lumma | da2e51f95d10284844097530a1279933f70f961ffd51e09d02aae9be353e86c8

Analysis

max time kernel
599s
max time network
597s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
03-01-2025 05:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

8KB
MD5

0f2de0643d876b3ce880071d54883532
SHA1

74b878e6e8ffcd155ac7329d8beddf12bdeeb070
SHA256

da2e51f95d10284844097530a1279933f70f961ffd51e09d02aae9be353e86c8
SHA512

42e713cd218d065f8e66c9b398beb6a360cd3df219da6f5617545334ea3e34fa8bc3a3fdb27813b299fdfb53e28dbf11c0d84a7f77c6242f641e3982d040ace0
SSDEEP

192:tlidPB/TRJ7HvI4M+lczFziW9z4B92z2Jn1pmM:IB7PHv/czFzi4z46zsn1pmM

Score

10^/10

lumma discovery phishing stealer

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Signatures

Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
stealer lumma
Lumma family
lumma
A potential corporate email address has been identified in the URL: [email protected]
phishing
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3676	5052	WerFault.exe	115

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	BootstrapperUI.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133803570334143944"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1408	chrome.exe
1408	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe
Token: SeShutdownPrivilege	1408	chrome.exe
Token: SeCreatePagefilePrivilege	1408	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe
1408	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1408 wrote to memory of 4660	1408	chrome.exe	83
PID 1408 wrote to memory of 4660	1408	chrome.exe	83
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 8	1408	chrome.exe	84
PID 1408 wrote to memory of 2356	1408	chrome.exe	85
PID 1408 wrote to memory of 2356	1408	chrome.exe	85
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86
PID 1408 wrote to memory of 444	1408	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb517acc40,0x7ffb517acc4c,0x7ffb517acc58
  2⤵
  PID:4660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1864,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1860 /prefetch:2
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2120,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2140 /prefetch:3
  2⤵
  PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2412 /prefetch:8
  2⤵
  PID:444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:4608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4592,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4604 /prefetch:8
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4604,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4820 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4892,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:1788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4952,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4884,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3852 /prefetch:8
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5036,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4812 /prefetch:1
  2⤵
  PID:1504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5540,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5508 /prefetch:1
  2⤵
  PID:1828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=276,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4620,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4908 /prefetch:8
  2⤵
  PID:4032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5552,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5380 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3272,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:3592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5968,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5952 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4796,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5852 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5816,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5892,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:2548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5856,i,9196969992441979401,15161180169273774034,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5076 /prefetch:1
  2⤵
  PID:1888

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4092

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4864

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3572

C:\Users\Admin\AppData\Local\Temp\Temp1_Release-x86.zip\Release\BootstrapperUI.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Release-x86.zip\Release\BootstrapperUI.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:5052
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 5052 -s 1292
  2⤵
  - Program crash
  PID:3676

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 5052 -ip 5052
1⤵
PID:1028

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3f4 0x518
1⤵
PID:4656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
15953a5f5239adec793c8e503bc7cbaf

SHA1
9e52d19c5f8520fdc815e4d54e6d7a5c870299b7

SHA256
582a442d698a547a140d7ac69f5d4a0f908145903bf8225ff3235e702f46a50a

SHA512
c7dc6d2b5aa91e6c462a87750543ded9c2656f3f9647720722d6159602d2ca15117c9d27f02147d9259b3748e864657aa73b73895cd3ad0b8c0f0c9fbd712c17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
24KB

MD5
87c2b09a983584b04a63f3ff44064d64

SHA1
8796d5ef1ad1196309ef582cecef3ab95db27043

SHA256
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

SHA512
df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
72KB

MD5
43cb209da0740090172519ed6c1fed84

SHA1
085bd5ef087f7cac77b2b0cfb3353b54abd54dc5

SHA256
3a7f8be6d463bd77dad51cc40b5407ad923dd1a1f678979eb9b95adac8d393da

SHA512
3f522c8b72e42942e7713ae0efa4970de6a2f4b8e990ad59b09b00a2bc4a97a331ca9d8a6ce5e0a840abb86b2162e288d424472dbaad61ea432a6ff772e8c66c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

Filesize
71KB

MD5
977c342caff6e5547cc68bcdb964232a

SHA1
46213f94555328c3ab9340a90d5025f274bc51d6

SHA256
af06cd46e2cc51d29ad66793940bcdeae20a6c83103a64ad7874c52b9f34c73a

SHA512
56c3977236d5fcfafe4921456c4cc0a7ddf0cbc9ec19d1b4d498e132ed57c4f9221d4a0997d62e3b9c3d54c97feb81468a4c65c7aade94e24a98337ccf131b76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003f

Filesize
168KB

MD5
9e1afc4e72709dcf01a88181172b8f23

SHA1
8fd1be6bba55fac875de4242b89abbd97608e0f2

SHA256
08bc17b089ffe19a40c38f0aee93c1d053db3a4584425da9a51201a38cd10cba

SHA512
8a58b7260ef20c770765d4995000c9b6f52604a333c27cf689426058400d1429be4955a98812ac5284af2cc88b82e32edb08d6afdb1f6bf2bcc8b5ee2817d075

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000040

Filesize
302KB

MD5
61748194bc9d442159b772320903efb7

SHA1
7e5152c6bf118984142d644b318972db6a90ee2d

SHA256
46a47bc3395fa00b1181b27784edf764f9f9a927f7834fdf0e9447ac3630cbd2

SHA512
3eb73c866cc565d187431a134758589725820504acc4d718553f1558c2e6d7474bfef46351e780693611ea367870d98b5d3011c3ede216fccc7e049b9f46ae39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
6ee759653dd20e1626be87bfdab89cfd

SHA1
a802e1de6ae1137732355f272811463f0d21ad0c

SHA256
9be7d5ed61e40e652efbcf2f8524d476b7e680ea03638830af192c5c5bcee1f3

SHA512
8faaf289d77cb63cecc4e9f6bfdbfd7d5202f615f72edec62fb8fca34545b332185907075a3bd0fb9bb50b2c5e3e3e82571de855e3c8893ed9ef01a91639561e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
888B

MD5
0886d93c81461312b6cee4fdb9370e1a

SHA1
b7be11a0d5ce4cd0864f150c6cffbd3704f0d09b

SHA256
7193229074485930a2817e7826c7157c0432197f43c0a6ab724058b2c12cad28

SHA512
f910fc8555e0a3ac904bfcf57f0b6f961d634c3802aaa3a44535c3e367e5283142c1617f6b9ffedafc6da2a7d59e690e80057c0b5304108f0bf1f10f5a49750a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
744B

MD5
efaa30ab5bbb131ed2808b88dc40eb25

SHA1
4c92394c9065a821dd133893175e5efde76c125c

SHA256
78ceac26b70f4f73885e10c0ed7f2ec072e90c302e3df64f98ae9fa93e77c046

SHA512
1f894d38a403f61198ba14d038eeb9fbadad871c46371fbfffef2765f7d1019bb638eae10d6317092e36cb045c083ca80107de4df2e29936b3e17b2f22186601

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
60e34e7a7be3b5cd8c22b042358c0764

SHA1
864e0f12f582cdab1d19c79c24b8a10a0e239566

SHA256
6e56e2c26c44e897e30b4e85ad75553cf06d343b6e8687531a14983e3257d2f6

SHA512
04871af9b922c3780f2486bff1edc598d39d16ab3ca19a913dba2d833e4cdc77e69c9ecf3bd388454f111283ecefc9bfa348feca81885834e8fe90b467b78dab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
f1b9047b1fe016a2e1bf19a9e6ce2a38

SHA1
d711b942dbe91f8769e0ee985e77ac5d4e8f8e19

SHA256
71dbb3b0e542176ed98735d3052299e5d3327630c0865f44a5d78452ba713f22

SHA512
80274d584619716c56d7a12c54f190e6b8583202f48b2cbba77a6cf5b90f8d99f9dd666350bcf8fc51ed6688371b90745afe4f401656de4f6b7b331eeb365262

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
f91fbcce16c37b9538558b6bb7437640

SHA1
cfb11f1fecfc7551fb4e70b5068e53fb340c3b36

SHA256
81f1e71300c6c28d8a542bde8ab9a22ac1627fe869ff938fcfb9ac549b9b76d0

SHA512
f2ac8d19e741e66f4c6b8b10bb0e0341da91c9aa0b464a898327ffcac3129517bc984994d8eb6173cfebca35b4dcf84b2c69cdbe9c23cb1147570c753859e71b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
ca19cc6972b6d5cb0d5a57761e21d033

SHA1
3e920c46f2ea88420662a4e390a731462603e7d8

SHA256
ad0dc37ca78240b5d225a1a9229b79e019a1b522265a90e993f87b7aca8659a1

SHA512
429bd2bc762cbbdb129d389cc5bfdb6bffcfe3166e21c586db3f904f16315308bfd3e1da85594c7508cdacee637fcad2218b419bfe89d5f5bd45f6d6cf4d0e7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bf4b0756274d772e36e7912092e1908b

SHA1
f51bb1e3cfedcd124a494bc8b666bbda5818c992

SHA256
d9cd28aea48a27c3ae6f8a1218c1d4e37fc7bdd2139f4b764101a6c63743606c

SHA512
b9e69ef0ea967ca0a7edcfb841fe50e23399e276d0c161ab3c7820c43b054424a5b6d3ea582e706ad4225e69e487c1410f530029cc5b14ce4dc76a19c61a0e50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6347df091a3c925339d1125e555716ed

SHA1
a9a35b7773284925609f636a9ae37a7d28fe1329

SHA256
72c460c1886f4531a575097676bd6cb8e0c2e025319c123575a6b328f28a17f2

SHA512
e14f5ecfdc323503e0eeb0a7d3c9b301cf222b669c68542157d179fa937bc5b3bfafff1dcf22e1aac52104fb1903a18684f878e598ced2042ca8137894d6ffd8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8e9005c1540870190a1d2897f2bba5fd

SHA1
ed58bb294dfcdf7bf24c1a270edbdba502a69781

SHA256
dd079898dd2a3e759636c2b90ddac6e67435eaf10a5ca8e34196f67de7ca90af

SHA512
3a4f3053f10bddc0955f911c325b127dafe77cacfbbaa0c17a1b3408c1bcb7935d731d4621ced4e850ce36ca02e313ad24829887ef74c31deb80e30241a0f3a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
cddd24df16bbce6d81d11a0a835315d7

SHA1
017d547be732743bdd43d191f5e3569a621d3501

SHA256
0425202f4c2b15342be0381c0236e827cf1526298321e65c37670807a9b7237d

SHA512
5c06487a633f107f199854bd2e79bc1b58cfa0c5a80e71b47e4a91b1bedbbd4e45587e27e006dd3741c96749d09b54f5ff47f95570624301433a6bfa429d0b18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4dac7c3b2a9a583669099138eeef0793

SHA1
4ddfd8f4d01f0fa9dc48efeb3781e93a6653e4b4

SHA256
27ccec2a2019c6b373fb2d419da214702b048e88e17ed0af7e945a4022eceb09

SHA512
80e200f91d3864594f61025a1c7539c3fef40a2684eb189731c6f561bd51c838012429c29006499b1898c22363a06399c90e88541cbb3e53b5e3066b4067ca55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9a6c57908775086f2ef1073619b10139

SHA1
95f1b57109258d16694dab5e9a0a30c2c991453d

SHA256
de628a4fb50563fd8198fedeaa793d930ffcbe8757a0f93e6d21562eb4dd9bf8

SHA512
85529b6945ae006ce402e1c75f2ab0899532c0bf8f657a25a345110b6cd93810c24286a6071907c8b55eb94d752283fcc744ba014392ddcd8fe9728216b26b11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
12fd5b3173f8761767648d9e30acac68

SHA1
9a6ce5233cdc7518a6af67588a7d4689cfa8c87c

SHA256
0aa184cfb3ec6420384a6425463de664806257d73d7a55819b1dc0a328dadf65

SHA512
d47422654a2a4c2ba30eec71469be495400c9d9c8d12cb8c41c9b24a57bf9be1458c745d1f7b5a5a5699c33713c8daabbe4f7977cd6d325b4a10399c94d00486

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
82eafbdf73a59f633c823b47fc86d5e3

SHA1
a34c49827205f0e4d90bb17db57d4c7bb21706a6

SHA256
757e60366e6b89fc417555295098048b892048a9e23b1e4599e7b74b3e2cffff

SHA512
53972e7adcf6b66bf968bd2ea36f40a6a4ee5dde86e18f6fd3c608cf1945f194404b4b04f06a0b0e205893b0239a4911f7fac05b0d5a3bd58101d59c17ad6c1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
f96516ec7cf7e2522bb0e321ddc523ee

SHA1
9343213b8d89d5f235356a5d9f1cc28ecaf4ff88

SHA256
a49e92a30fc154769e527ec5199a5c96d1aba940ff2c34037c6655cfab59e173

SHA512
4112f86cebde87914ec4a2b980b8a7d837c81f50a24535eb4620ab5e11a0de53d603ed98150120e8ca17d3f41c7b0e86a90b0b9f760a3bbea9fd305b370d941e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7d3326b3740f400365d64d93dc852069

SHA1
9dd7c58436bf9e9a7b8125eca2378bfcf25356ee

SHA256
16bde55d450787436c368e5af62d72173558aeb82f54305531fb6cc49256bd95

SHA512
9665ca37d947dd86f72f6a682811fc5277b6f4d7c0167fc5aef265c9956246b98fc1e10dd96240bdb1a27238ae90b47452519d22a24fd2fcaaf8c724fa0a0f7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b3ab10ffffac4a7c0e07a07c315b165d

SHA1
f222ed085fb57a979247e6e6372fb37475c9dcf7

SHA256
154c3359cbf907561e1e29d9e6eb0d0fe74d7db3db6052e7bbad16e154881504

SHA512
ca5110abd57e631270bd080327338e80aa51c076cc9c3fc5657beff2babdcd078f07db7a087f1cfe40d95df25df6428260b66594698a6df877f2d618ad0914d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8f893f73a99ae993f0c10c37ed86b160

SHA1
e1a833543142c5aa0deb01e87dc40d06123f6ae6

SHA256
b49b75052bc534393d51491d555da9cc0b15548d8f417b0e70f88a5403367a1e

SHA512
3e5340d0bd83d8215cb1208be0edbc80ff9fb19a26ef531ed9580c35b082cc54a93449201eb4152b9e22e96c273345196a4bf9bf0fc0fde15da98c756178a61c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8516fda95080d8656154aa768b484308

SHA1
eacc34fcc3526d3a1df26ae46267b472dceec084

SHA256
13c161dad51aa038a55e59e520b3c02a1ea69dd277d4e8b597397a592ccbe907

SHA512
a9604c21780074af96216bc31b68e6df52a6793efb85e19c35c59a34ec9632bcdb486c254625af982bc7ed9324a0cfc9e6dd82051bbbcb892de5a77bcad18fff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b06e662483776a34da607bed7ea1ae0c

SHA1
c392109c52d2345f999f8b1f33c4e14bec10da2c

SHA256
eb01809de19d6b64ded91c6d82ff41cd9bdf0819a73201d3d447f76d3238861d

SHA512
66932051032b4aeb26aa1489cd9b2cbd1005cd215ec0627b21b5d8ab52ba0e9ea0c12ecdf9543e2724acf7fc2361f49d1adfd6024ddc2369f9e1f25787244156

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1a1746775de10f0800f6b0032491c204

SHA1
09ae214c91de08f44a254cab0fade79d5f3ae1ed

SHA256
9233601daaa50f1d30bc1e90302edd43a334fde10392ad3839de8d4f7e4b6328

SHA512
fb7283ab739078950a311bab9aba7cf11bf79c77f8485c2b59727ccc0da36edde3a6736e633d260f084239686a714688097213894406d6617b091a019957f3ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dc4d3012349ba8708fcc9abf20a00122

SHA1
61f50e4665334569ff6445f563f58cb793cc23df

SHA256
8722ccfd3931b4529a87925df355dd5682efdbc4737edce9e42a92db043ebee2

SHA512
fe918422d9ffe53c866f1c2c60c7165da654bcab4e40b201f82dd8868862b73ef75cb1688f525e43dba9be19a5bc3c8a9e78196db8c8d857c6e4067f04ae8d01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fe1a0feb4f8b4bba3c9c805065e08675

SHA1
6e2b6f6e41da9fe504a77dd3c8f38445e8643eb1

SHA256
3fbad94e73a708ff58ccc15e5773f7d1741206d94c9eabb940fa366c388f227c

SHA512
0b8d9f1cc3f95cd57fb45998b1cb34a5a5710563cae7224b0218e2a48546fd430f69fc13064fdf9417e39fe0be934377bec0434e71c201b3f1c95d32a6b142b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
219904d4088c56f01ebaa2aaaf1b76a6

SHA1
794f56b4574d18faf03686dd6d5f9c019c611d48

SHA256
7f34a0f132ebcd770f48ede081a638e0acbea22073a7237b10a10da35927dc73

SHA512
090efa5ca511c6b485cd0bd7583e868e86d082056b97fa05b6373abd7b2adbe68da492127845da6503db10d613809c94c7bbcf15fb615478d2558d3f21dc9c05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d7c550a45d24381e3556ab817c715871

SHA1
62c6d7e00d2cd5f5ee6a41d4b3afce53ab23c81e

SHA256
46b9dc3eda014442e45eef6d39021bccb08331fe0781d1947181dea4d18a441f

SHA512
e813e0a4ee76b2b2ea328d5de9409db258d377c7c7df4b9d122203bf49f79cd0f4085562a3958932a55ba4e8327443686ffdf8d2930c896a5d4f45dfe08a9984

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
37204060645fbf124b7c0c3007c80783

SHA1
5d96521c06d0f7c6f5caba887560027982405c52

SHA256
1aeaa03ac578e837d739966523b18fd88023844c2a55c175cd5caa674c2aef17

SHA512
710029a0a791707285b4c8816a99a30b5a898a8c1443355e9399072e95cb4e7ca0d9e95ffcc39fa234b1aadb8abebd3ca30a533a53ab26eb2896f4951f797297

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b47c8211cf66ceb4ec047df5764d791d

SHA1
0c886a087d0131a020895c8ba3110dd17ffa9197

SHA256
d3407bb6de1e4ce5d29093187dc18d419f16da5c2f87ddd95d8d1fb94db72191

SHA512
28e42c98953fce2f8de54c13fc37259824ae7bb2af6eb03ad74585af50d6873a54572003a26c7a06c2c15505a336ed34e236ce9a125f5d99527103a422ee8944

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2796c08156b2f856a300016e090d4036

SHA1
29963a67385b128a6d7ae01f86ed4b984b653905

SHA256
a38aae272221eb89e128bb4bb6e442b9ab12a0ea201e39fa1b4a9d5bb50c3cad

SHA512
7d4481c8f1ed686b4d8ec8c192ce65825bd8f719ee1542e4fb5cd86bda5ebc8573df652cdda72c6d06ab2d4381e24b64962f6a00afe806f1371242e0031a764a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3fbd61fbdd457d55d0ca5515eaee666f

SHA1
85398bf46ed586921654d877f0a2fd8830dcb13b

SHA256
cd0f3388164389742df32b2dbb92c2ab9ecd1848d2dc7c6b1d7a2d8c5c30349b

SHA512
db37ed76d283ade66a8f57c1d187fbf53f73b2add3d2935708a9275b6501cc6df7e6c545d4e135632efb5da24c3887130649dff55aff46a2796f2598daf1551f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4fd408d4c5978860dd678a6de962cbfb

SHA1
0ef2450b20be7bd56be86b1957a65ca0471e83a9

SHA256
7c3ca6db93046edfd59918562dd1393df9997fe5eed87a6ef4fd7f9902ecfadb

SHA512
561891e92da3e675d76de2731a01603f9e2706e74016457695cfff545cedd55e51d34c43c70880bf6e56f4a4813b29b4aa7379bbe2bfdddc1be395081c4f7822

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
0b93d8cc832535b0c863ae5088656b4b

SHA1
f20571c91c50752fc390df466027e2c83a687d2e

SHA256
f1a8dfd6210e453823b83a721662f382c864e4ac940ff1b5cd9ff3ecb7135c8d

SHA512
e0d81146130277cc038fbceb025332112bf6a9905e3cb7e8a6e5a0849f2c2a289df3ac7aabcac38f7b0d030214c2fb6b6c453a3ed1314520b0f1ad95c1136ead

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
232067e0fc5d3eaa0cdffa194ffc971b

SHA1
05321c75a7c098fab4ec61006deec9246060435c

SHA256
c5928f95dc10c4cece08d92003ed7d8bf900cf69478d9d504c557fd092e3d7e8

SHA512
78c765100193e5794317709b30d5915e409daf7f2507e654dc2eeb466f89b1885bce65c5f3306b36c08673ee2b0d10c0519512854763a1a9708283fbd3051402

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
09f8099ebe257b1760a1ce8def79cbfc

SHA1
6cc8075baa230c8f8ed7e27339daeeca1ddbeac5

SHA256
78ece00c73fc3ad8319b113f5d83b73112f042148b8bdf33224777a3f158418a

SHA512
53d86d7ac662beceed88db4185a99866882263391d20f933663dd3066c6d0e740f59efa5931ae820676368db7ee73e804dad9a45e4a0e6f3f156155e8c5345d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d09db30fd7d3c516bd8bf1aaf72da4bc

SHA1
1b6096235de498d0e80397aa21a87e5a91a4d310

SHA256
ed67999b18eb013e3ff367c16d93a1c26d53711cdc20dffc6147d43dbabfc6c7

SHA512
490dcb7dc64f40b85a13605c2bd30cedcf03a6b430dc8624cb3fee19805785885c5c4843f573ed45a529076886ead2e8c91f88e0ea2ff5487d325a8a1d0e34a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5db64a04cdfb893322e3ec2e75947483

SHA1
c251bb905fa6d318be6faab91778cf50a329d027

SHA256
db0bf292617fb30e5e1e35a62854c6465b288258f592a8ec258f080fe3cae4be

SHA512
19f60e8a35587b1526558e1697192b031a4292db6460fa8d76a585a200757319b635ff2bea73a3f19c8c73f66bac47e7f9cc1e6f0e7ace01759250e29f91bdb3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e7be06092b9fc8a645b4394c6a2de136

SHA1
89bca372390998979c76b9bed10b0f05d65bde0f

SHA256
ab835ba9cfaed42e5c0178681ec538ecf0f65810b6a7fae442ea19083c467aa8

SHA512
3aeb3bef3246007ece84c881120f859e714f873aed34ea6b79d7b3a4ef20c2d20026197881aa31712639bd7128538187e178de131b8cf2ff5a373825f6d16f00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f5aa73c869a6571c037d245f373bc264

SHA1
b8a89eff2a1306fc0ddc54fe1d0de5a5b400c3bc

SHA256
3d1ead80385d8877815dca34fd871e2f5684b13645346522c82e9a97be6a0344

SHA512
32b6e6f61ebefe0e5b61569960ecd230c0c7dbf9868bfe3b9a2b2d544f7c6126a9e702242680ede3b77c7d5b00130b32c6313745f85de61f0c4d52cb4a167a00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
511f3936c022842ffe45b7b1c1bd7daf

SHA1
dff45bb19b080c5d78a7d78eec32e6a1b2ce030c

SHA256
fed20c2ffde747ead2e151e77878656ae8714fecb012f46ad37d2254c0ffb25d

SHA512
eef7d1a9cbf3d135e221c6bdfd172ce1eb509f49651c208d1ce11bd7b6788ddc656d851dd98ef4ea96cfeceefdaa226335021fca19f04164f6130f89a3935449

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
66f19ff9554645cb1f0f3b07c8a72811

SHA1
e9de84178d74c4d6d7205107c7f9faf4b3093453

SHA256
9bf2c123d30992231f984ed3bfb91ac8f0a1a5b8cc2dc7f143f5680ed148aec1

SHA512
d38c9d552b92bd1d8c2594d4b43e4f5410a5fc5686c521a872234e31d4cb28c992ebc31e7b27c9b2b2ab28913a220a91acf859e21069c726cd719946a75092db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ab65816a381bf610b7ed9a99be2a8d95

SHA1
da57a8d02a1a6dbda3c915aeeec04e9294e105f0

SHA256
8129aa3951bfa1a044a2619cd45cdfcd7c95be5e0bf74c2b566b3db28105c5a5

SHA512
ac68663e2bedce4f8a23f8101ddb8be874d860f12e40670a373c6df3ab17be22a3e82a2b7915e9175e2e188ffd332a1a1cca1d9cc95266db1c4f64b49c031081

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
373bf5ed4b83f03b284b2103326cc41c

SHA1
00a01d6583ea5f52b4f54ad3898c2d5ebce4b32d

SHA256
d55440b11e30bd6e375cce7ab89a54dc974063965483d94547927b36e8b2c1bf

SHA512
7b1dd19618e40e245834d463b55d9601c163dac998dede99995a9cc290b0b85db9b7334940a50711623f5022e819e3097f71585cced25bb6b8a056048c818cfe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
30a64635348dfa5d90e1d0bb786b510b

SHA1
2c2dfc1e52edc58a415577b125852554dfd23ce8

SHA256
3d0c92070a52e1c3b84eaed66bdb2b75f63155721c298a7e900fbf59c61cebd6

SHA512
ae36905620a5f28cad4cf2e8b04462e5f817269e2fe0039c51b7eab3fd95bf0990df36716ccc9e0baa34ee98e099d5c56d3be44d65093980d7523440bf2d1e1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
9f5791e28dfd6d5988d3cb08a2a9220c

SHA1
60fda5b15c21472ac6310edc7e617569709f7b93

SHA256
9d2264bb4bf46b96a03c6fff6b5d0686d682b7863fe7974398bc85eae4522c8b

SHA512
b64f5f187567f48d38386a6ea601b52df3342fcaf6a44635020f80864aab1be8e5fb87e6b14b44e85ddcea088c2b69d7a1c6c2a094e81d27c175b445d6ec35a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4735f659da49a8905f8a09ae60e9437e

SHA1
c582cda5fb7b51add6a0a19c99b8b44e2bf45d5d

SHA256
7218ddecbfef8edc110b6174a228e18879b68c35eb3481182f37c887b8392b93

SHA512
873267ab7854d32cb9d764e7e4e05e38ebd5690a602523419765d6ef8e7be9854fe3ffd84ee74f789b6973f7ff23a3de098b5e7edfb107dbd0fbed0d6617f9a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6d848fca9d3d8e0fa7dadab5b56fee61

SHA1
1a293cafb11f489fa079258284b7bd6213bb5b24

SHA256
0caa37f8277256e1b8122756b213ce00bbe29c32a8a20b8276036a962acd6579

SHA512
96154728e7eb2d2b72c2ce200815226ec5b47a47cb8b69b213934c352b141414edf584a609ce1b4a9c0bacb5b0a7e137993bce84755dd86979d07dad7eecce08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
78c398ba8b8d82a521888019b49bc7a3

SHA1
234f215b6a59f272e0c5cda100d15136e20cf493

SHA256
bc966244bdf4379115ba82b2ceee759909e4fb139d22f811ab69d1f1fe73f2cb

SHA512
0cf877458c8b7451248b9aa70455263e3c484e0aab23321729f374a93cea6bf92ab47bb0d5aa154c907664ec5ad2a280489e7b6ae6028982782e5e3fdbff7ccd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
961a2bdc6f644dec5d72c6b145fae538

SHA1
cbe30dcbb0b84dc13a7e95b6a100311f0c9ab1dd

SHA256
f5099149aa148beb7f0ad7871ac03edc8e25f647be0444ecab6359649002b87f

SHA512
a97dd723c8ff358ed9b85368edc2a9f30ebbb25bccdef78863f3445057ec2a151f46a35a12b2e2cc30137758a5722909e5fc73ce85c86284714a6275da7ae2a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
a778d5a1db23064f0139f8b5b07130ff

SHA1
07a436312767edd41a037cab11b890a7aff910e0

SHA256
844e95ca804850406439e9e3eaebb0a4eae723c3346baae1d749af4f4ae3c3b5

SHA512
c1fe8d8c57f8e17252f4cc8f3465b63e0a1359238f589601f48b00a61c3ce0039e2b5116c24f478ef5322d8bbf571deb8fb4192fa348f9b392e900664fc78cb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
95b77916e6ec00b74ddd462ca0b44967

SHA1
8b14cc474dab6d0ac9d6aeed6208ef0c51d4eaba

SHA256
fbad812aeb92c9ba1a846a692af670ff360e21c24b11967c8e2951d5a9e74bff

SHA512
100956a4a687a306e8f9925c260b5a37b55c9489619927785c84374dc633a28a7aab97182e0e2c7d470f5a012b5470f274ffa0b12421675a8267cc9cc7419317

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
65c6c11c61a4cdda6e4a0ab2cc704f83

SHA1
947b27856439d9cf5361c67555168d1eb539340e

SHA256
9c49285639b996c1f6d1ed36cba3fd0643015860ced126e1f0048800ddb00764

SHA512
810be208db8a13570edc349d98a4c37449ab1adc57d0a061485371f74d24d007119d73f38d517025781f4fa7be824cf1ef4f721ab5ea8836cad29351d368e824

Download Submit
C:\Users\Admin\Downloads\Release-x86.zip.crdownload

Filesize
19.7MB

MD5
db1a46d6a06fdbb2a8b2e2a857c3816a

SHA1
c4817795ba83e1e4ce5d62355b2417177de0e489

SHA256
1e43362597cdf2d0f61ab555a4069b7c788ab135d45bf76898adc87f158a4715

SHA512
ecdb95d05cb5e34494abaa347fe7ac24b6747b736ab1d9f5a27f3044014866decc89e4391d0e76fd27c29b9ff1669243ced366a74d293642b8bf2d0b1e301572

Download Submit
memory/5052-334-0x00000000021E0000-0x000000000222D000-memory.dmp

Filesize
308KB

Download
memory/5052-333-0x00000000021A0000-0x00000000021CE000-memory.dmp

Filesize
184KB

Download
memory/5052-335-0x0000000000400000-0x0000000000457000-memory.dmp

Filesize
348KB

Download
memory/5052-332-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/5052-329-0x00000000021A0000-0x00000000021CE000-memory.dmp

Filesize
184KB

Download
memory/5052-331-0x0000000000400000-0x0000000000457000-memory.dmp

Filesize
348KB

Download
memory/5052-330-0x00000000021E0000-0x000000000222D000-memory.dmp

Filesize
308KB

Download