lumma | 0518c095cc948ab003cd4d12a1f95f0579c52c17f9102976b5799cd0bd85e6a2

Analysis

max time kernel
42s
max time network
154s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
15/01/2025, 01:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Fluxus V7.exe
Size

489KB
MD5

d685ae29670dbc00b6665b5511bda6cb
SHA1

2f49b83a6d7a5f9e5151c6f7f1b3fa9e6f4b25a9
SHA256

0518c095cc948ab003cd4d12a1f95f0579c52c17f9102976b5799cd0bd85e6a2
SHA512

d7705fcd8751a49cc17962ac9b6e228f55ef74aab066cabdd5de74518686feaea951487a042683ea3e055ce04e0b971b528572aac920f325fcf64d34167450de
SSDEEP

12288:uiNSSLq47oIkbTUINbTDw7j/puQ/FU5A8e2CI582g/c10/nGZj:uicGq47oDwgbTDGjxJ/2i8MI

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Signatures

Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
stealer lumma
Lumma family
lumma

Loads dropped DLL 1 IoCs

pid	Process
2344	Fluxus V7.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Fluxus V7.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2068	chrome.exe
2068	chrome.exe

Suspicious use of AdjustPrivilegeToken 62 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2068 wrote to memory of 2496	2068	chrome.exe	31
PID 2068 wrote to memory of 2496	2068	chrome.exe	31
PID 2068 wrote to memory of 2496	2068	chrome.exe	31
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2848	2068	chrome.exe	33
PID 2068 wrote to memory of 2284	2068	chrome.exe	34
PID 2068 wrote to memory of 2284	2068	chrome.exe	34
PID 2068 wrote to memory of 2284	2068	chrome.exe	34
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35
PID 2068 wrote to memory of 2692	2068	chrome.exe	35

C:\Users\Admin\AppData\Local\Temp\Fluxus V7.exe
"C:\Users\Admin\AppData\Local\Temp\Fluxus V7.exe"
1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
PID:2344

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7c69758,0x7fef7c69768,0x7fef7c69778
  2⤵
  PID:2496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:2
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:8
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:8
  2⤵
  PID:2692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2320 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2328 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1416 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:2
  2⤵
  PID:1900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3300 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:1
  2⤵
  PID:2556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3784 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:8
  2⤵
  PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3704 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:1
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=1960 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:1
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1224 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1832 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:1
  2⤵
  PID:3004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3412 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:1
  2⤵
  PID:2484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3736 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:8
  2⤵
  PID:2864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3680 --field-trial-handle=1384,i,13276358578873693942,13894727518066370902,131072 /prefetch:1
  2⤵
  PID:1680

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1512

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
d474ec7f8d58a66420b6daa0893a4874

SHA1
4314642571493ba983748556d0e76ec6704da211

SHA256
553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69

SHA512
344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
828c98445855ec18c173f4051499b5b0

SHA1
83af86e01dee28941763f28dc94c1304fc1d8000

SHA256
c150e080937ff30b099b7bb3b2e5e883d11028cf02881616fe718f82a463eca2

SHA512
82e550b4777e2efe9f2731ff57b7a3a777dffaa77f1a72c8a5e2ee224147204d34beba57b153949b2389cd6c0f69feea466a4c42370c322086c8cbc78abcb6b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
a0306a4f92ee638fcb3a6db3c3ac760f

SHA1
b8155d949e9b810d7adb385aabfbb23a57d4d301

SHA256
ee5c250af6ab0d04ccd813913780a215e5bbf9aa8e19c6b01eaf297fc9018844

SHA512
2bc58b436f14e4548ff8918a9440fd49dc5f2ae56db0b21fa44f7ab561d29557a066a8eaeb9617bd672e6521efd3d04fe98728a7f51406cfea8442186c34ed2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
e47fbd3c98b238bd85b92c5806c4189b

SHA1
a674e7ecf602ceb017ab17859b3b4cdd043a07d4

SHA256
b7a2f29b6c191ab8d55f9f0e0424c748915222f87593aced4ee1e30bb615ee1a

SHA512
6be40550156764b885d876bdbe9739ee139e3496038ce1bfa33327b5a560b8e97a209bd1e52f5c24039fa22fb40d6973ccec14fca335112afd639f19eff19df9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
fcee47be1ea290b50c6805b4054d19f2

SHA1
5cfca97c800e9d215c064787e840c47cc7bce899

SHA256
d3e7a398d7e816a88f688a3e2fe889f7301a686ec5b13cd22a55090db2e53b56

SHA512
d8e80895c8e8bbcca06f08feafd2bc3743cd7bcf5e7199cc6705ec319fe04014349ad9107eacde13764e57e96eb0e5c5d3cd5e512314db60af4e909c7b0992b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
907a0837a45b67b9d63861e0a9b6a20c

SHA1
70fd6de31996313704a71c6dff18f8b94e4921d8

SHA256
5f3f28c920c8bf894bc4b499fac7616db91a20edf61173417b774c8a139c8023

SHA512
ca70d0d0491ff78a5d635b5d629589117b507135eafc02ebaf019b99cfb2557dfc0a82e98f1ccecb96847561659a0aa9bdb2475b268089d67c51e7c968373e38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
737d928fb7e049c87948939fa8814e3c

SHA1
0706ac3b8aff235f480450c3089290656d37fa71

SHA256
d205bb06705540dee9d27320298ba78743428f8e92779a26658ed1d9df596e86

SHA512
a4765afaa5a7bc8a922827b0fe05e2afac243bab3e6a8090c3ab6a533382f236c04a0e00293de01a96cae3d7534eb97d8c4e41906c99dd09603c657e61ec99fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2e9bcf9886db3f9332b9c8486b181dca

SHA1
101b445169df9f607baef44e60fbd4a0e7e4cee8

SHA256
367c78c7df7712bb8ac806219af7b25c1fa01e669ad38f303cf50157997cd394

SHA512
5336a15d1cb204927964d135cbedc9f1c74d77376c1ba2c246c0fa2d8bfe20aaf55c06f47d979671b38a763e0b438f1dcb965f7a57835896052295f507333b3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
a257d4ae17289b0ba81d116501ccc6f2

SHA1
07f9e994a81be688181158c1cbdc8b5dd5018e30

SHA256
6b033a486906b8126123a6deb8043345661a33cee00bd4643ed620c49096182c

SHA512
7086246c1ca03c274ac44faaa40b243c067810ca5cad431969c3b043a45d565587fd3c82ce7b07e2973b5888af67eff4075a2bea21327a66f687b2677f77b241

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
df6dc4a91204098be77d9016e0a25b03

SHA1
ac0f29e2e310d98d535b658c90af02355c4fc454

SHA256
35e0f569614371ead2088f4d0207c5b125da543fc560584ba3f3d1ed9530a25d

SHA512
6a38f614572779bbef535696af04fdcc1b3fa360df7e050c581bf1fff03a4e5ec14989812d02c43739ec870000c91e4bd061276febda97f5a729fe14152ecede

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
\Users\Admin\AppData\Roaming\gdi32.dll

Filesize
428KB

MD5
36c0b5018242a87d99e2b5000dfc29ad

SHA1
d46f1ba661e3d18c8b1e7895920368e9bddbc7ae

SHA256
94cc3d303105493943c6cce20473c82eff3942515bfd73df976e802d97be78b4

SHA512
8f10af3f519e2c52539fb79ec16cd82470f25c0863b622030ed4bd59f437c9109caf46d151c18889c4939a44672339d75029c8f757cf7118e759b90355317f0a

Download Submit
memory/2344-1-0x0000000000D80000-0x0000000000E00000-memory.dmp

Filesize
512KB

Download
memory/2344-0-0x00000000749FE000-0x00000000749FF000-memory.dmp

Filesize
4KB

Download
memory/2344-7-0x00000000749F0000-0x00000000750DE000-memory.dmp

Filesize
6.9MB

Download
memory/2344-6-0x00000000758A0000-0x0000000075961000-memory.dmp

Filesize
772KB

Download