Analysis Overview
SHA256
1468e5cef7f654f6dcccd6678fad87cedf38328e4dea600093f3709e0fb3a4c8
Threat Level: Known bad
The file C2Panel-main.zip was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer, LummaC
Lumma family
Executes dropped EXE
Obfuscated with Agile.Net obfuscator
Suspicious use of SetThreadContext
System Location Discovery: System Language Discovery
Unsigned PE
Browser Information Discovery
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Checks SCSI registry key(s)
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies registry class
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-16 21:40
Signatures
Obfuscated with Agile.Net obfuscator
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-16 21:40
Reported
2025-01-16 21:55
Platform
win10v2004-20241007-en
Max time kernel
688s
Max time network
502s
Command Line
Signatures
Lumma Stealer, LummaC
Lumma family
Executes dropped EXE
Suspicious use of SetThreadContext
Browser Information Discovery
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133815373041365832" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
"C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe"
C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
"C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffe2eaecc40,0x7ffe2eaecc4c,0x7ffe2eaecc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1740,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1788 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2212,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2216 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2288,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2436 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3284,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3304 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3696,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4552 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4832,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4840 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4956,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4868,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4980 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5212,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5220 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5076,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4984 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5000,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5200 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5504,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5488 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4376,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5228 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5208,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5200 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5516,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5236 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3344,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1248 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4484,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4776 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5072,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5536 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Documents\C2Panel-main\" -spe -an -ai#7zMap12890:86:7zEvent19452
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault78b6d7f7h7662h4a8dh916eh91b0d4ced2d6
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffe308546f8,0x7ffe30854708,0x7ffe30854718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,13578161611046291706,5135252510076133496,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1996 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,13578161611046291706,5135252510076133496,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,13578161611046291706,5135252510076133496,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | bellflamre.click | udp |
| US | 8.8.8.8:53 | immureprech.biz | udp |
| US | 8.8.8.8:53 | deafeninggeh.biz | udp |
| US | 8.8.8.8:53 | effecterectz.xyz | udp |
| US | 8.8.8.8:53 | diffuculttan.xyz | udp |
| US | 8.8.8.8:53 | debonairnukk.xyz | udp |
| US | 8.8.8.8:53 | wrathful-jammy.cyou | udp |
| US | 8.8.8.8:53 | awake-weaves.cyou | udp |
| US | 8.8.8.8:53 | sordid-snaked.cyou | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.143.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nikolay-romanov.su | udp |
| US | 104.21.48.1:443 | nikolay-romanov.su | tcp |
| US | 8.8.8.8:53 | 1.48.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.98.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| GB | 142.250.200.33:443 | clients2.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 216.58.206.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.206.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.74:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.169.46:443 | consent.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.46:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 216.58.201.110:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 216.58.201.110:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | encrypted-tbn3.gstatic.com | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| DE | 216.58.206.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.179.227:443 | id.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | encrypted-tbn2.gstatic.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | 154.110.199.185.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| DE | 216.58.206.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.180.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.179.227:443 | id.google.com | udp |
| DE | 216.58.206.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.179.238:443 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.180.14:443 | google.com | udp |
| US | 8.8.8.8:53 | 14.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bellflamre.click | udp |
| US | 8.8.8.8:53 | immureprech.biz | udp |
| US | 8.8.8.8:53 | deafeninggeh.biz | udp |
| US | 8.8.8.8:53 | effecterectz.xyz | udp |
| US | 8.8.8.8:53 | diffuculttan.xyz | udp |
| US | 8.8.8.8:53 | debonairnukk.xyz | udp |
| US | 8.8.8.8:53 | wrathful-jammy.cyou | udp |
| US | 8.8.8.8:53 | awake-weaves.cyou | udp |
| US | 8.8.8.8:53 | sordid-snaked.cyou | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | bellflamre.click | udp |
| US | 8.8.8.8:53 | immureprech.biz | udp |
| US | 8.8.8.8:53 | deafeninggeh.biz | udp |
| US | 8.8.8.8:53 | effecterectz.xyz | udp |
| US | 8.8.8.8:53 | diffuculttan.xyz | udp |
| US | 8.8.8.8:53 | debonairnukk.xyz | udp |
| US | 8.8.8.8:53 | wrathful-jammy.cyou | udp |
| US | 8.8.8.8:53 | awake-weaves.cyou | udp |
| US | 8.8.8.8:53 | sordid-snaked.cyou | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | nikolay-romanov.su | udp |
| US | 104.21.96.1:443 | nikolay-romanov.su | tcp |
| US | 8.8.8.8:53 | 1.96.21.104.in-addr.arpa | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 104.21.96.1:443 | nikolay-romanov.su | tcp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bellflamre.click | udp |
| US | 8.8.8.8:53 | immureprech.biz | udp |
| US | 8.8.8.8:53 | deafeninggeh.biz | udp |
| US | 8.8.8.8:53 | effecterectz.xyz | udp |
| US | 8.8.8.8:53 | diffuculttan.xyz | udp |
| US | 8.8.8.8:53 | debonairnukk.xyz | udp |
| US | 8.8.8.8:53 | wrathful-jammy.cyou | udp |
| US | 8.8.8.8:53 | awake-weaves.cyou | udp |
| US | 8.8.8.8:53 | sordid-snaked.cyou | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 104.21.96.1:443 | nikolay-romanov.su | tcp |
| US | 104.21.96.1:443 | nikolay-romanov.su | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 104.21.96.1:443 | nikolay-romanov.su | tcp |
| US | 8.8.8.8:53 | bellflamre.click | udp |
| US | 8.8.8.8:53 | immureprech.biz | udp |
| US | 8.8.8.8:53 | deafeninggeh.biz | udp |
| US | 8.8.8.8:53 | effecterectz.xyz | udp |
| US | 8.8.8.8:53 | diffuculttan.xyz | udp |
| US | 8.8.8.8:53 | debonairnukk.xyz | udp |
| US | 8.8.8.8:53 | wrathful-jammy.cyou | udp |
| US | 8.8.8.8:53 | awake-weaves.cyou | udp |
| US | 8.8.8.8:53 | sordid-snaked.cyou | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 104.21.96.1:443 | nikolay-romanov.su | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 104.21.96.1:443 | nikolay-romanov.su | tcp |
| US | 8.8.8.8:53 | bellflamre.click | udp |
| US | 8.8.8.8:53 | immureprech.biz | udp |
| US | 8.8.8.8:53 | deafeninggeh.biz | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 104.21.96.1:443 | nikolay-romanov.su | tcp |
| US | 8.8.8.8:53 | effecterectz.xyz | udp |
| US | 8.8.8.8:53 | diffuculttan.xyz | udp |
| US | 8.8.8.8:53 | debonairnukk.xyz | udp |
| US | 8.8.8.8:53 | wrathful-jammy.cyou | udp |
| US | 8.8.8.8:53 | awake-weaves.cyou | udp |
| US | 8.8.8.8:53 | sordid-snaked.cyou | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 104.21.96.1:443 | nikolay-romanov.su | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
Files
memory/2216-0-0x0000000000FCA000-0x0000000000FCB000-memory.dmp
memory/2572-1-0x0000000000400000-0x0000000000456000-memory.dmp
memory/2572-3-0x0000000000400000-0x0000000000456000-memory.dmp
memory/2572-4-0x0000000000FB0000-0x0000000001018000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Temp\scoped_dir2808_789783737\38e8ee40-26c4-4372-b3ec-0d7bb6819654.tmp
| MD5 | 14937b985303ecce4196154a24fc369a |
| SHA1 | ecfe89e11a8d08ce0c8745ff5735d5edad683730 |
| SHA256 | 71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff |
| SHA512 | 1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c |
C:\Users\Admin\AppData\Local\Temp\scoped_dir2808_789783737\CRX_INSTALL\_locales\en\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 2720fbc01d13e5a89d7622afbffe4dc3 |
| SHA1 | 051e968d8d629037016e4680000ed1dde757ab48 |
| SHA256 | a089f54841fe4e206e945c88749a39bc7fe6611118e2d358cf2fa0c2a1d78c13 |
| SHA512 | a3a43f319b5e3ecbfa11123d80f52b99c3f73875067efc59e716b32d9e5a5045d2eb7a4e17a90ec137b370bf5811eb2e7f53db2e6a4ec1b7ab607dea9687941c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4c6fffa7779e6be7a617adcbb34d752d |
| SHA1 | 05a908daec799ec15e6a1f126de2841fb350c646 |
| SHA256 | 341bb86fbc40f5d6cc6f91ead566cb5708a7ef31ba1fe85e78c4edb505e91733 |
| SHA512 | 60521c2492dc3e95b3c5a42fb53608b59aecab75614eb62e0eb95311f7dc66d7713ede088bb3e18971b280288b9d072fddc62feaa57ae786f0e0a46a2ad55644 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e0468ca278d797483c408f52844c1bca |
| SHA1 | 359f04d89ec75870906478fb1c38c2756073a5b7 |
| SHA256 | d07ce7156e3fd37fccc3447f98f5250173ecf7a54ac4a28337ebd431c7d444df |
| SHA512 | cf09c994f44f1f6eb33b777c6e80c792de214c91824163ed825348ac570ef05015b652739c718db1798adbd9f01cbae9d94c85b0fd181234ecd3e1631f9f053a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9495986e0e44c3fcff79966607dc3247 |
| SHA1 | 524a2c54ee18cdad01145200d4ff6951b31a8fa8 |
| SHA256 | 46df09a3f3275c0f9b290fb48ec96b48195c117632398d69359c503e6aa5670a |
| SHA512 | 10d7374b2c73e860c1623cd288360c8a18dd279d30f50f58de4244e120ed6a0b14159cf80f47a6fd02108bf9625187a04802e8e2ce19e49b96a5a84c534b87b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | ad68b82583113b3239a5f47112e77528 |
| SHA1 | 0075529154ae37eb4deac393c27784e1b3e38b8c |
| SHA256 | 85b51d0ad713039f04f68475e944d2bbaffae599ae839df8a5daa8d5b9847a6d |
| SHA512 | 3a0f26acaad86786cd83a4e482822ae9a2f909c73c593a466fdea0e4ea2084cbaaaafe699084095f93674e2e3046ad9dba52da786bfc566a764510b19559c651 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | d474ec7f8d58a66420b6daa0893a4874 |
| SHA1 | 4314642571493ba983748556d0e76ec6704da211 |
| SHA256 | 553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69 |
| SHA512 | 344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 765c1c58700ca1d29ea1d31ac00fbad1 |
| SHA1 | 09c8c2f9e688820a5676264cf1a03fe69dceb278 |
| SHA256 | 92d7fadcfea44773e6fdd79880793f1256b675fba63a585fedf6bfb7093c3d07 |
| SHA512 | dafef12ff8a15d04bbce37181c7f4a356edec7dd0b1621a97c04d5de1cb9ed83d2cb4a88821ab55ea30a0dbe7ef1aedc58b2c5a55b0652831b5b90f1e739ae2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 14022342123ae2a45090ed078668585e |
| SHA1 | cf1a4e2d3dd601c227b4caaf7a3e15be606a4c41 |
| SHA256 | c69dd492a757e70c863d595f8eb31c3ec3e0c9df23b92852f710384d1de25ebc |
| SHA512 | 2d4eaba30a60233b7300f648e358fe04e9c90062a31f85066492ea24399f48a90a3d3e82dfb0f63a4136c28140b1699b4ab0dd14eeaef58fa4a4b31c2587ae08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cc3f17459021b645e869323d9bc611b6 |
| SHA1 | 30f4fe662160fbd324850e706191fd2154f095fe |
| SHA256 | acc0d284e3f4d6af1f041af2cd720e134a6ba89b56f143da64237e54815777d9 |
| SHA512 | 94c090aecf3d83956d2b5f84e639ca3aec3d68452ee650f2830de51b93ae6cb3d755b083a898d306e711d012504953dea48d760e652ac7a69782418faa86d5a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 935bc20edabe498a08be0b6d1c7fa2ea |
| SHA1 | 5a6fc1b81dc8c15d7a723a3abebd9a3e22972ccc |
| SHA256 | 2ccdc44be4e89b1bb8e0bd4c7d44a18b069aa8de624e6c8ec5cb3077753ee5a3 |
| SHA512 | 40ff23202179d9f126949b4ee75e9c0f52955aae14d9662477e81ebe8c42338ffffed8b43e25e8044ab194579a543c5bad5a8a18ff2e3b42d22c58dda5a417f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c6cb7c663035d922827d228a7b0957f9 |
| SHA1 | 0ecc87b2378e1f7c67adb7c098ab7f5cd7bdd98e |
| SHA256 | 819aeaf761fa58c354d8bf1c12e658a9efe5dd67a480816d5e1e155bba7d2c97 |
| SHA512 | fbd4151304af0bb04debf335b514502ef57f10a4d01010b3e486a3343848a0db514b095145ca865a4847c9c62953a1a443c6b37e6fd1763c9f29201275d563d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 42f0c80fde5c2f0bcce2bcc5941f0a55 |
| SHA1 | e9bc757199ad9ff8082757ea306c544e6a50f012 |
| SHA256 | 6d6ba79270818dffd1ba50ec6041eb64b91d0ebb9e87a2c0b51b4a2db25e917f |
| SHA512 | 358a36dd274b2362fe0654d40f49552d411e21b5e6fc873aa6de5ac93eb8d7e67615266b5a57428182a9a02e17731d861efbc9ae26ad362852e8e92fed9c94e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5d6c0112c6504d5f40d027d7204d5a22 |
| SHA1 | 0a044097f9af96a02b1da48e98ee3237e1bf9143 |
| SHA256 | d270e8dfa633f9bfe728632cdd26ca049953e7cb30b5e5949f5a983b426c85f5 |
| SHA512 | 03c2e308c036f4212ce62fc657d1650da6057d5a6aecf3e10767fc68eae5b3af08b2af00d8c22ce2dcf884b2043da8ffe01b29311e999dfb7d0ea56e687becda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e5a586b53a94596128dbc9e9d7de31da |
| SHA1 | 812726ab8445f66d7e3dffc55f6219e35c1864dc |
| SHA256 | 51710da2466ef2138372d582ec922529c31c6c5f8aa7b5b15927fd55778e8577 |
| SHA512 | 5f670506e8be38234913d5d4dafcc547ec65ec00596c2e1325529e3d1f98ded96acdec4c54c4a6d79871c7d35227a3620338f858dcfc2741c10b51f28129a960 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 2b956dd19591e1fac474f5faf51df7a5 |
| SHA1 | b52a99722898e0bf81458e88b1116f7508c5c7d7 |
| SHA256 | 2cb06d7c429fb293aa11738103d638da328b44e1cf1ed7a6c143a1707d61a5d5 |
| SHA512 | a704338aaee61252926fb6c6d8260d2053e8c656b8f036b926e789af0ab394c79af3ed6a514c70bccb0052e6d7b1d1c11508c78a10f5fe13ef000544a1e1db35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3c8581a2e5e37adcfa377edf31e768a2 |
| SHA1 | 71c37709e0dc3400792fffe4d96ce298265e48c4 |
| SHA256 | 917fb67ebf58e3bb3b75dd2191e28c0ec7f9a5d2dbde2beb097a6d9642f7b1ab |
| SHA512 | b7f35d1d8beb11336e004d6ab0361c8ac0a017caa937935f3e6354b2ce7d07948e0b9bc152447847332d70a3dc55084e46f5d299ed3d3303228eae057993144f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f1170d22e499e660e224c533e924628f |
| SHA1 | a578298ad7d48c5b1ca177fcc098ea6a863b47d7 |
| SHA256 | e66f4db5d065ccdf44d73ad85fffc8a96fb994fbda46c182c0a25251441ab4c6 |
| SHA512 | af1b012b774db7d887629e4fabbb5e6557ea2b40b27e9a02d3bc485c8880ffa65136d48fb9b73498217148012c6f02b663d18207f9105087630be531a3352863 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 38d033e4427a8f2d1a315713a4c78fbf |
| SHA1 | 96053e46d8c7ad376594de0e7ebf3ccb3d894685 |
| SHA256 | 0ef79cff9d9a294f23cbee97d254d91137ee4ae34debc80b156c53fd7e8a3423 |
| SHA512 | eac879b49e3bbfa0bc4b0a9906ae287b6e21225148c676e66b361a62f0412e97aabd831032b7c090b3311a7e1e39b477c95b39a50cf5334ed1f10cedfb4f210c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4a2fc2e63888d0915e88a4770b5ad40f |
| SHA1 | c79a809a0a4d6e31ddd48f8e6a54f415074218b7 |
| SHA256 | 83751f16fa54eb6b93da5ea2dc821caf88c50aab7a51dfcb3f8971316d84e644 |
| SHA512 | 7b2b417662a0d521094e707f29a2d72fdec475c00ed4c963218d5d2c8aac8e07553f8722677a7524355b607ab3b70d454dd0ee302ac3bf5c61c7a143048db0f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 818b4b731d1e8456de50dcc6dc9f80a4 |
| SHA1 | 7f2b7acbfda5c186e47b2a5ecf318c056b227dae |
| SHA256 | 744631ff7d480aae0760486696c158337f7d943c7ac2588dccda6377b738569a |
| SHA512 | f96918537ab6f4f11eac740ae2244a54f9a6c49ba75385871ca5eae9ced0073db5fe6164f564c30d10f07b45b65fd3b5bcc5c728400cfb57b4b723f9a1fba948 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7a740362ab1ff9679a6ba83b15e57421 |
| SHA1 | 9c24bf0e1db0dc9dbad44542f8c451459e1543d2 |
| SHA256 | d0335f7ecd45d2a06927e52cde438109dbe3bc4910008355c4dd57aadc93bb51 |
| SHA512 | 7bdd8416e3f35996ba720ea976d178e1d314420a010b9ba64907698437eb7b1f3dc8e5cfe282594dbd0abadf258a54cd7d957f0c64a0ce44391e67aab35c4a77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 699518229599f6c13585e2ff5a859b7a |
| SHA1 | c15f77ecd78f86fd1d3f51c48eda3e3f445f57b7 |
| SHA256 | 5f6c82d83f9598a5e13197a1da7faa275e9793f34abe8e0c60c955129f36051a |
| SHA512 | 36da8a5324ac47218750b159f8deeb1976cb3dceaae7c1c16a2ada6c39ea7d927ea9449868807c2574b83ed06372d30d2c7c2eb9bd001fab12ed1a2733748378 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4b5f4d38c7e80c174439ac71ccaf8c72 |
| SHA1 | e5c46a44ea2a0d564bac8741049d34d0542f4c9d |
| SHA256 | ef8be6d12664be10c7e67e0b09e5b30b4a955e5525230198f697594fc4976846 |
| SHA512 | e594700b6ccfee1b0bb09316f3c3a6bc158488e046a2c6c758ec1ccb1e957c3e9d7750b6aa38cf85e4a944a37a9f13ec187e6a347ae2cd4af88769099399ed8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5ea81d7903aac981b57083f9e735c6e0 |
| SHA1 | c21f4ed10710411952da9286ab179282a3f1ce2e |
| SHA256 | 800bc3ccf8044dc23f5b42ee5b412e8a04476c390d17e1600f96fb347c46d96a |
| SHA512 | b5143ae752d9483468794160bdb425f95233d1fca9425b97020f880389b1e8dc4ea2b510b26b8f4bafea91b480f3fa92b25a41e52dd55d79e4e5e7d2539f3f42 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c6b183100ce069d2dcf386b86f58c48e |
| SHA1 | 6176a30f9f1f3b5a63c31166a14cfd5f1487ca0a |
| SHA256 | 78101c657e7948daf13234e9663fb44c6f3e0878647d46d3c440301838b0a37e |
| SHA512 | da82f28712839a782cf55a75dfeba98737ef0a8faa7ecad53b185277b99a76f2b38698ac556191e8766dcfb28934376c50732df9078f2d1c2d8fb785eb0cd105 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 21425d41274cbcc87cf1fae0ba11fe4f |
| SHA1 | e38a01c789359c90dcd0862bcf2a5d2dab7520ad |
| SHA256 | eead8be0dd15bc179393f29e85c319e15272eca3ef341a703833a2650dce4210 |
| SHA512 | dc94d9bcd35d904eba9742931d0cf4d95984b2bca91a4438b1d78290ceb68d93c679321119def0b13cc7bd2b9997ee556393c7ddc68a4b22980e7f9c05241c13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 237ef94a7eadc43becf0533ae43b7310 |
| SHA1 | 1e12ea67f07cd6099ebfdeaf535bbe3596c28790 |
| SHA256 | 565392a2b96323ebde710ecde570fd8a5f64f1f00c56505ee5efd15b41df7910 |
| SHA512 | 02d83b5abebed5347383dbe69c03188e402d7d39f41d610478276e2cd0be084df06f42d966aaf90e6d4378b6bd560cdd81e4ef8b4a72b946955a2bc6864b4d8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9310ffdd963acfa2350d69c71758a733 |
| SHA1 | d3b1733d4e7ee057a90172bda5649336fea67274 |
| SHA256 | 591cd078ec133b5acb6e01a52bf7240994658cbec086269e6924d140a16b732c |
| SHA512 | 94062cafbaa884d75d7b2ee3a0f4a3bd181343d11204ebbd50207f9b0c27c367e0d0464c7868c2eca4d2bf8c1f4eab9f029a5c5bc64ebbc5f62a53ff285e0f1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aa12f7f9cd657b1782e5d66ab3d38c1b |
| SHA1 | 76d0cf726f87088430a1d170e0561b4bbe4f6ee5 |
| SHA256 | 71d2d314c106ba53428833a403e0bbec6e1ea06611f72380cc7c48d970459c8b |
| SHA512 | c839f9c889483688149268c6de2e484d4233d9ed8f805a60eab30cb611009f4e03c08219134e7be47e176bcb5ec14999b7ac7e76e5800ee65706b28761e5d1e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 786f19bb7596c9ac262e81f0f59caf3c |
| SHA1 | bd1c328713ce2e906e2725bc34ec0cd80b2e5aaf |
| SHA256 | 80cecc4b5b24827e8110caa8b8210429f159304cbfde702f59be62bdc73d15fc |
| SHA512 | 06796e7bb260f9729f970a9428ffafe0901c36fa72d2db17569b9848a54512e22639849ef01595b79b3e1c1388cbfee88968ca23841cbadc307e2f0ac6734f7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 270531f449c2c72c13488faa491d5a2b |
| SHA1 | 5dca9d6e5838d86a71e3551fa4df7cc98b2ab071 |
| SHA256 | 08327ff4f4d8ac860e6cdcadd8b18bf83a90aad11eaa8cc3f10d1bf680334db6 |
| SHA512 | ae176997534aa1d9cfc7e2047dd8340096e513e69033ff25452216e74499576ddec31a0dcb3755b46af73312342eecc2bb7f49370c7c283edd8fe043ae55cd7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bd28c33478bca443ee743a3a52229d72 |
| SHA1 | b16372a49636cfae1e09aeda39ebf010784d42e4 |
| SHA256 | e3b638b9855d8b62b38b82d8619a9f6135e9084985403bdcc0f05553f434b2d5 |
| SHA512 | 8f300623489a5c06772fe26d2abff68d8e1a4d2e3160dd7edcb2812762b5ebdf0d226a8d20478c30f36c668ce9829172c94b3901133ae98fa73ae0a7368f63a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 03165fb9431410236935f5fa43c6358c |
| SHA1 | c8226f3f1397095614e77940b59fe26770fbc4c0 |
| SHA256 | 4ca5be0933c6d3f8e7484eee8e7a335b397320d69a7b11bf6e43897f2045b1f0 |
| SHA512 | b3fe38d26ef9eb44d9ae0e9b5dde9214076c8a3193f251af366784783310569b27a3191e5d395eb7dc9639d7d88cf3fd879bb00288d28b53af9dfdcaea71a35f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c2f41b112dcf576aebc7cf9d6234c641 |
| SHA1 | 2d4595b6e282e97d2736c4c0e4aad1622e9b7846 |
| SHA256 | c8d691ef5b1a08eeada4e8de10a606d9e9b19cb111ea71aaadbcac0673cc43ec |
| SHA512 | 895a76b9b63288d2b62dd142189d3f004cc520f80b4a588a1e6557fba502416f064d4bc1315a438c99509cb78b80be8a8d149574a6bde9dff6b223c44f4902c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1bb16d5b26eec20ebc1884cf92679c74 |
| SHA1 | 321e1ee6d452512a2ffc2c805fdbf30afe22588f |
| SHA256 | edf3f4cecc210eee967f722affdf6f9bdefe7c85564e0baa66b116425b358c65 |
| SHA512 | 2b8116b2a10612dbfb75302a75ef7172940c55bebee1340e370a3f678860bf3cb840055dceab6123b959e4f92cb06e24d2da9387b4498e555ff87e0f0c368ede |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 318aa625e725884b9c2dcb4d32e91bb0 |
| SHA1 | 22e8dc012b5dfe0e23ce641af21b4009f5ab6d21 |
| SHA256 | 4c875229016809fa8496fbcbc589b5ddd598c99cf782af2ac838d9d392658634 |
| SHA512 | 6bcd0561486409d2ed0e069a1daa1f5d5f4aed3971ad5d000206144890aa3894a4c0fa60ed30259c429f46911a2b609d481db52474de898b057a85fa35cda681 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | 12ec32578358877c92e6d069c908c847 |
| SHA1 | e30c0cf26c31e6b2704d97f49a8288847bebd0f7 |
| SHA256 | 9cba0015bd7bf0068e37a8ecbb14e39b5677936657ef8b675619b1427f98d08a |
| SHA512 | 5fbaa12108fe3fa52d706e8c564caabe0db509026998eb2770b9b66a6610fc3c7dca1fa5b08fff71d429e4b608ef03454ea33ed26668c9894f2766f2991049e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 102092e2a3e740d4fd4216ea91d165b9 |
| SHA1 | 4af71075c27da20bc187a2a00345f96859f34d3a |
| SHA256 | 3c6df5ed3196bd3f4d76b573a6206ad9b447906d6df2e0dc124edb6294d284a7 |
| SHA512 | 86fb85dd6a8ee05cfd5c888005046b69a28b9efcbbe0e871ceb6089d1821ff950af02722089c66b858f4ce38d5a2f31093d019ff47577e92d914a39f1b0975c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2ee2fc200b7448a813c3b83952841451 |
| SHA1 | 67732e583b5db7cf471cbdde79ad09f59a7d16be |
| SHA256 | dd258570bd1c18f30fd6fb021c162f1c76f3569291d2b10766ffbfda8d166808 |
| SHA512 | bff0fa15cc5a5950af863885e47a46850de1ac342cbd16e984328b7b8c2eb7d8bf6c8946f73fbb35504cc9427bdc90b75b6adb7f158961bb461dce0692cdf428 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 73f726f10c24860be3b20222cd863abc |
| SHA1 | 8307c24305e7ef69cc0d69ab3053ce3b2a4fca43 |
| SHA256 | 5c28de4b716624061e8ffecb0afb463c0a0a9a56bbcd499746f88c2b022b2ab2 |
| SHA512 | e6aee960dade91091138046e649c9a963b260efdde7264d41aed8e75fc609d8f466f42868fd61f9b07ec08c5dc947151134bf4d0bdfe429f2ac35b30b1ee438a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f773c7a943ea149a095c54cb9350893c |
| SHA1 | b48aa53dd45bdc234586c1bf8545e3000410fcb4 |
| SHA256 | ef039375dcd05ba46e7590c0e05799c82a28bf1007b24df31641d7c8d3575096 |
| SHA512 | 3d351af80a857a8280867bea5ca65ec1c33680353ceecdc747fc3a6b162ef56b762f191f59a4652bad7bbe14e3f15b48b62678c77bc34cca3b67af0dd8f8d28e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9cba32c744391893c53dcbf27d274eb0 |
| SHA1 | 7d2b560a3b2fd7dc9132da568a50682604328af9 |
| SHA256 | 0e403f59e6a67788e84788a3fd030a4ddba96a07460b4b97c48215754e77b06f |
| SHA512 | 1e684d4942491b16820fe5d1f8811eb013f7db704fc99711849d92c58f42b717f4fd314916b5952a4bffab6d040dda3aff00921d79db199f8db9ff8f663aeaa8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\05fc1b93-4f86-442d-9915-b04bd4c5a333.tmp
| MD5 | 923106ad5fca930970bcaf149a286dc2 |
| SHA1 | a7017761a8dabdcfb0a4c366878764ad426265b6 |
| SHA256 | a14774a5725178f3a5ef9b382b4007a49147f245cd2497a9f7590aec9238659a |
| SHA512 | f2e134383c3b5cba362d9fc47521df5c97d5a06ff6f9d4714069d7ade8d7b2fd204bc9851923ac641cd8ed28b7eb03ad892ed04eb8f2e2a72cccc5d722d43cd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029
| MD5 | 8bd66dfc42a1353c5e996cd88dc1501f |
| SHA1 | dc779a25ab37913f3198eb6f8c4d89e2a05635a6 |
| SHA256 | ef8772f5b2cf54057e1cfb7cb2e61f09cbd20db5ee307133caf517831a5df839 |
| SHA512 | 203a46b2d09da788614b86480d81769011c7d42e833fa33a19e99c86a987a3bd8755b89906b9fd0497a80a5cf27f1c5e795a66fe3d1c4a921667ec745ccf22f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0612e83bb376ee3f6000ff68d70c4b85 |
| SHA1 | 073d405c7ceaae5959f2e521cdcd5076dcdbf59a |
| SHA256 | 5a87070946fe1791e9455893f82bea2dc361b997d9ad7e2340606266aa94dd80 |
| SHA512 | bedcf7e4d4a915612ed4dced5bc7cd80ada67df05be862ec0ff0f43de2fc988ba4b09d483c6cf18323aa91cd97d49beb9f14e09ebf55a819724c5a27dc36d75d |
C:\Users\Admin\Downloads\C2Panel-main.zip.crdownload
| MD5 | 269476a20f766cd148e4514a35aa0d59 |
| SHA1 | 999b0ffe1ab97417ba7c9e630b8eb2294ecdc50b |
| SHA256 | 1468e5cef7f654f6dcccd6678fad87cedf38328e4dea600093f3709e0fb3a4c8 |
| SHA512 | 21bf440a7336c07c3c45cba350a458ff085adcb85856762fabcf431f21d341227f699a3aaebeb7f08b6001a986a81cdde7619d136435fea78e9fd7c500244e1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 71b9fc3badef2d887e1d0f5c22311be8 |
| SHA1 | 602a378d16d9041453c95c4c42d11c53e197abd3 |
| SHA256 | 3cfcc984b809ddae851389d6370bb9816146aa1ea8408346115b6005d9714384 |
| SHA512 | 0a14adcd8fdf9010674157a88e4d2e471fe4e6ec5dd95784bc53c9e4bd365aeb0a7dd027cf09649fe4b1f2b603aab24dbf2620614f14bca03b41781da2e1aed0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9d149952ceb1c678c71ea70709f80eee |
| SHA1 | d3d988a6baaf9d9987a853db6a3f5f9b270e76b9 |
| SHA256 | b1bae1b5ea61818838b92cbc928e0752de0e1c66037b5d750c714ea495318a6f |
| SHA512 | da366b99c365ac3d013e3dcab3f7209b4cd947a4a897953c43bf1b3c7ed95d9c7643ca6ace2a3075de7b59803a44a18354a381df9fe709840dc8606bd1ce8d56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 608f6ce9d76f075190aebcfb37710030 |
| SHA1 | b3fd1833315b31783fdea27fb45a35bfc3deb67c |
| SHA256 | 91a851410e92df13944531f15b58124bf76409ece64bf3ccadb9820ec585c3c6 |
| SHA512 | 4a332a7f1d3fb6f0c2cbe7deca4f941bce8f1216cb42e343d1eee45094313320e2214e6cc4ebc77368090ff32f394e538d15eb940bac6c14e8c3f7bd181900fb |
C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
| MD5 | 3c4161be295e9e9d019ce68dae82d60a |
| SHA1 | 36447fc6418e209dff1bb8a5e576f4d46e3b3296 |
| SHA256 | 0f6481dabf7871823f259eb95f3b85c37d1de8a7d1884ac77a97d887cf96f75d |
| SHA512 | cfa2d491a5d28beb8eb908d5af61254ac4c4c88e74c53d5d00ae15ef0731df1654304199996545d1074814c0ea8a032957b28d70774f05347616428e667f70e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 81330b2e2b7c486ed8291c82004a04ac |
| SHA1 | af49ffc7789c4827d4dccf07ee39bf43cd9ba90d |
| SHA256 | 8f917db3c48a4cec52605f237beb4ce389261e2451cfcabc4ef3d099da1d0c90 |
| SHA512 | 0e8b005dc6bb785a868d4df41060ad5d512f52c8bf5173e482e845f183e0010db694c498f94636bd80a4a689f6b05a4606babec6afe7683ffb576c2913b0646b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 31052f5f1a8acca1e19427b698ac5276 |
| SHA1 | 7cf93b6f40a5eb636666f1a984ab0be2061e4c21 |
| SHA256 | 2ee560fa5e7b68520849af9b807f91af9d86c2420fc5b8af4aae22062174271a |
| SHA512 | 72c1529ebc5c443333b4554efbd216c2be2a6dd91775364fbcf338c0ae35f1668d084f250114b5239b124081c8972c9eb0b13e4668bcc61d8ea35f44c830999b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2f5076c5d556f5865ae1777da65aac0 |
| SHA1 | 53af84a98a175795fc6e70cb8e70c80f5fa256ae |
| SHA256 | 4524ccf3f2dbbba3b992427f696fa4660d4ca75bc034d4b3c1136be62e09439b |
| SHA512 | cb5d195bf6eeb4c3ad0577cfb836ad62319592ddbe912fe3ad16220d690d160551e98f6efd4f66ba3d34f5ea4c52e4e1621e556de30dafaedef7d17119efd450 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 61cef8e38cd95bf003f5fdd1dc37dae1 |
| SHA1 | 11f2f79ecb349344c143eea9a0fed41891a3467f |
| SHA256 | ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e |
| SHA512 | 6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d |
\??\pipe\LOCAL\crashpad_4788_JKZRGGMJCJSTLCPC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c7c97e9b-da36-406f-b32c-371629d123ce.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c3acbb9745e0f45b009c8ae79ab14e16 |
| SHA1 | 385051fb5c47eb1e87ee4554ad003485c86f0a8e |
| SHA256 | 31386083329344e01b9b009ab505155d78e342ffb049e49b12cfb7ed575708cf |
| SHA512 | 0a0d8d85188396d0001be56bd74305d8eb2b01c6d45b4df514eb31fc4545dde2c2f4bc27d3c0390b61943f0c81c058ed2796eff321fc1e953f29aba13d11d952 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3c2ffa8236908a9ef44b76c871e655c2 |
| SHA1 | 5f75c4475fbe72b2f5c762107967c8887ba5ab92 |
| SHA256 | 179b4e0231aa050fbfb349215cea49a73692f6f6c7c0dc545491a2ff6a9e3d08 |
| SHA512 | 547295ad3875a8758058bf80c80e7e4600a7bef5c8c7648bad958aa4619c05ce714e7a15a866bc37ffd72692b3bda01d9353535f01a11b340b3fdff7081c3870 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 567205e77cde689676edae00988ec52c |
| SHA1 | 18f47cb8197ed2def435dfa7c951349245589aad |
| SHA256 | 4adf8af14d568a56d4629830e3ff7ca768aa4d9514182fb4bf86f3adf4740aa2 |
| SHA512 | 7a11d6f9fddde0b0616455bcbc3ed915df2ad23c776707639802e1133474e83ae5836dbbfef2be44c328a975015218a4e87add3557d7eddabc68715a5508a951 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c14d0e263df4ed335b2fa6a29006a5d3 |
| SHA1 | 7ed6e9e4cc49066e699ee4c0c25780798144c9f8 |
| SHA256 | 30367e82d71ef7872be3ee7a2a01b3738878731c663c2a124971017f9469a23a |
| SHA512 | 1281eefc991ce4e88082f1645674040df68923c9e922761df5928120926808b4630aeca37185ed576de229611a37a133a546f55d6f87a8740534c95a4b651a98 |
memory/5184-1465-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp
memory/5184-1464-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp
memory/5184-1463-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp
memory/5184-1475-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp
memory/5184-1474-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp
memory/5184-1473-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp
memory/5184-1472-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp
memory/5184-1471-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp
memory/5184-1470-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp
memory/5184-1469-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8697dc90cc237b0019a9b0684b257a07 |
| SHA1 | 5b560e636cf7f8275ca1537b1fc7715d570459eb |
| SHA256 | 871179f4ef1ff1aeec0d785902025955a2ff76213bba03fb27cb9d34f0eaf162 |
| SHA512 | 1c7b812e2fc7510ccdf0d162b25c2dba262a85084044c618bff6d2d82aa92a2faa88e0b935e8aaded4c53ce1e86ae260f17e06430ccce3d569c3b9721151d94a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d3d4830253e94c1c82d506f45e86f3fa |
| SHA1 | 92acc2dd12af21805c02698da83d91390b71a601 |
| SHA256 | 30f0fd2115c640f6f28d2b9214a1ea85fd97dbd937f3763f6660b8bc3d23a5e1 |
| SHA512 | 49007c5893634a889405ac4bd1fb02ee9931c34309050297c99c580605b974dbc88648be926957ebe14f69c3e31c1973382a959d8e0a6f99323aca00d8fdac03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 34cead0d10f0352bd87263660d6932ac |
| SHA1 | d697ca0dba78d23bfd280a2f735ab0992047d9c6 |
| SHA256 | ab4766451f275c4d8f350c31300a30380ae686e0eef125456e5f94877bc2db29 |
| SHA512 | 06618bd05566322c3ddced60bbaa720f35fabbd97f154023c79d85c53e779e7a6ce690d92c664430351c6ca9039bd59a8d12517931172f8a0a6e6e985a75e1a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1
| MD5 | 366ad097e16a6a23685bd78a81673703 |
| SHA1 | b65c5e9c26834bd685fb8e32a6cb207b3766079b |
| SHA256 | 736c855b600a99292b9e30505a61863ffc32043455177a7425294643833e4138 |
| SHA512 | 5ce569f4b3c4b5d2c423e8a0fec8243b6348c4d49900abf25b2f9914a4549a641eba0f4c7324ad6272e3011305eb68adc86f9197de5f1a30cf115e4842eaa2e1 |
Analysis: behavioral2
Detonation Overview
Submitted
2025-01-16 21:40
Reported
2025-01-16 21:55
Platform
win10v2004-20241007-en
Max time kernel
413s
Max time network
423s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\DrakeUI.Framework.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.98.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.130.81.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.15.104.51.in-addr.arpa | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2025-01-16 21:40
Reported
2025-01-16 21:55
Platform
win10v2004-20241007-en
Max time kernel
425s
Max time network
427s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\GeoIPCitys.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.98.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.49.80.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.15.104.51.in-addr.arpa | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2025-01-16 21:40
Reported
2025-01-16 21:55
Platform
win10v2004-20241007-en
Max time kernel
426s
Max time network
433s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\HVMRun64.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.98.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.64.52.20.in-addr.arpa | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2025-01-16 21:40
Reported
2025-01-16 21:55
Platform
win10v2004-20241007-en
Max time kernel
433s
Max time network
435s
Command Line
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1696 wrote to memory of 2416 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 1696 wrote to memory of 2416 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 1696 wrote to memory of 2416 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\HVMRuntm.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\HVMRuntm.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.98.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.49.80.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.15.104.51.in-addr.arpa | udp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2025-01-16 21:40
Reported
2025-01-16 21:55
Platform
win10v2004-20241007-en
Max time kernel
406s
Max time network
407s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\LiveCharts.MAPS.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.98.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.49.80.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.73.42.20.in-addr.arpa | udp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2025-01-16 21:40
Reported
2025-01-16 21:55
Platform
win10v2004-20241007-en
Max time kernel
429s
Max time network
434s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\LiveCharts.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.98.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.15.104.51.in-addr.arpa | udp |