lumma | 1468e5cef7f654f6dcccd6678fad87cedf38328e4dea600093f3709e0fb3a4c8

Analysis

max time kernel
688s
max time network
502s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
16-01-2025 21:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

C2Panel-main/C2Panel.exe
Size

393KB
MD5

3c4161be295e9e9d019ce68dae82d60a
SHA1

36447fc6418e209dff1bb8a5e576f4d46e3b3296
SHA256

0f6481dabf7871823f259eb95f3b85c37d1de8a7d1884ac77a97d887cf96f75d
SHA512

cfa2d491a5d28beb8eb908d5af61254ac4c4c88e74c53d5d00ae15ef0731df1654304199996545d1074814c0ea8a032957b28d70774f05347616428e667f70e6
SSDEEP

12288:ndoOphZgRZGJZzu/aeZjl5FeBTCVpgTfR:ndl/QZGTuHhjFe1C3gt

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

Signatures

Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
stealer lumma
Lumma family
lumma

Executes dropped EXE 21 IoCs

pid	Process
3656	C2Panel.exe
8	C2Panel.exe
3616	C2Panel.exe
3064	C2Panel.exe
2964	C2Panel.exe
2344	C2Panel.exe
1132	C2Panel.exe
5968	C2Panel.exe
6024	C2Panel.exe
6108	C2Panel.exe
5192	C2Panel.exe
2540	C2Panel.exe
1640	C2Panel.exe
5560	C2Panel.exe
3060	C2Panel.exe
2864	C2Panel.exe
3880	C2Panel.exe
704	C2Panel.exe
4696	C2Panel.exe
5812	C2Panel.exe
4236	C2Panel.exe

Suspicious use of SetThreadContext 11 IoCs

description	pid	Process	procid_target
PID 2216 set thread context of 2572	2216	C2Panel.exe	84
PID 3656 set thread context of 3616	3656	C2Panel.exe	138
PID 3064 set thread context of 2964	3064	C2Panel.exe	142
PID 2344 set thread context of 1132	2344	C2Panel.exe	146
PID 5968 set thread context of 6024	5968	C2Panel.exe	176
PID 6108 set thread context of 5192	6108	C2Panel.exe	180
PID 2540 set thread context of 1640	2540	C2Panel.exe	184
PID 5560 set thread context of 3060	5560	C2Panel.exe	190
PID 2864 set thread context of 3880	2864	C2Panel.exe	194
PID 704 set thread context of 4696	704	C2Panel.exe	198
PID 5812 set thread context of 4236	5812	C2Panel.exe	202

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 13 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	C2Panel.exe

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName	taskmgr.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133815373041365832"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 58 IoCs

pid	Process
2808	chrome.exe
2808	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
4388	msedge.exe
4388	msedge.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
5184	taskmgr.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe
Token: SeShutdownPrivilege	2808	chrome.exe
Token: SeCreatePagefilePrivilege	2808	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
4508	7zG.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
2808	chrome.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe
5184	taskmgr.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2216 wrote to memory of 2572	2216	C2Panel.exe	84
PID 2216 wrote to memory of 2572	2216	C2Panel.exe	84
PID 2216 wrote to memory of 2572	2216	C2Panel.exe	84
PID 2216 wrote to memory of 2572	2216	C2Panel.exe	84
PID 2216 wrote to memory of 2572	2216	C2Panel.exe	84
PID 2216 wrote to memory of 2572	2216	C2Panel.exe	84
PID 2216 wrote to memory of 2572	2216	C2Panel.exe	84
PID 2216 wrote to memory of 2572	2216	C2Panel.exe	84
PID 2216 wrote to memory of 2572	2216	C2Panel.exe	84
PID 2216 wrote to memory of 2572	2216	C2Panel.exe	84
PID 2808 wrote to memory of 3324	2808	chrome.exe	107
PID 2808 wrote to memory of 3324	2808	chrome.exe	107
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 5048	2808	chrome.exe	108
PID 2808 wrote to memory of 808	2808	chrome.exe	109
PID 2808 wrote to memory of 808	2808	chrome.exe	109
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110
PID 2808 wrote to memory of 3496	2808	chrome.exe	110

C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
"C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe"
1⤵
- Suspicious use of SetThreadContext
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe"
  2⤵
  - System Location Discovery: System Language Discovery
  PID:2572

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2436

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffe2eaecc40,0x7ffe2eaecc4c,0x7ffe2eaecc58
  2⤵
  PID:3324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1740,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1788 /prefetch:2
  2⤵
  PID:5048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2212,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  PID:808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2288,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2436 /prefetch:8
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:5088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3284,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:3640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3696,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4552 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4832,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4840 /prefetch:8
  2⤵
  PID:4140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4956,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:8
  2⤵
  PID:3512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4868,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4980 /prefetch:8
  2⤵
  PID:1492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5212,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5220 /prefetch:8
  2⤵
  PID:3488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5076,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4984 /prefetch:8
  2⤵
  PID:3256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5000,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5200 /prefetch:8
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5504,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5488 /prefetch:2
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4376,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5228 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5208,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:2340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5516,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5236 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3344,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1248 /prefetch:1
  2⤵
  PID:2844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4484,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4776 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5072,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5536 /prefetch:8
  2⤵
  PID:4524

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3820

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3224

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Documents\C2Panel-main\" -spe -an -ai#7zMap12890:86:7zEvent19452
1⤵
- Suspicious use of FindShellTrayWindow
PID:4508

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
- System Location Discovery: System Language Discovery
PID:3656
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  PID:8
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:3616

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
PID:3064
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:2964

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
PID:2344
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:1132

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault78b6d7f7h7662h4a8dh916eh91b0d4ced2d6
1⤵
PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffe308546f8,0x7ffe30854708,0x7ffe30854718
  2⤵
  PID:1772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,13578161611046291706,5135252510076133496,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1996 /prefetch:2
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,13578161611046291706,5135252510076133496,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,13578161611046291706,5135252510076133496,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
  2⤵
  PID:4312

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5268

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5344

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
PID:5968
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:6024

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
PID:6108
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:5192

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
PID:2540
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:1640

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5184

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
PID:5560
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:3060

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
PID:2864
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:3880

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
PID:704
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:4696

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
PID:5812
- C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
  "C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:4236

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\05fc1b93-4f86-442d-9915-b04bd4c5a333.tmp

Filesize
11KB

MD5
923106ad5fca930970bcaf149a286dc2

SHA1
a7017761a8dabdcfb0a4c366878764ad426265b6

SHA256
a14774a5725178f3a5ef9b382b4007a49147f245cd2497a9f7590aec9238659a

SHA512
f2e134383c3b5cba362d9fc47521df5c97d5a06ff6f9d4714069d7ade8d7b2fd204bc9851923ac641cd8ed28b7eb03ad892ed04eb8f2e2a72cccc5d722d43cd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
2720fbc01d13e5a89d7622afbffe4dc3

SHA1
051e968d8d629037016e4680000ed1dde757ab48

SHA256
a089f54841fe4e206e945c88749a39bc7fe6611118e2d358cf2fa0c2a1d78c13

SHA512
a3a43f319b5e3ecbfa11123d80f52b99c3f73875067efc59e716b32d9e5a5045d2eb7a4e17a90ec137b370bf5811eb2e7f53db2e6a4ec1b7ab607dea9687941c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
d474ec7f8d58a66420b6daa0893a4874

SHA1
4314642571493ba983748556d0e76ec6704da211

SHA256
553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69

SHA512
344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
72KB

MD5
12ec32578358877c92e6d069c908c847

SHA1
e30c0cf26c31e6b2704d97f49a8288847bebd0f7

SHA256
9cba0015bd7bf0068e37a8ecbb14e39b5677936657ef8b675619b1427f98d08a

SHA512
5fbaa12108fe3fa52d706e8c564caabe0db509026998eb2770b9b66a6610fc3c7dca1fa5b08fff71d429e4b608ef03454ea33ed26668c9894f2766f2991049e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
18KB

MD5
8bd66dfc42a1353c5e996cd88dc1501f

SHA1
dc779a25ab37913f3198eb6f8c4d89e2a05635a6

SHA256
ef8772f5b2cf54057e1cfb7cb2e61f09cbd20db5ee307133caf517831a5df839

SHA512
203a46b2d09da788614b86480d81769011c7d42e833fa33a19e99c86a987a3bd8755b89906b9fd0497a80a5cf27f1c5e795a66fe3d1c4a921667ec745ccf22f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
699518229599f6c13585e2ff5a859b7a

SHA1
c15f77ecd78f86fd1d3f51c48eda3e3f445f57b7

SHA256
5f6c82d83f9598a5e13197a1da7faa275e9793f34abe8e0c60c955129f36051a

SHA512
36da8a5324ac47218750b159f8deeb1976cb3dceaae7c1c16a2ada6c39ea7d927ea9449868807c2574b83ed06372d30d2c7c2eb9bd001fab12ed1a2733748378

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
608f6ce9d76f075190aebcfb37710030

SHA1
b3fd1833315b31783fdea27fb45a35bfc3deb67c

SHA256
91a851410e92df13944531f15b58124bf76409ece64bf3ccadb9820ec585c3c6

SHA512
4a332a7f1d3fb6f0c2cbe7deca4f941bce8f1216cb42e343d1eee45094313320e2214e6cc4ebc77368090ff32f394e538d15eb940bac6c14e8c3f7bd181900fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
786f19bb7596c9ac262e81f0f59caf3c

SHA1
bd1c328713ce2e906e2725bc34ec0cd80b2e5aaf

SHA256
80cecc4b5b24827e8110caa8b8210429f159304cbfde702f59be62bdc73d15fc

SHA512
06796e7bb260f9729f970a9428ffafe0901c36fa72d2db17569b9848a54512e22639849ef01595b79b3e1c1388cbfee88968ca23841cbadc307e2f0ac6734f7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
42f0c80fde5c2f0bcce2bcc5941f0a55

SHA1
e9bc757199ad9ff8082757ea306c544e6a50f012

SHA256
6d6ba79270818dffd1ba50ec6041eb64b91d0ebb9e87a2c0b51b4a2db25e917f

SHA512
358a36dd274b2362fe0654d40f49552d411e21b5e6fc873aa6de5ac93eb8d7e67615266b5a57428182a9a02e17731d861efbc9ae26ad362852e8e92fed9c94e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
73f726f10c24860be3b20222cd863abc

SHA1
8307c24305e7ef69cc0d69ab3053ce3b2a4fca43

SHA256
5c28de4b716624061e8ffecb0afb463c0a0a9a56bbcd499746f88c2b022b2ab2

SHA512
e6aee960dade91091138046e649c9a963b260efdde7264d41aed8e75fc609d8f466f42868fd61f9b07ec08c5dc947151134bf4d0bdfe429f2ac35b30b1ee438a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
2b956dd19591e1fac474f5faf51df7a5

SHA1
b52a99722898e0bf81458e88b1116f7508c5c7d7

SHA256
2cb06d7c429fb293aa11738103d638da328b44e1cf1ed7a6c143a1707d61a5d5

SHA512
a704338aaee61252926fb6c6d8260d2053e8c656b8f036b926e789af0ab394c79af3ed6a514c70bccb0052e6d7b1d1c11508c78a10f5fe13ef000544a1e1db35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
03165fb9431410236935f5fa43c6358c

SHA1
c8226f3f1397095614e77940b59fe26770fbc4c0

SHA256
4ca5be0933c6d3f8e7484eee8e7a335b397320d69a7b11bf6e43897f2045b1f0

SHA512
b3fe38d26ef9eb44d9ae0e9b5dde9214076c8a3193f251af366784783310569b27a3191e5d395eb7dc9639d7d88cf3fd879bb00288d28b53af9dfdcaea71a35f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
5ea81d7903aac981b57083f9e735c6e0

SHA1
c21f4ed10710411952da9286ab179282a3f1ce2e

SHA256
800bc3ccf8044dc23f5b42ee5b412e8a04476c390d17e1600f96fb347c46d96a

SHA512
b5143ae752d9483468794160bdb425f95233d1fca9425b97020f880389b1e8dc4ea2b510b26b8f4bafea91b480f3fa92b25a41e52dd55d79e4e5e7d2539f3f42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
31052f5f1a8acca1e19427b698ac5276

SHA1
7cf93b6f40a5eb636666f1a984ab0be2061e4c21

SHA256
2ee560fa5e7b68520849af9b807f91af9d86c2420fc5b8af4aae22062174271a

SHA512
72c1529ebc5c443333b4554efbd216c2be2a6dd91775364fbcf338c0ae35f1668d084f250114b5239b124081c8972c9eb0b13e4668bcc61d8ea35f44c830999b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
cc3f17459021b645e869323d9bc611b6

SHA1
30f4fe662160fbd324850e706191fd2154f095fe

SHA256
acc0d284e3f4d6af1f041af2cd720e134a6ba89b56f143da64237e54815777d9

SHA512
94c090aecf3d83956d2b5f84e639ca3aec3d68452ee650f2830de51b93ae6cb3d755b083a898d306e711d012504953dea48d760e652ac7a69782418faa86d5a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
818b4b731d1e8456de50dcc6dc9f80a4

SHA1
7f2b7acbfda5c186e47b2a5ecf318c056b227dae

SHA256
744631ff7d480aae0760486696c158337f7d943c7ac2588dccda6377b738569a

SHA512
f96918537ab6f4f11eac740ae2244a54f9a6c49ba75385871ca5eae9ced0073db5fe6164f564c30d10f07b45b65fd3b5bcc5c728400cfb57b4b723f9a1fba948

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
21425d41274cbcc87cf1fae0ba11fe4f

SHA1
e38a01c789359c90dcd0862bcf2a5d2dab7520ad

SHA256
eead8be0dd15bc179393f29e85c319e15272eca3ef341a703833a2650dce4210

SHA512
dc94d9bcd35d904eba9742931d0cf4d95984b2bca91a4438b1d78290ceb68d93c679321119def0b13cc7bd2b9997ee556393c7ddc68a4b22980e7f9c05241c13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
71b9fc3badef2d887e1d0f5c22311be8

SHA1
602a378d16d9041453c95c4c42d11c53e197abd3

SHA256
3cfcc984b809ddae851389d6370bb9816146aa1ea8408346115b6005d9714384

SHA512
0a14adcd8fdf9010674157a88e4d2e471fe4e6ec5dd95784bc53c9e4bd365aeb0a7dd027cf09649fe4b1f2b603aab24dbf2620614f14bca03b41781da2e1aed0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
9495986e0e44c3fcff79966607dc3247

SHA1
524a2c54ee18cdad01145200d4ff6951b31a8fa8

SHA256
46df09a3f3275c0f9b290fb48ec96b48195c117632398d69359c503e6aa5670a

SHA512
10d7374b2c73e860c1623cd288360c8a18dd279d30f50f58de4244e120ed6a0b14159cf80f47a6fd02108bf9625187a04802e8e2ce19e49b96a5a84c534b87b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
38d033e4427a8f2d1a315713a4c78fbf

SHA1
96053e46d8c7ad376594de0e7ebf3ccb3d894685

SHA256
0ef79cff9d9a294f23cbee97d254d91137ee4ae34debc80b156c53fd7e8a3423

SHA512
eac879b49e3bbfa0bc4b0a9906ae287b6e21225148c676e66b361a62f0412e97aabd831032b7c090b3311a7e1e39b477c95b39a50cf5334ed1f10cedfb4f210c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
270531f449c2c72c13488faa491d5a2b

SHA1
5dca9d6e5838d86a71e3551fa4df7cc98b2ab071

SHA256
08327ff4f4d8ac860e6cdcadd8b18bf83a90aad11eaa8cc3f10d1bf680334db6

SHA512
ae176997534aa1d9cfc7e2047dd8340096e513e69033ff25452216e74499576ddec31a0dcb3755b46af73312342eecc2bb7f49370c7c283edd8fe043ae55cd7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
f1170d22e499e660e224c533e924628f

SHA1
a578298ad7d48c5b1ca177fcc098ea6a863b47d7

SHA256
e66f4db5d065ccdf44d73ad85fffc8a96fb994fbda46c182c0a25251441ab4c6

SHA512
af1b012b774db7d887629e4fabbb5e6557ea2b40b27e9a02d3bc485c8880ffa65136d48fb9b73498217148012c6f02b663d18207f9105087630be531a3352863

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1bb16d5b26eec20ebc1884cf92679c74

SHA1
321e1ee6d452512a2ffc2c805fdbf30afe22588f

SHA256
edf3f4cecc210eee967f722affdf6f9bdefe7c85564e0baa66b116425b358c65

SHA512
2b8116b2a10612dbfb75302a75ef7172940c55bebee1340e370a3f678860bf3cb840055dceab6123b959e4f92cb06e24d2da9387b4498e555ff87e0f0c368ede

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9310ffdd963acfa2350d69c71758a733

SHA1
d3b1733d4e7ee057a90172bda5649336fea67274

SHA256
591cd078ec133b5acb6e01a52bf7240994658cbec086269e6924d140a16b732c

SHA512
94062cafbaa884d75d7b2ee3a0f4a3bd181343d11204ebbd50207f9b0c27c367e0d0464c7868c2eca4d2bf8c1f4eab9f029a5c5bc64ebbc5f62a53ff285e0f1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c2f41b112dcf576aebc7cf9d6234c641

SHA1
2d4595b6e282e97d2736c4c0e4aad1622e9b7846

SHA256
c8d691ef5b1a08eeada4e8de10a606d9e9b19cb111ea71aaadbcac0673cc43ec

SHA512
895a76b9b63288d2b62dd142189d3f004cc520f80b4a588a1e6557fba502416f064d4bc1315a438c99509cb78b80be8a8d149574a6bde9dff6b223c44f4902c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2ee2fc200b7448a813c3b83952841451

SHA1
67732e583b5db7cf471cbdde79ad09f59a7d16be

SHA256
dd258570bd1c18f30fd6fb021c162f1c76f3569291d2b10766ffbfda8d166808

SHA512
bff0fa15cc5a5950af863885e47a46850de1ac342cbd16e984328b7b8c2eb7d8bf6c8946f73fbb35504cc9427bdc90b75b6adb7f158961bb461dce0692cdf428

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4a2fc2e63888d0915e88a4770b5ad40f

SHA1
c79a809a0a4d6e31ddd48f8e6a54f415074218b7

SHA256
83751f16fa54eb6b93da5ea2dc821caf88c50aab7a51dfcb3f8971316d84e644

SHA512
7b2b417662a0d521094e707f29a2d72fdec475c00ed4c963218d5d2c8aac8e07553f8722677a7524355b607ab3b70d454dd0ee302ac3bf5c61c7a143048db0f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
102092e2a3e740d4fd4216ea91d165b9

SHA1
4af71075c27da20bc187a2a00345f96859f34d3a

SHA256
3c6df5ed3196bd3f4d76b573a6206ad9b447906d6df2e0dc124edb6294d284a7

SHA512
86fb85dd6a8ee05cfd5c888005046b69a28b9efcbbe0e871ceb6089d1821ff950af02722089c66b858f4ce38d5a2f31093d019ff47577e92d914a39f1b0975c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
9cba32c744391893c53dcbf27d274eb0

SHA1
7d2b560a3b2fd7dc9132da568a50682604328af9

SHA256
0e403f59e6a67788e84788a3fd030a4ddba96a07460b4b97c48215754e77b06f

SHA512
1e684d4942491b16820fe5d1f8811eb013f7db704fc99711849d92c58f42b717f4fd314916b5952a4bffab6d040dda3aff00921d79db199f8db9ff8f663aeaa8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
0612e83bb376ee3f6000ff68d70c4b85

SHA1
073d405c7ceaae5959f2e521cdcd5076dcdbf59a

SHA256
5a87070946fe1791e9455893f82bea2dc361b997d9ad7e2340606266aa94dd80

SHA512
bedcf7e4d4a915612ed4dced5bc7cd80ada67df05be862ec0ff0f43de2fc988ba4b09d483c6cf18323aa91cd97d49beb9f14e09ebf55a819724c5a27dc36d75d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
81330b2e2b7c486ed8291c82004a04ac

SHA1
af49ffc7789c4827d4dccf07ee39bf43cd9ba90d

SHA256
8f917db3c48a4cec52605f237beb4ce389261e2451cfcabc4ef3d099da1d0c90

SHA512
0e8b005dc6bb785a868d4df41060ad5d512f52c8bf5173e482e845f183e0010db694c498f94636bd80a4a689f6b05a4606babec6afe7683ffb576c2913b0646b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
935bc20edabe498a08be0b6d1c7fa2ea

SHA1
5a6fc1b81dc8c15d7a723a3abebd9a3e22972ccc

SHA256
2ccdc44be4e89b1bb8e0bd4c7d44a18b069aa8de624e6c8ec5cb3077753ee5a3

SHA512
40ff23202179d9f126949b4ee75e9c0f52955aae14d9662477e81ebe8c42338ffffed8b43e25e8044ab194579a543c5bad5a8a18ff2e3b42d22c58dda5a417f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5d6c0112c6504d5f40d027d7204d5a22

SHA1
0a044097f9af96a02b1da48e98ee3237e1bf9143

SHA256
d270e8dfa633f9bfe728632cdd26ca049953e7cb30b5e5949f5a983b426c85f5

SHA512
03c2e308c036f4212ce62fc657d1650da6057d5a6aecf3e10767fc68eae5b3af08b2af00d8c22ce2dcf884b2043da8ffe01b29311e999dfb7d0ea56e687becda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e5a586b53a94596128dbc9e9d7de31da

SHA1
812726ab8445f66d7e3dffc55f6219e35c1864dc

SHA256
51710da2466ef2138372d582ec922529c31c6c5f8aa7b5b15927fd55778e8577

SHA512
5f670506e8be38234913d5d4dafcc547ec65ec00596c2e1325529e3d1f98ded96acdec4c54c4a6d79871c7d35227a3620338f858dcfc2741c10b51f28129a960

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e0468ca278d797483c408f52844c1bca

SHA1
359f04d89ec75870906478fb1c38c2756073a5b7

SHA256
d07ce7156e3fd37fccc3447f98f5250173ecf7a54ac4a28337ebd431c7d444df

SHA512
cf09c994f44f1f6eb33b777c6e80c792de214c91824163ed825348ac570ef05015b652739c718db1798adbd9f01cbae9d94c85b0fd181234ecd3e1631f9f053a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
237ef94a7eadc43becf0533ae43b7310

SHA1
1e12ea67f07cd6099ebfdeaf535bbe3596c28790

SHA256
565392a2b96323ebde710ecde570fd8a5f64f1f00c56505ee5efd15b41df7910

SHA512
02d83b5abebed5347383dbe69c03188e402d7d39f41d610478276e2cd0be084df06f42d966aaf90e6d4378b6bd560cdd81e4ef8b4a72b946955a2bc6864b4d8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
aa12f7f9cd657b1782e5d66ab3d38c1b

SHA1
76d0cf726f87088430a1d170e0561b4bbe4f6ee5

SHA256
71d2d314c106ba53428833a403e0bbec6e1ea06611f72380cc7c48d970459c8b

SHA512
c839f9c889483688149268c6de2e484d4233d9ed8f805a60eab30cb611009f4e03c08219134e7be47e176bcb5ec14999b7ac7e76e5800ee65706b28761e5d1e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d2f5076c5d556f5865ae1777da65aac0

SHA1
53af84a98a175795fc6e70cb8e70c80f5fa256ae

SHA256
4524ccf3f2dbbba3b992427f696fa4660d4ca75bc034d4b3c1136be62e09439b

SHA512
cb5d195bf6eeb4c3ad0577cfb836ad62319592ddbe912fe3ad16220d690d160551e98f6efd4f66ba3d34f5ea4c52e4e1621e556de30dafaedef7d17119efd450

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7a740362ab1ff9679a6ba83b15e57421

SHA1
9c24bf0e1db0dc9dbad44542f8c451459e1543d2

SHA256
d0335f7ecd45d2a06927e52cde438109dbe3bc4910008355c4dd57aadc93bb51

SHA512
7bdd8416e3f35996ba720ea976d178e1d314420a010b9ba64907698437eb7b1f3dc8e5cfe282594dbd0abadf258a54cd7d957f0c64a0ce44391e67aab35c4a77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c6b183100ce069d2dcf386b86f58c48e

SHA1
6176a30f9f1f3b5a63c31166a14cfd5f1487ca0a

SHA256
78101c657e7948daf13234e9663fb44c6f3e0878647d46d3c440301838b0a37e

SHA512
da82f28712839a782cf55a75dfeba98737ef0a8faa7ecad53b185277b99a76f2b38698ac556191e8766dcfb28934376c50732df9078f2d1c2d8fb785eb0cd105

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
8697dc90cc237b0019a9b0684b257a07

SHA1
5b560e636cf7f8275ca1537b1fc7715d570459eb

SHA256
871179f4ef1ff1aeec0d785902025955a2ff76213bba03fb27cb9d34f0eaf162

SHA512
1c7b812e2fc7510ccdf0d162b25c2dba262a85084044c618bff6d2d82aa92a2faa88e0b935e8aaded4c53ce1e86ae260f17e06430ccce3d569c3b9721151d94a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3c8581a2e5e37adcfa377edf31e768a2

SHA1
71c37709e0dc3400792fffe4d96ce298265e48c4

SHA256
917fb67ebf58e3bb3b75dd2191e28c0ec7f9a5d2dbde2beb097a6d9642f7b1ab

SHA512
b7f35d1d8beb11336e004d6ab0361c8ac0a017caa937935f3e6354b2ce7d07948e0b9bc152447847332d70a3dc55084e46f5d299ed3d3303228eae057993144f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
f773c7a943ea149a095c54cb9350893c

SHA1
b48aa53dd45bdc234586c1bf8545e3000410fcb4

SHA256
ef039375dcd05ba46e7590c0e05799c82a28bf1007b24df31641d7c8d3575096

SHA512
3d351af80a857a8280867bea5ca65ec1c33680353ceecdc747fc3a6b162ef56b762f191f59a4652bad7bbe14e3f15b48b62678c77bc34cca3b67af0dd8f8d28e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4b5f4d38c7e80c174439ac71ccaf8c72

SHA1
e5c46a44ea2a0d564bac8741049d34d0542f4c9d

SHA256
ef8be6d12664be10c7e67e0b09e5b30b4a955e5525230198f697594fc4976846

SHA512
e594700b6ccfee1b0bb09316f3c3a6bc158488e046a2c6c758ec1ccb1e957c3e9d7750b6aa38cf85e4a944a37a9f13ec187e6a347ae2cd4af88769099399ed8a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
318aa625e725884b9c2dcb4d32e91bb0

SHA1
22e8dc012b5dfe0e23ce641af21b4009f5ab6d21

SHA256
4c875229016809fa8496fbcbc589b5ddd598c99cf782af2ac838d9d392658634

SHA512
6bcd0561486409d2ed0e069a1daa1f5d5f4aed3971ad5d000206144890aa3894a4c0fa60ed30259c429f46911a2b609d481db52474de898b057a85fa35cda681

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
bd28c33478bca443ee743a3a52229d72

SHA1
b16372a49636cfae1e09aeda39ebf010784d42e4

SHA256
e3b638b9855d8b62b38b82d8619a9f6135e9084985403bdcc0f05553f434b2d5

SHA512
8f300623489a5c06772fe26d2abff68d8e1a4d2e3160dd7edcb2812762b5ebdf0d226a8d20478c30f36c668ce9829172c94b3901133ae98fa73ae0a7368f63a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c14d0e263df4ed335b2fa6a29006a5d3

SHA1
7ed6e9e4cc49066e699ee4c0c25780798144c9f8

SHA256
30367e82d71ef7872be3ee7a2a01b3738878731c663c2a124971017f9469a23a

SHA512
1281eefc991ce4e88082f1645674040df68923c9e922761df5928120926808b4630aeca37185ed576de229611a37a133a546f55d6f87a8740534c95a4b651a98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d3d4830253e94c1c82d506f45e86f3fa

SHA1
92acc2dd12af21805c02698da83d91390b71a601

SHA256
30f0fd2115c640f6f28d2b9214a1ea85fd97dbd937f3763f6660b8bc3d23a5e1

SHA512
49007c5893634a889405ac4bd1fb02ee9931c34309050297c99c580605b974dbc88648be926957ebe14f69c3e31c1973382a959d8e0a6f99323aca00d8fdac03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
9d149952ceb1c678c71ea70709f80eee

SHA1
d3d988a6baaf9d9987a853db6a3f5f9b270e76b9

SHA256
b1bae1b5ea61818838b92cbc928e0752de0e1c66037b5d750c714ea495318a6f

SHA512
da366b99c365ac3d013e3dcab3f7209b4cd947a4a897953c43bf1b3c7ed95d9c7643ca6ace2a3075de7b59803a44a18354a381df9fe709840dc8606bd1ce8d56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
14022342123ae2a45090ed078668585e

SHA1
cf1a4e2d3dd601c227b4caaf7a3e15be606a4c41

SHA256
c69dd492a757e70c863d595f8eb31c3ec3e0c9df23b92852f710384d1de25ebc

SHA512
2d4eaba30a60233b7300f648e358fe04e9c90062a31f85066492ea24399f48a90a3d3e82dfb0f63a4136c28140b1699b4ab0dd14eeaef58fa4a4b31c2587ae08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
567205e77cde689676edae00988ec52c

SHA1
18f47cb8197ed2def435dfa7c951349245589aad

SHA256
4adf8af14d568a56d4629830e3ff7ca768aa4d9514182fb4bf86f3adf4740aa2

SHA512
7a11d6f9fddde0b0616455bcbc3ed915df2ad23c776707639802e1133474e83ae5836dbbfef2be44c328a975015218a4e87add3557d7eddabc68715a5508a951

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
ad68b82583113b3239a5f47112e77528

SHA1
0075529154ae37eb4deac393c27784e1b3e38b8c

SHA256
85b51d0ad713039f04f68475e944d2bbaffae599ae839df8a5daa8d5b9847a6d

SHA512
3a0f26acaad86786cd83a4e482822ae9a2f909c73c593a466fdea0e4ea2084cbaaaafe699084095f93674e2e3046ad9dba52da786bfc566a764510b19559c651

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
765c1c58700ca1d29ea1d31ac00fbad1

SHA1
09c8c2f9e688820a5676264cf1a03fe69dceb278

SHA256
92d7fadcfea44773e6fdd79880793f1256b675fba63a585fedf6bfb7093c3d07

SHA512
dafef12ff8a15d04bbce37181c7f4a356edec7dd0b1621a97c04d5de1cb9ed83d2cb4a88821ab55ea30a0dbe7ef1aedc58b2c5a55b0652831b5b90f1e739ae2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1

Filesize
264KB

MD5
366ad097e16a6a23685bd78a81673703

SHA1
b65c5e9c26834bd685fb8e32a6cb207b3766079b

SHA256
736c855b600a99292b9e30505a61863ffc32043455177a7425294643833e4138

SHA512
5ce569f4b3c4b5d2c423e8a0fec8243b6348c4d49900abf25b2f9914a4549a641eba0f4c7324ad6272e3011305eb68adc86f9197de5f1a30cf115e4842eaa2e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
4c6fffa7779e6be7a617adcbb34d752d

SHA1
05a908daec799ec15e6a1f126de2841fb350c646

SHA256
341bb86fbc40f5d6cc6f91ead566cb5708a7ef31ba1fe85e78c4edb505e91733

SHA512
60521c2492dc3e95b3c5a42fb53608b59aecab75614eb62e0eb95311f7dc66d7713ede088bb3e18971b280288b9d072fddc62feaa57ae786f0e0a46a2ad55644

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
c6cb7c663035d922827d228a7b0957f9

SHA1
0ecc87b2378e1f7c67adb7c098ab7f5cd7bdd98e

SHA256
819aeaf761fa58c354d8bf1c12e658a9efe5dd67a480816d5e1e155bba7d2c97

SHA512
fbd4151304af0bb04debf335b514502ef57f10a4d01010b3e486a3343848a0db514b095145ca865a4847c9c62953a1a443c6b37e6fd1763c9f29201275d563d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
34cead0d10f0352bd87263660d6932ac

SHA1
d697ca0dba78d23bfd280a2f735ab0992047d9c6

SHA256
ab4766451f275c4d8f350c31300a30380ae686e0eef125456e5f94877bc2db29

SHA512
06618bd05566322c3ddced60bbaa720f35fabbd97f154023c79d85c53e779e7a6ce690d92c664430351c6ca9039bd59a8d12517931172f8a0a6e6e985a75e1a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
61cef8e38cd95bf003f5fdd1dc37dae1

SHA1
11f2f79ecb349344c143eea9a0fed41891a3467f

SHA256
ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e

SHA512
6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
3c2ffa8236908a9ef44b76c871e655c2

SHA1
5f75c4475fbe72b2f5c762107967c8887ba5ab92

SHA256
179b4e0231aa050fbfb349215cea49a73692f6f6c7c0dc545491a2ff6a9e3d08

SHA512
547295ad3875a8758058bf80c80e7e4600a7bef5c8c7648bad958aa4619c05ce714e7a15a866bc37ffd72692b3bda01d9353535f01a11b340b3fdff7081c3870

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c7c97e9b-da36-406f-b32c-371629d123ce.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
c3acbb9745e0f45b009c8ae79ab14e16

SHA1
385051fb5c47eb1e87ee4554ad003485c86f0a8e

SHA256
31386083329344e01b9b009ab505155d78e342ffb049e49b12cfb7ed575708cf

SHA512
0a0d8d85188396d0001be56bd74305d8eb2b01c6d45b4df514eb31fc4545dde2c2f4bc27d3c0390b61943f0c81c058ed2796eff321fc1e953f29aba13d11d952

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2808_789783737\38e8ee40-26c4-4372-b3ec-0d7bb6819654.tmp

Filesize
150KB

MD5
14937b985303ecce4196154a24fc369a

SHA1
ecfe89e11a8d08ce0c8745ff5735d5edad683730

SHA256
71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

SHA512
1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2808_789783737\CRX_INSTALL\_locales\en\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

Filesize
393KB

MD5
3c4161be295e9e9d019ce68dae82d60a

SHA1
36447fc6418e209dff1bb8a5e576f4d46e3b3296

SHA256
0f6481dabf7871823f259eb95f3b85c37d1de8a7d1884ac77a97d887cf96f75d

SHA512
cfa2d491a5d28beb8eb908d5af61254ac4c4c88e74c53d5d00ae15ef0731df1654304199996545d1074814c0ea8a032957b28d70774f05347616428e667f70e6

Download Submit
C:\Users\Admin\Downloads\C2Panel-main.zip.crdownload

Filesize
6.8MB

MD5
269476a20f766cd148e4514a35aa0d59

SHA1
999b0ffe1ab97417ba7c9e630b8eb2294ecdc50b

SHA256
1468e5cef7f654f6dcccd6678fad87cedf38328e4dea600093f3709e0fb3a4c8

SHA512
21bf440a7336c07c3c45cba350a458ff085adcb85856762fabcf431f21d341227f699a3aaebeb7f08b6001a986a81cdde7619d136435fea78e9fd7c500244e1e

Download Submit
memory/2216-0-0x0000000000FCA000-0x0000000000FCB000-memory.dmp

Filesize
4KB

Download
memory/2572-1-0x0000000000400000-0x0000000000456000-memory.dmp

Filesize
344KB

Download
memory/2572-4-0x0000000000FB0000-0x0000000001018000-memory.dmp

Filesize
416KB

Download
memory/2572-3-0x0000000000400000-0x0000000000456000-memory.dmp

Filesize
344KB

Download
memory/5184-1463-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

Filesize
4KB

Download
memory/5184-1473-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

Filesize
4KB

Download
memory/5184-1472-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

Filesize
4KB

Download
memory/5184-1471-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

Filesize
4KB

Download
memory/5184-1470-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

Filesize
4KB

Download
memory/5184-1469-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

Filesize
4KB

Download
memory/5184-1474-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

Filesize
4KB

Download
memory/5184-1475-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

Filesize
4KB

Download
memory/5184-1464-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

Filesize
4KB

Download
memory/5184-1465-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

Filesize
4KB

Download