a048a847

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_metadata\verified_contents.json

Filesize
11KB

MD5
0a68c9539a188b8bb4f9573f2f2321d6

SHA1
e0f814fa4dcc04edc6a5d39cbc1038979e88f0e5

SHA256
39e6c25d096afd156644f07586d85e37f1f7b3da9b636471e8d15ceb14db184f

SHA512
13f133c173c6622b8e1b6f86a551cbc5b0b2446b3cf96e4ae8ca2646009b99e4a360c2db3168cb94a488faebd215003dfa60d10150b7a85b5f8919900bd01ccc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
a184a440d8118c2b3a1493b30fa2b189

SHA1
1a014cb97c9e3d29c59a53b139ac5605603ba1a8

SHA256
50a995c0defff82e4ca6f2e7d969b49bda1300452b086a1469a9a43a29dcbe1d

SHA512
b25537e4f3147b84defb165f83c0f2ef9652eef5bfd1f916be3adcd3bcc2a7ab19ec6569acb35694d47700b3f58634f8233e790a56e51a3fb927d4f3c74f6b99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

Filesize
44KB

MD5
fb4e67226e241ebb7f76a5819246eafe

SHA1
fee8c4eef45f56f1a8669888bd708108c8446719

SHA256
0307ac85859ded90b5fb94433b1b869abc5fd88cdb2bb662f52e2baeba6a3277

SHA512
2ecd32117fdda7bb8c14ffe53243e54980332f27f1a53685bfd3e96fcb41b34ffdf3cf54571860efa7c0f93022dbfb33326bdf600e833715ab6669ec9e974b79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f6fec74aca17a4e5138b7b6f70610bad

SHA1
915ace839a601dba1cefbe9e2c70d480900e65e7

SHA256
37ab72a0c328bbfdca86022ab80731e0d17875a31bd0a2ea5aacd9ea0b9e5f19

SHA512
f8962c2451ebd79f16a8c6a2f78fa254fdf1ff6848ec61722042b7759bd20eaa2cfc7e61b7334fabe4f7ed385f477a654f13bddbd7165144a7b6dbf9083b6b8a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

Filesize
1.0MB

MD5
d63e0261f2639ba3b86cf23410ecfa85

SHA1
68b1e92a0377283f07422841efd87b373a11b7eb

SHA256
b67cddf89023a61e1d620faf823a79f3c949331e99945afc4fb5f1c347dd8008

SHA512
c8a0c6922671eb727577aaf7e5705cc72c1fc2ba47a1d596bd1cf734167a20e765ec133e58256c003d51d24d1e29cab23c3b6ee083db59cf3e3f184bf8e525a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3

Filesize
4.0MB

MD5
01c3f748535f58a0ccab2612deceed19

SHA1
d248104ac7a6932b9dcb0985f2f4c4d287abaf26

SHA256
af6e9658dd6bf912582e45fbb5e45487888ce7c65969424c83d6300ba19c95cc

SHA512
1517f659dabac0f109dc6d2862aa2ec895d06a96de4d89e7fc8a9f4b0fcba676a4f143cd5577647882f76c919e1571788b7a29eb0ce1dcb27ac5bbc453d203b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
3cb224deab6ea121759f4059b2784bf2

SHA1
961574d2ae3a15eb5f6a2b54c924be0063373e1c

SHA256
35f8d96cd2ecf3ae28910f401b95a84bc178ab64f361f0b2ab0b1cbbf54adcf1

SHA512
1582cf8e8911c9ebeabb6d6a529648dd238e98786a9761d12ac93138460e9ea1c47abba2c3a0285a1fff8ed3e11c1c2e8f163b96ccf9ea9ca449b30a68dc2a5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

Filesize
278B

MD5
877fd5d559771432bd6ddbabeb6bfba9

SHA1
1ffc8d828ee9381f4f485f143ad90e07d1b9afe4

SHA256
fd6fd019b3e561274b3316d2b727243a2fc096185872207e8338c267f545047b

SHA512
605e2a1be48e5745a294a7d66639e873a79f0d5798fc2d9d7443c2e15e9dea1a0676cdfcd443849e8c0dabeabb76857704c7d78eb3c9a34f76bbf21980a5269c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
4ba0625ed349d77c73e57c4b25261ab2

SHA1
1833453eac18c508f3d5cd5cfbfd400023f56468

SHA256
53b65ad0e5303460c7ff4cd4a9eaf5f1d83661d0cc3332b954c647214bd43afd

SHA512
e33314d88a7c1f8052232c9b8d7de627e8440de9f47ea02a856b77608dbe59deded9f6f34b05674224fa8d9b06b0514294f94eaa787bbe28a9c83267c67bb095

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
4c60a0516a58783b5eb01bf1159588c3

SHA1
b4a66da38ffa7f10569b6a60d1557e7551e63fd8

SHA256
3bad46d6e08b14e2d4b46c63ecc67b6eae5b062a4798ac7a7e7f2f2755afb651

SHA512
727f3904028d98806d3401cb2d593fa647526fbf67fa2fcd69c67423adaff940dad4ce4edd9f3479706262d2cc68c894d29f9c4490da3864858da93077db0875

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
3424d6cb83295a0b0b178408c6c72655

SHA1
4f92f2168cdc7b659973e67a75ccb280ae07cd70

SHA256
fd69ba2718adda1dc4a97828daeca5706fe824b0435f6ebc59f4d3d916680d53

SHA512
f5ec359631bc0257d1d7242f8351693c4fd9024a1be8c4bcb338800172739c39d79abc21c8e1c0145f5c77246117cfcb549e2fe958b53b9245e78df108bfe04c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
7d1a8d4ab0c63f1635c81435a1740a16

SHA1
5aa80c79f267ca93dd67ff493b814948ffa63f08

SHA256
dd24041367b4622ba3de4bfdbec2f140109caa42ad4549816120c02601350d35

SHA512
64ef4caf06abfc905efc8c385cd524e7eda6c1959eaf8b5c17e59d764545e6092f200d9cdc8b41408083d354227adb5a8a70217bf849a4adc4cbb6265e0fc945

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
1112793210bd02270fed5c5be5f9fdb5

SHA1
7e4474ed688eb6dcdc118d7ca71efc5a745fdaca

SHA256
df14276571f82dbf3a78351343fcbb4d78bfbf679da19cf15ccfd5272424638e

SHA512
736d0988c45ae8cf4f46b8772a589a4115ee83eff81b2a892138d02f45b8c1e08acc0971e3145bff9aa5f32101d87c328f8c171e322f16220755ba273e2a6bbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
49cb5d535dd5bc4c0c34caaf27397fec

SHA1
71b38040c33c603c8c4df840465b940493ecc352

SHA256
8074ff9977baa0f7992bde2667bfb8d150535a70212b770211bb6d416e63dabb

SHA512
eaf42570bef0cc2f772b45c6f03442a284c375f4585b3e60df0c2de045b08132005e3e9a4bc6871d093652b53544a65149e5e9276fe54a0b773c62bf459211dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
b23344472d25549e70f7218652df63a5

SHA1
2fda7999e4a2d320d783dd077f0c335cd7c57e39

SHA256
835f1162b38910f2fee1c0814d83c84ca6fe3f442371e46e6463a6483bc6c264

SHA512
68cba249d480001795c9da8a5a3bd454ea4a1f622e97536c19701b7ded89417940e231ebfeec7d9aa4d3612dd264f92f16544f91ae55eb664e5b32dcef0a89af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
7c6df8677a5a4552bd4f53a5b1f1414c

SHA1
28b4ac67d7e6f7679554e6e801cec9c00b45b3ad

SHA256
13093c956b160b301e3f9227dcc3a137083a2176bf07fe97bf7c3864cc42ffa7

SHA512
09faf011a26768f554b8991e8daed8fa8ca3573165f1f827512846b04532e08feabb214b42e8ff6afb0c35d59b69a8d5f2926793073aec8c0478d2cf23985d2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a9dfc1861fdcd570a41fa671f0fecf01

SHA1
82ab90bc88545fdf8c8373b4ccf148a46b9dd38e

SHA256
be07bbe807121101aa9e16fecff8c3b2f0c27253257c6488912807dbbe019d26

SHA512
5ab06bcc62c80e3eed34494f57a51f72a7c19f44ded326516dd97f915a34c889936260b5186bc8d43c7edcc22e14c64608f1eb381cc15a27ea0fc1474832e460

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
df7af5b4bca6b727202ba5ed1ab13c01

SHA1
6de14cda3b68695644b369ffdc33763d267ec940

SHA256
0529868d69bb0cc989ea1496b99ef1f4564d19ba74bc2c46ed03241b5090e287

SHA512
61877a326e16302b2bb56b1fb12305b3e5d97e9dc19c738322ff5be38b4d8d7c84e50ffc82af292b29cebe0a518e71a872ecfe0bb8d89dc059393a95d6085e70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
86e6cc89ba7d4794e71b6f470fc6b5dd

SHA1
a5c90bbde6bdf349287921ca415c58dc83e028c2

SHA256
932494cc1c420bd773eb211442f5a52b3f644211f4e31e21b503de40f8db8e23

SHA512
a0cfffdb53785422b28f01adee72d117cc48704946c95b07012cfeefd6a0bffe3afc11d5ed6d3af2ef2203f3745db6538fc9fd4d9a0029a0e02fdbbb64eee33e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6e68b566c0eb32269088ff9ae7af6e17

SHA1
89e93c025ddbfcf9343de8ef62cd7eecd4b2de75

SHA256
370c2bdc27162eef4dc070b58a2aab18f79d4795d1c84fea3ce8f4d20d8f3b08

SHA512
bcad38762ed643297154201895ac6434fbfb60f44fcabed1dd7b463c8f24ddf53b835566a2aba107bd1ee89cc2e3661f50a24069920a2b42adf44c24723cf47c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b2298afcbccf80108c03114e03ebd92b

SHA1
5f6ad7d32ea0456ca8c067f64ad21513f29cb8cc

SHA256
7b07393df7cddaec239eb5478bb86545b7ca63aa2646e42fd65110c91d71ccd2

SHA512
cb0030203f7f4e6500f55547f93b6e00f6654331e06d3a99c34398b5aa8ff8f2990df1077ec40d10126b7f1c4828efc554d7f16479a1ab1f8d03947ffe6f9728

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
df614c28564b3ccc234cfa31952b508e

SHA1
76cfe77f0493f59c971fa97a348a24895fc826c9

SHA256
c1c3e437de109880291390d7187b35db3c510bc5bd0eea8d4e95e07f53fec346

SHA512
da0720f8abbecc31ac302a4a514219e990780a641a4f608df05ba5a712422c1791f7f788174ceb57ead4ef6a1a4de026c10100dc7aa9edc11c95c377daeaeb44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
c1fccb08a1b44151fa26c05ae3dff605

SHA1
23ac9315a6dad710bff5972e297e8b4ed02d719c

SHA256
1471b609cacfb8f3e4c2a046335166402ccf69b1964788f5c6438a83366efe2b

SHA512
92bc1ebfca11f8c35334fefa175a6e83f88a40ba11a65be2c1b858f7b0cdb8097f45c1f8d59780a3a89828f727a480c936078184461d8cf3ab38425022511db3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000003.log

Filesize
3KB

MD5
cb39009a32dae4af677a724b7bc16865

SHA1
3d897e424d02476ae2a94a6d5a18d82e5e8be8fb

SHA256
9f5c5780cb01eb19677651a98ca2daad9f32c23df156b0536ff32fbbffd9a531

SHA512
d5b854b038616340d5b9f28812d689fc0f9b1b51c63a6c7e303db80051c7430da4652523b0f2b22b5b3756ec9c4537508b159e4bc3b4038449426ad1f3b0ae2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
336B

MD5
5c8686f0ffbcdeedc9e0a42aea4ef764

SHA1
ddfc6e95b4d7875ebe89e305424e388107b01396

SHA256
6ade05ee3c506bc092c44d25a83d41449a359c96658c945fa3f2fe92749331c1

SHA512
775692e0b967c09756aafa27eee7e3bd4c4b1f1206d3fe532420948014db8d9a4c15a591b16769bde04ba58d0b7cb426e0c804076d2c454bfe7be97e3de15777

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
be17dddd3eeb37190788a9230f9fd3f7

SHA1
d228f9debfbce451d78fd8fa2e38d25eef4a319b

SHA256
a78f3e9f9496037e9e7bd5977c897e882a1608d67da8db5af9627d9bc1f68fdd

SHA512
633fdc40558193b0ea8bd8462b09e9d3c674ce84c07d41019376dc1984dd257d4801877c5173afb634d17dfa5a0acde4ed2129a529460369b6f9f77ea9621460

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13379962521875995

Filesize
5KB

MD5
f111c9127d738fbf80517bd3784361e6

SHA1
66b39f571d4be93216f6c84f2912f696dbe9521d

SHA256
fc592acaafdb2a190fdfd7ee0b675df48885236e5e48b74b47806e1811e738ca

SHA512
fa876f4e038bfd63249749f615b777a775f39f73044f08d112e8bb2213485ea7dd4b00047a840fc7720cacd03fe8183b1f907548b04feecc1edb97747aef123a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
70f85e9eb8929c6e273a8b3f65124ecd

SHA1
16a75e746ab7dcede7ce8551c263a523b3b3603a

SHA256
328e63046eb17541f44c4e19b830d8276439f056398f5961aaf6b65cb03187c6

SHA512
85498e890ef07d0454998f00dd1d72230368ecbd818bcec981e971ac935477b53750e75b06ee0a528dfda41b67ea2ec2f541cb84e25605e9549452694e8e12b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
348B

MD5
ddeee54b250bb6cbc40875bb2c6ddbfb

SHA1
5a3ad1f32b0dd640bee9b036525caf8367b4c535

SHA256
b9233b3b30f24607f5d1f3d9196cc9cf321c6a763440b8cbd53ca99860b9db3a

SHA512
4953eab8cfe4a57f2081a253be08c5d003096d5745f3da78403eb7bb1212394fc27c27934786fe4987fb1cac50716e62b94f27e3ed42654f4031aa3e433fe34e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
87f7a808964143cb6c79ad664b000a46

SHA1
bc75848fb5a58f6f90ad43aec5d0f7cad25e1dc3

SHA256
fc95c4afafcf9b94710d21e850603df34b6ff821692efe94a258fcd9f8aac805

SHA512
456d266c475c41e8c6b5dcc36459f877d968376ea0ec8d1ddc6772230da2d4b0d0553e2ff1c0fa0577215504e9805cadd76ed1f724aa7441ebccb1abba13674d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
f16119ff4a3a947181996d0d6a4182c1

SHA1
a7cead6bf7e94f2d9c5eab45efa76de66cce4004

SHA256
08d680bc84a90a95b6433ddf684d1c2c470e3d30ca74bec72dad4201d84df1fe

SHA512
2842b792990f1a1b29d83cce09dfae8307f8090eab34e28bd35ffadaef7371b88788170b4d3c775a1c668032f2ee5d4ed68bce5fde352f28784a289f353e7c96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

Filesize
114KB

MD5
327e6cd4665a8353b33328d047433b4d

SHA1
3810c2e7958e71b3cf40d9a6d9263b1641e97294

SHA256
b24c1916eb665c813f6f8ec2d738b86f5261077b81c3de2ec466fed5ecbe6761

SHA512
c716266c75743e2858984711306cb2f6cfd2591571d83c412bf0134b52de2958dda83efa77c04453ab55e1c63b108bcc854fa387ac7cded8514bad234c3fb3d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
ef48733031b712ca7027624fff3ab208

SHA1
da4f3812e6afc4b90d2185f4709dfbb6b47714fa

SHA256
c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

SHA512
ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
119KB

MD5
ded9470d46cffe305f9f3d1dd7b4a3f2

SHA1
d3ed609f4aed787c2c60629c22dd2e0f934f34df

SHA256
e76200f1987e3ef8369da722af503203e354afe8a036e0a57c0b2356972fd32f

SHA512
7386e8ab625398132d3ad0c7460c64716401ce1c023506b7e9d2a992df70ed22805215725bfb9a1eef8593390b4563a399bb1623741a1799200ce744037c2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
f944bf750e16e4dfb0b757e873ea1425

SHA1
ee1d568a487cd4d71776a50cf76454924d933c95

SHA256
2e00c62aa4fa66865fc15b0616da9cc77b547e7b52812423ffcb634354d5429c

SHA512
51d2caf0ac7471320b9e443caef091aba2e8d94d8f048ee3f8e912a6ba63849742cb6f5ed20b8c5661b7ef395cc88811345fd1d9aa4a2d5231d20fed150dd793

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
d483d2f3118f640ee744be245ecc964d

SHA1
4436257eaff4f3da0410e196137e71170d84a3bf

SHA256
9f4d6fab8a91f22d008a0584aa7ef94960cf399dfa70758d7e41c4ebf4d2d009

SHA512
0fe46a93717ad996f3e95a09346d00e000b24a6f18f9b499f5dfcc1b1be164005f73c1c865acec0955f3640836555e0313f9ceea19e44d20b467c8be5ecb6f0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
af7329efaf1129d1fb80a6df4bafa275

SHA1
711789db8851a8e36f71774bdcafe46ff6e635ba

SHA256
d8878759b33cba4c6fb8ed4eb55574b994070094b33288f677a3495b51c80a34

SHA512
0a75a26ae0e8fe4f2067850caecb230f1dbc7b6b0d1f77f35404664d975f8df3e9144e217bac3e70844b40a19cd515bee8f1a3d4a727139acd7d78308b735803

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
e189737b0b04a09a983fa2ee271b7d0c

SHA1
3f8f59b887e7b55dde27ae071cd7d1ad20db97e1

SHA256
36ef6e3ee42c6af9ef97b972ed0863a981fc82fdc8a88e2675eb23229aa7424a

SHA512
5f041ed450b5d854a7bb2afeb3fc701cf53b514b4cddd246a6fb124562d4061731665c692389b8f849d2f5cf86f542561fe833d5a04fbf89f40539028fc73caa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
33c900ab73ef6efdc3898f30b052d6ae

SHA1
d1e38876137dfa23cbe5a24073aa7f8a79eaf9fb

SHA256
d0abc78e7e7a9afc3a3943be98b829b70ecbaa932cce4fb6150f84d919f9fa69

SHA512
118849607a725b772c4a0a16eda98cfecc312ceca7e13f69d53fb23e3b0e2c10ca5c56335ce8d59d3197fdb2c76462477a5f0a89a6db1fd848614a1178525ac8

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4028_125254753\CRX_INSTALL\_locales\en\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4028_125254753\bc111696-2e2a-4ab8-9b68-42cbdbda9fa6.tmp

Filesize
150KB

MD5
14937b985303ecce4196154a24fc369a

SHA1
ecfe89e11a8d08ce0c8745ff5735d5edad683730

SHA256
71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

SHA512
1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

Download Submit
memory/1984-655-0x00007FFD424D0000-0x00007FFD42504000-memory.dmp

Filesize
208KB

Download
memory/1984-654-0x00007FF73D570000-0x00007FF73D668000-memory.dmp

Filesize
992KB

Download
memory/1984-657-0x00007FFD2D9A0000-0x00007FFD2EA50000-memory.dmp

Filesize
16.7MB

Download
memory/1984-656-0x00007FFD2F7B0000-0x00007FFD2FA66000-memory.dmp

Filesize
2.7MB

Download