Malware Analysis Report

2025-05-28 16:50

Sample ID 250116-1h82pa1lhm
Target C2Panel-main.zip
SHA256 1468e5cef7f654f6dcccd6678fad87cedf38328e4dea600093f3709e0fb3a4c8
Tags
agilenet lumma discovery stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

1468e5cef7f654f6dcccd6678fad87cedf38328e4dea600093f3709e0fb3a4c8

Threat Level: Known bad

The file C2Panel-main.zip was found to be: Known bad.

Malicious Activity Summary

agilenet lumma discovery stealer

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Obfuscated with Agile.Net obfuscator

Suspicious use of SetThreadContext

System Location Discovery: System Language Discovery

Unsigned PE

Browser Information Discovery

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

Checks SCSI registry key(s)

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies registry class

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-01-16 21:40

Signatures

Obfuscated with Agile.Net obfuscator

agilenet
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-01-16 21:40

Reported

2025-01-16 21:55

Platform

win10v2004-20241007-en

Max time kernel

688s

Max time network

502s

Command Line

"C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe"

Signatures

Lumma Stealer, LummaC

stealer lumma

Lumma family

lumma

Suspicious use of SetThreadContext

Description Indicator Process Target
PID 2216 set thread context of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 3656 set thread context of 3616 N/A C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
PID 3064 set thread context of 2964 N/A C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
PID 2344 set thread context of 1132 N/A C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
PID 5968 set thread context of 6024 N/A C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
PID 6108 set thread context of 5192 N/A C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
PID 2540 set thread context of 1640 N/A C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
PID 5560 set thread context of 3060 N/A C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
PID 2864 set thread context of 3880 N/A C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
PID 704 set thread context of 4696 N/A C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe
PID 5812 set thread context of 4236 N/A C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133815373041365832" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2216 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 2216 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 2216 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 2216 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 2216 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 2216 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 2216 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 2216 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 2216 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 2216 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe
PID 2808 wrote to memory of 3324 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3324 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 3496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe

"C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe"

C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe

"C:\Users\Admin\AppData\Local\Temp\C2Panel-main\C2Panel.exe"

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffe2eaecc40,0x7ffe2eaecc4c,0x7ffe2eaecc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1740,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1788 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2212,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2288,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2436 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3284,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3304 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3696,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4552 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4832,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4840 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4956,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4868,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4980 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5212,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5220 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5076,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4984 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5000,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5200 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5504,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5488 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4376,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5228 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5208,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5200 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5516,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5236 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3344,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1248 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4484,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4776 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5072,i,12848973710965292076,16877479553821464585,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5536 /prefetch:8

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Documents\C2Panel-main\" -spe -an -ai#7zMap12890:86:7zEvent19452

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault78b6d7f7h7662h4a8dh916eh91b0d4ced2d6

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffe308546f8,0x7ffe30854708,0x7ffe30854718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,13578161611046291706,5135252510076133496,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1996 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,13578161611046291706,5135252510076133496,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,13578161611046291706,5135252510076133496,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

"C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 bellflamre.click udp
US 8.8.8.8:53 immureprech.biz udp
US 8.8.8.8:53 deafeninggeh.biz udp
US 8.8.8.8:53 effecterectz.xyz udp
US 8.8.8.8:53 diffuculttan.xyz udp
US 8.8.8.8:53 debonairnukk.xyz udp
US 8.8.8.8:53 wrathful-jammy.cyou udp
US 8.8.8.8:53 awake-weaves.cyou udp
US 8.8.8.8:53 sordid-snaked.cyou udp
US 8.8.8.8:53 steamcommunity.com udp
GB 23.214.143.155:443 steamcommunity.com tcp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 155.143.214.23.in-addr.arpa udp
US 8.8.8.8:53 nikolay-romanov.su udp
US 104.21.48.1:443 nikolay-romanov.su tcp
US 8.8.8.8:53 1.48.21.104.in-addr.arpa udp
US 8.8.8.8:53 7.98.22.2.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 241.42.69.40.in-addr.arpa udp
US 8.8.8.8:53 166.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 clients2.googleusercontent.com udp
GB 142.250.200.33:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 33.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
DE 216.58.206.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 67.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.169.74:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 consent.google.com udp
GB 172.217.169.46:443 consent.google.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.169.46:443 consent.google.com tcp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
GB 216.58.201.110:443 encrypted-tbn3.gstatic.com tcp
GB 216.58.201.110:443 encrypted-tbn3.gstatic.com tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
GB 216.58.201.110:443 encrypted-tbn3.gstatic.com tcp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
DE 216.58.206.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 id.google.com udp
GB 142.250.179.227:443 id.google.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
GB 142.250.179.238:443 encrypted-tbn2.gstatic.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.22:443 collector.github.com tcp
US 140.82.112.22:443 collector.github.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 22.112.82.140.in-addr.arpa udp
DE 216.58.206.67:443 beacons.gcp.gvt2.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 google.com udp
GB 142.250.180.14:443 google.com tcp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.227:443 id.google.com udp
DE 216.58.206.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
GB 142.250.179.238:443 encrypted-tbn2.gstatic.com udp
GB 142.250.180.14:443 google.com udp
US 8.8.8.8:53 14.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 142.250.187.196:443 www.google.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 216.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 bellflamre.click udp
US 8.8.8.8:53 immureprech.biz udp
US 8.8.8.8:53 deafeninggeh.biz udp
US 8.8.8.8:53 effecterectz.xyz udp
US 8.8.8.8:53 diffuculttan.xyz udp
US 8.8.8.8:53 debonairnukk.xyz udp
US 8.8.8.8:53 wrathful-jammy.cyou udp
US 8.8.8.8:53 awake-weaves.cyou udp
US 8.8.8.8:53 sordid-snaked.cyou udp
US 8.8.8.8:53 steamcommunity.com udp
GB 23.214.143.155:443 steamcommunity.com tcp
US 8.8.8.8:53 bellflamre.click udp
US 8.8.8.8:53 immureprech.biz udp
US 8.8.8.8:53 deafeninggeh.biz udp
US 8.8.8.8:53 effecterectz.xyz udp
US 8.8.8.8:53 diffuculttan.xyz udp
US 8.8.8.8:53 debonairnukk.xyz udp
US 8.8.8.8:53 wrathful-jammy.cyou udp
US 8.8.8.8:53 awake-weaves.cyou udp
US 8.8.8.8:53 sordid-snaked.cyou udp
GB 23.214.143.155:443 steamcommunity.com tcp
US 8.8.8.8:53 nikolay-romanov.su udp
US 104.21.96.1:443 nikolay-romanov.su tcp
US 8.8.8.8:53 1.96.21.104.in-addr.arpa udp
GB 23.214.143.155:443 steamcommunity.com tcp
US 104.21.96.1:443 nikolay-romanov.su tcp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 bellflamre.click udp
US 8.8.8.8:53 immureprech.biz udp
US 8.8.8.8:53 deafeninggeh.biz udp
US 8.8.8.8:53 effecterectz.xyz udp
US 8.8.8.8:53 diffuculttan.xyz udp
US 8.8.8.8:53 debonairnukk.xyz udp
US 8.8.8.8:53 wrathful-jammy.cyou udp
US 8.8.8.8:53 awake-weaves.cyou udp
US 8.8.8.8:53 sordid-snaked.cyou udp
US 8.8.8.8:53 steamcommunity.com udp
GB 23.214.143.155:443 steamcommunity.com tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 104.21.96.1:443 nikolay-romanov.su tcp
US 104.21.96.1:443 nikolay-romanov.su tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 104.21.96.1:443 nikolay-romanov.su tcp
US 8.8.8.8:53 bellflamre.click udp
US 8.8.8.8:53 immureprech.biz udp
US 8.8.8.8:53 deafeninggeh.biz udp
US 8.8.8.8:53 effecterectz.xyz udp
US 8.8.8.8:53 diffuculttan.xyz udp
US 8.8.8.8:53 debonairnukk.xyz udp
US 8.8.8.8:53 wrathful-jammy.cyou udp
US 8.8.8.8:53 awake-weaves.cyou udp
US 8.8.8.8:53 sordid-snaked.cyou udp
US 8.8.8.8:53 steamcommunity.com udp
GB 23.214.143.155:443 steamcommunity.com tcp
US 104.21.96.1:443 nikolay-romanov.su tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 104.21.96.1:443 nikolay-romanov.su tcp
US 8.8.8.8:53 bellflamre.click udp
US 8.8.8.8:53 immureprech.biz udp
US 8.8.8.8:53 deafeninggeh.biz udp
GB 23.214.143.155:443 steamcommunity.com tcp
US 104.21.96.1:443 nikolay-romanov.su tcp
US 8.8.8.8:53 effecterectz.xyz udp
US 8.8.8.8:53 diffuculttan.xyz udp
US 8.8.8.8:53 debonairnukk.xyz udp
US 8.8.8.8:53 wrathful-jammy.cyou udp
US 8.8.8.8:53 awake-weaves.cyou udp
US 8.8.8.8:53 sordid-snaked.cyou udp
GB 23.214.143.155:443 steamcommunity.com tcp
US 104.21.96.1:443 nikolay-romanov.su tcp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
GB 20.26.156.210:443 api.github.com tcp

Files

memory/2216-0-0x0000000000FCA000-0x0000000000FCB000-memory.dmp

memory/2572-1-0x0000000000400000-0x0000000000456000-memory.dmp

memory/2572-3-0x0000000000400000-0x0000000000456000-memory.dmp

memory/2572-4-0x0000000000FB0000-0x0000000001018000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\scoped_dir2808_789783737\38e8ee40-26c4-4372-b3ec-0d7bb6819654.tmp

MD5 14937b985303ecce4196154a24fc369a
SHA1 ecfe89e11a8d08ce0c8745ff5735d5edad683730
SHA256 71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff
SHA512 1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

C:\Users\Admin\AppData\Local\Temp\scoped_dir2808_789783737\CRX_INSTALL\_locales\en\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 2720fbc01d13e5a89d7622afbffe4dc3
SHA1 051e968d8d629037016e4680000ed1dde757ab48
SHA256 a089f54841fe4e206e945c88749a39bc7fe6611118e2d358cf2fa0c2a1d78c13
SHA512 a3a43f319b5e3ecbfa11123d80f52b99c3f73875067efc59e716b32d9e5a5045d2eb7a4e17a90ec137b370bf5811eb2e7f53db2e6a4ec1b7ab607dea9687941c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4c6fffa7779e6be7a617adcbb34d752d
SHA1 05a908daec799ec15e6a1f126de2841fb350c646
SHA256 341bb86fbc40f5d6cc6f91ead566cb5708a7ef31ba1fe85e78c4edb505e91733
SHA512 60521c2492dc3e95b3c5a42fb53608b59aecab75614eb62e0eb95311f7dc66d7713ede088bb3e18971b280288b9d072fddc62feaa57ae786f0e0a46a2ad55644

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e0468ca278d797483c408f52844c1bca
SHA1 359f04d89ec75870906478fb1c38c2756073a5b7
SHA256 d07ce7156e3fd37fccc3447f98f5250173ecf7a54ac4a28337ebd431c7d444df
SHA512 cf09c994f44f1f6eb33b777c6e80c792de214c91824163ed825348ac570ef05015b652739c718db1798adbd9f01cbae9d94c85b0fd181234ecd3e1631f9f053a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9495986e0e44c3fcff79966607dc3247
SHA1 524a2c54ee18cdad01145200d4ff6951b31a8fa8
SHA256 46df09a3f3275c0f9b290fb48ec96b48195c117632398d69359c503e6aa5670a
SHA512 10d7374b2c73e860c1623cd288360c8a18dd279d30f50f58de4244e120ed6a0b14159cf80f47a6fd02108bf9625187a04802e8e2ce19e49b96a5a84c534b87b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 ad68b82583113b3239a5f47112e77528
SHA1 0075529154ae37eb4deac393c27784e1b3e38b8c
SHA256 85b51d0ad713039f04f68475e944d2bbaffae599ae839df8a5daa8d5b9847a6d
SHA512 3a0f26acaad86786cd83a4e482822ae9a2f909c73c593a466fdea0e4ea2084cbaaaafe699084095f93674e2e3046ad9dba52da786bfc566a764510b19559c651

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 d474ec7f8d58a66420b6daa0893a4874
SHA1 4314642571493ba983748556d0e76ec6704da211
SHA256 553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69
SHA512 344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 765c1c58700ca1d29ea1d31ac00fbad1
SHA1 09c8c2f9e688820a5676264cf1a03fe69dceb278
SHA256 92d7fadcfea44773e6fdd79880793f1256b675fba63a585fedf6bfb7093c3d07
SHA512 dafef12ff8a15d04bbce37181c7f4a356edec7dd0b1621a97c04d5de1cb9ed83d2cb4a88821ab55ea30a0dbe7ef1aedc58b2c5a55b0652831b5b90f1e739ae2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 14022342123ae2a45090ed078668585e
SHA1 cf1a4e2d3dd601c227b4caaf7a3e15be606a4c41
SHA256 c69dd492a757e70c863d595f8eb31c3ec3e0c9df23b92852f710384d1de25ebc
SHA512 2d4eaba30a60233b7300f648e358fe04e9c90062a31f85066492ea24399f48a90a3d3e82dfb0f63a4136c28140b1699b4ab0dd14eeaef58fa4a4b31c2587ae08

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cc3f17459021b645e869323d9bc611b6
SHA1 30f4fe662160fbd324850e706191fd2154f095fe
SHA256 acc0d284e3f4d6af1f041af2cd720e134a6ba89b56f143da64237e54815777d9
SHA512 94c090aecf3d83956d2b5f84e639ca3aec3d68452ee650f2830de51b93ae6cb3d755b083a898d306e711d012504953dea48d760e652ac7a69782418faa86d5a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 935bc20edabe498a08be0b6d1c7fa2ea
SHA1 5a6fc1b81dc8c15d7a723a3abebd9a3e22972ccc
SHA256 2ccdc44be4e89b1bb8e0bd4c7d44a18b069aa8de624e6c8ec5cb3077753ee5a3
SHA512 40ff23202179d9f126949b4ee75e9c0f52955aae14d9662477e81ebe8c42338ffffed8b43e25e8044ab194579a543c5bad5a8a18ff2e3b42d22c58dda5a417f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c6cb7c663035d922827d228a7b0957f9
SHA1 0ecc87b2378e1f7c67adb7c098ab7f5cd7bdd98e
SHA256 819aeaf761fa58c354d8bf1c12e658a9efe5dd67a480816d5e1e155bba7d2c97
SHA512 fbd4151304af0bb04debf335b514502ef57f10a4d01010b3e486a3343848a0db514b095145ca865a4847c9c62953a1a443c6b37e6fd1763c9f29201275d563d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 42f0c80fde5c2f0bcce2bcc5941f0a55
SHA1 e9bc757199ad9ff8082757ea306c544e6a50f012
SHA256 6d6ba79270818dffd1ba50ec6041eb64b91d0ebb9e87a2c0b51b4a2db25e917f
SHA512 358a36dd274b2362fe0654d40f49552d411e21b5e6fc873aa6de5ac93eb8d7e67615266b5a57428182a9a02e17731d861efbc9ae26ad362852e8e92fed9c94e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5d6c0112c6504d5f40d027d7204d5a22
SHA1 0a044097f9af96a02b1da48e98ee3237e1bf9143
SHA256 d270e8dfa633f9bfe728632cdd26ca049953e7cb30b5e5949f5a983b426c85f5
SHA512 03c2e308c036f4212ce62fc657d1650da6057d5a6aecf3e10767fc68eae5b3af08b2af00d8c22ce2dcf884b2043da8ffe01b29311e999dfb7d0ea56e687becda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e5a586b53a94596128dbc9e9d7de31da
SHA1 812726ab8445f66d7e3dffc55f6219e35c1864dc
SHA256 51710da2466ef2138372d582ec922529c31c6c5f8aa7b5b15927fd55778e8577
SHA512 5f670506e8be38234913d5d4dafcc547ec65ec00596c2e1325529e3d1f98ded96acdec4c54c4a6d79871c7d35227a3620338f858dcfc2741c10b51f28129a960

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2b956dd19591e1fac474f5faf51df7a5
SHA1 b52a99722898e0bf81458e88b1116f7508c5c7d7
SHA256 2cb06d7c429fb293aa11738103d638da328b44e1cf1ed7a6c143a1707d61a5d5
SHA512 a704338aaee61252926fb6c6d8260d2053e8c656b8f036b926e789af0ab394c79af3ed6a514c70bccb0052e6d7b1d1c11508c78a10f5fe13ef000544a1e1db35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3c8581a2e5e37adcfa377edf31e768a2
SHA1 71c37709e0dc3400792fffe4d96ce298265e48c4
SHA256 917fb67ebf58e3bb3b75dd2191e28c0ec7f9a5d2dbde2beb097a6d9642f7b1ab
SHA512 b7f35d1d8beb11336e004d6ab0361c8ac0a017caa937935f3e6354b2ce7d07948e0b9bc152447847332d70a3dc55084e46f5d299ed3d3303228eae057993144f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f1170d22e499e660e224c533e924628f
SHA1 a578298ad7d48c5b1ca177fcc098ea6a863b47d7
SHA256 e66f4db5d065ccdf44d73ad85fffc8a96fb994fbda46c182c0a25251441ab4c6
SHA512 af1b012b774db7d887629e4fabbb5e6557ea2b40b27e9a02d3bc485c8880ffa65136d48fb9b73498217148012c6f02b663d18207f9105087630be531a3352863

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 38d033e4427a8f2d1a315713a4c78fbf
SHA1 96053e46d8c7ad376594de0e7ebf3ccb3d894685
SHA256 0ef79cff9d9a294f23cbee97d254d91137ee4ae34debc80b156c53fd7e8a3423
SHA512 eac879b49e3bbfa0bc4b0a9906ae287b6e21225148c676e66b361a62f0412e97aabd831032b7c090b3311a7e1e39b477c95b39a50cf5334ed1f10cedfb4f210c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a2fc2e63888d0915e88a4770b5ad40f
SHA1 c79a809a0a4d6e31ddd48f8e6a54f415074218b7
SHA256 83751f16fa54eb6b93da5ea2dc821caf88c50aab7a51dfcb3f8971316d84e644
SHA512 7b2b417662a0d521094e707f29a2d72fdec475c00ed4c963218d5d2c8aac8e07553f8722677a7524355b607ab3b70d454dd0ee302ac3bf5c61c7a143048db0f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 818b4b731d1e8456de50dcc6dc9f80a4
SHA1 7f2b7acbfda5c186e47b2a5ecf318c056b227dae
SHA256 744631ff7d480aae0760486696c158337f7d943c7ac2588dccda6377b738569a
SHA512 f96918537ab6f4f11eac740ae2244a54f9a6c49ba75385871ca5eae9ced0073db5fe6164f564c30d10f07b45b65fd3b5bcc5c728400cfb57b4b723f9a1fba948

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a740362ab1ff9679a6ba83b15e57421
SHA1 9c24bf0e1db0dc9dbad44542f8c451459e1543d2
SHA256 d0335f7ecd45d2a06927e52cde438109dbe3bc4910008355c4dd57aadc93bb51
SHA512 7bdd8416e3f35996ba720ea976d178e1d314420a010b9ba64907698437eb7b1f3dc8e5cfe282594dbd0abadf258a54cd7d957f0c64a0ce44391e67aab35c4a77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 699518229599f6c13585e2ff5a859b7a
SHA1 c15f77ecd78f86fd1d3f51c48eda3e3f445f57b7
SHA256 5f6c82d83f9598a5e13197a1da7faa275e9793f34abe8e0c60c955129f36051a
SHA512 36da8a5324ac47218750b159f8deeb1976cb3dceaae7c1c16a2ada6c39ea7d927ea9449868807c2574b83ed06372d30d2c7c2eb9bd001fab12ed1a2733748378

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b5f4d38c7e80c174439ac71ccaf8c72
SHA1 e5c46a44ea2a0d564bac8741049d34d0542f4c9d
SHA256 ef8be6d12664be10c7e67e0b09e5b30b4a955e5525230198f697594fc4976846
SHA512 e594700b6ccfee1b0bb09316f3c3a6bc158488e046a2c6c758ec1ccb1e957c3e9d7750b6aa38cf85e4a944a37a9f13ec187e6a347ae2cd4af88769099399ed8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5ea81d7903aac981b57083f9e735c6e0
SHA1 c21f4ed10710411952da9286ab179282a3f1ce2e
SHA256 800bc3ccf8044dc23f5b42ee5b412e8a04476c390d17e1600f96fb347c46d96a
SHA512 b5143ae752d9483468794160bdb425f95233d1fca9425b97020f880389b1e8dc4ea2b510b26b8f4bafea91b480f3fa92b25a41e52dd55d79e4e5e7d2539f3f42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6b183100ce069d2dcf386b86f58c48e
SHA1 6176a30f9f1f3b5a63c31166a14cfd5f1487ca0a
SHA256 78101c657e7948daf13234e9663fb44c6f3e0878647d46d3c440301838b0a37e
SHA512 da82f28712839a782cf55a75dfeba98737ef0a8faa7ecad53b185277b99a76f2b38698ac556191e8766dcfb28934376c50732df9078f2d1c2d8fb785eb0cd105

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 21425d41274cbcc87cf1fae0ba11fe4f
SHA1 e38a01c789359c90dcd0862bcf2a5d2dab7520ad
SHA256 eead8be0dd15bc179393f29e85c319e15272eca3ef341a703833a2650dce4210
SHA512 dc94d9bcd35d904eba9742931d0cf4d95984b2bca91a4438b1d78290ceb68d93c679321119def0b13cc7bd2b9997ee556393c7ddc68a4b22980e7f9c05241c13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 237ef94a7eadc43becf0533ae43b7310
SHA1 1e12ea67f07cd6099ebfdeaf535bbe3596c28790
SHA256 565392a2b96323ebde710ecde570fd8a5f64f1f00c56505ee5efd15b41df7910
SHA512 02d83b5abebed5347383dbe69c03188e402d7d39f41d610478276e2cd0be084df06f42d966aaf90e6d4378b6bd560cdd81e4ef8b4a72b946955a2bc6864b4d8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9310ffdd963acfa2350d69c71758a733
SHA1 d3b1733d4e7ee057a90172bda5649336fea67274
SHA256 591cd078ec133b5acb6e01a52bf7240994658cbec086269e6924d140a16b732c
SHA512 94062cafbaa884d75d7b2ee3a0f4a3bd181343d11204ebbd50207f9b0c27c367e0d0464c7868c2eca4d2bf8c1f4eab9f029a5c5bc64ebbc5f62a53ff285e0f1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa12f7f9cd657b1782e5d66ab3d38c1b
SHA1 76d0cf726f87088430a1d170e0561b4bbe4f6ee5
SHA256 71d2d314c106ba53428833a403e0bbec6e1ea06611f72380cc7c48d970459c8b
SHA512 c839f9c889483688149268c6de2e484d4233d9ed8f805a60eab30cb611009f4e03c08219134e7be47e176bcb5ec14999b7ac7e76e5800ee65706b28761e5d1e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 786f19bb7596c9ac262e81f0f59caf3c
SHA1 bd1c328713ce2e906e2725bc34ec0cd80b2e5aaf
SHA256 80cecc4b5b24827e8110caa8b8210429f159304cbfde702f59be62bdc73d15fc
SHA512 06796e7bb260f9729f970a9428ffafe0901c36fa72d2db17569b9848a54512e22639849ef01595b79b3e1c1388cbfee88968ca23841cbadc307e2f0ac6734f7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 270531f449c2c72c13488faa491d5a2b
SHA1 5dca9d6e5838d86a71e3551fa4df7cc98b2ab071
SHA256 08327ff4f4d8ac860e6cdcadd8b18bf83a90aad11eaa8cc3f10d1bf680334db6
SHA512 ae176997534aa1d9cfc7e2047dd8340096e513e69033ff25452216e74499576ddec31a0dcb3755b46af73312342eecc2bb7f49370c7c283edd8fe043ae55cd7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd28c33478bca443ee743a3a52229d72
SHA1 b16372a49636cfae1e09aeda39ebf010784d42e4
SHA256 e3b638b9855d8b62b38b82d8619a9f6135e9084985403bdcc0f05553f434b2d5
SHA512 8f300623489a5c06772fe26d2abff68d8e1a4d2e3160dd7edcb2812762b5ebdf0d226a8d20478c30f36c668ce9829172c94b3901133ae98fa73ae0a7368f63a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 03165fb9431410236935f5fa43c6358c
SHA1 c8226f3f1397095614e77940b59fe26770fbc4c0
SHA256 4ca5be0933c6d3f8e7484eee8e7a335b397320d69a7b11bf6e43897f2045b1f0
SHA512 b3fe38d26ef9eb44d9ae0e9b5dde9214076c8a3193f251af366784783310569b27a3191e5d395eb7dc9639d7d88cf3fd879bb00288d28b53af9dfdcaea71a35f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c2f41b112dcf576aebc7cf9d6234c641
SHA1 2d4595b6e282e97d2736c4c0e4aad1622e9b7846
SHA256 c8d691ef5b1a08eeada4e8de10a606d9e9b19cb111ea71aaadbcac0673cc43ec
SHA512 895a76b9b63288d2b62dd142189d3f004cc520f80b4a588a1e6557fba502416f064d4bc1315a438c99509cb78b80be8a8d149574a6bde9dff6b223c44f4902c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1bb16d5b26eec20ebc1884cf92679c74
SHA1 321e1ee6d452512a2ffc2c805fdbf30afe22588f
SHA256 edf3f4cecc210eee967f722affdf6f9bdefe7c85564e0baa66b116425b358c65
SHA512 2b8116b2a10612dbfb75302a75ef7172940c55bebee1340e370a3f678860bf3cb840055dceab6123b959e4f92cb06e24d2da9387b4498e555ff87e0f0c368ede

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 318aa625e725884b9c2dcb4d32e91bb0
SHA1 22e8dc012b5dfe0e23ce641af21b4009f5ab6d21
SHA256 4c875229016809fa8496fbcbc589b5ddd598c99cf782af2ac838d9d392658634
SHA512 6bcd0561486409d2ed0e069a1daa1f5d5f4aed3971ad5d000206144890aa3894a4c0fa60ed30259c429f46911a2b609d481db52474de898b057a85fa35cda681

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 12ec32578358877c92e6d069c908c847
SHA1 e30c0cf26c31e6b2704d97f49a8288847bebd0f7
SHA256 9cba0015bd7bf0068e37a8ecbb14e39b5677936657ef8b675619b1427f98d08a
SHA512 5fbaa12108fe3fa52d706e8c564caabe0db509026998eb2770b9b66a6610fc3c7dca1fa5b08fff71d429e4b608ef03454ea33ed26668c9894f2766f2991049e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 102092e2a3e740d4fd4216ea91d165b9
SHA1 4af71075c27da20bc187a2a00345f96859f34d3a
SHA256 3c6df5ed3196bd3f4d76b573a6206ad9b447906d6df2e0dc124edb6294d284a7
SHA512 86fb85dd6a8ee05cfd5c888005046b69a28b9efcbbe0e871ceb6089d1821ff950af02722089c66b858f4ce38d5a2f31093d019ff47577e92d914a39f1b0975c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2ee2fc200b7448a813c3b83952841451
SHA1 67732e583b5db7cf471cbdde79ad09f59a7d16be
SHA256 dd258570bd1c18f30fd6fb021c162f1c76f3569291d2b10766ffbfda8d166808
SHA512 bff0fa15cc5a5950af863885e47a46850de1ac342cbd16e984328b7b8c2eb7d8bf6c8946f73fbb35504cc9427bdc90b75b6adb7f158961bb461dce0692cdf428

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 73f726f10c24860be3b20222cd863abc
SHA1 8307c24305e7ef69cc0d69ab3053ce3b2a4fca43
SHA256 5c28de4b716624061e8ffecb0afb463c0a0a9a56bbcd499746f88c2b022b2ab2
SHA512 e6aee960dade91091138046e649c9a963b260efdde7264d41aed8e75fc609d8f466f42868fd61f9b07ec08c5dc947151134bf4d0bdfe429f2ac35b30b1ee438a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f773c7a943ea149a095c54cb9350893c
SHA1 b48aa53dd45bdc234586c1bf8545e3000410fcb4
SHA256 ef039375dcd05ba46e7590c0e05799c82a28bf1007b24df31641d7c8d3575096
SHA512 3d351af80a857a8280867bea5ca65ec1c33680353ceecdc747fc3a6b162ef56b762f191f59a4652bad7bbe14e3f15b48b62678c77bc34cca3b67af0dd8f8d28e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9cba32c744391893c53dcbf27d274eb0
SHA1 7d2b560a3b2fd7dc9132da568a50682604328af9
SHA256 0e403f59e6a67788e84788a3fd030a4ddba96a07460b4b97c48215754e77b06f
SHA512 1e684d4942491b16820fe5d1f8811eb013f7db704fc99711849d92c58f42b717f4fd314916b5952a4bffab6d040dda3aff00921d79db199f8db9ff8f663aeaa8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\05fc1b93-4f86-442d-9915-b04bd4c5a333.tmp

MD5 923106ad5fca930970bcaf149a286dc2
SHA1 a7017761a8dabdcfb0a4c366878764ad426265b6
SHA256 a14774a5725178f3a5ef9b382b4007a49147f245cd2497a9f7590aec9238659a
SHA512 f2e134383c3b5cba362d9fc47521df5c97d5a06ff6f9d4714069d7ade8d7b2fd204bc9851923ac641cd8ed28b7eb03ad892ed04eb8f2e2a72cccc5d722d43cd0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 8bd66dfc42a1353c5e996cd88dc1501f
SHA1 dc779a25ab37913f3198eb6f8c4d89e2a05635a6
SHA256 ef8772f5b2cf54057e1cfb7cb2e61f09cbd20db5ee307133caf517831a5df839
SHA512 203a46b2d09da788614b86480d81769011c7d42e833fa33a19e99c86a987a3bd8755b89906b9fd0497a80a5cf27f1c5e795a66fe3d1c4a921667ec745ccf22f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0612e83bb376ee3f6000ff68d70c4b85
SHA1 073d405c7ceaae5959f2e521cdcd5076dcdbf59a
SHA256 5a87070946fe1791e9455893f82bea2dc361b997d9ad7e2340606266aa94dd80
SHA512 bedcf7e4d4a915612ed4dced5bc7cd80ada67df05be862ec0ff0f43de2fc988ba4b09d483c6cf18323aa91cd97d49beb9f14e09ebf55a819724c5a27dc36d75d

C:\Users\Admin\Downloads\C2Panel-main.zip.crdownload

MD5 269476a20f766cd148e4514a35aa0d59
SHA1 999b0ffe1ab97417ba7c9e630b8eb2294ecdc50b
SHA256 1468e5cef7f654f6dcccd6678fad87cedf38328e4dea600093f3709e0fb3a4c8
SHA512 21bf440a7336c07c3c45cba350a458ff085adcb85856762fabcf431f21d341227f699a3aaebeb7f08b6001a986a81cdde7619d136435fea78e9fd7c500244e1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 71b9fc3badef2d887e1d0f5c22311be8
SHA1 602a378d16d9041453c95c4c42d11c53e197abd3
SHA256 3cfcc984b809ddae851389d6370bb9816146aa1ea8408346115b6005d9714384
SHA512 0a14adcd8fdf9010674157a88e4d2e471fe4e6ec5dd95784bc53c9e4bd365aeb0a7dd027cf09649fe4b1f2b603aab24dbf2620614f14bca03b41781da2e1aed0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9d149952ceb1c678c71ea70709f80eee
SHA1 d3d988a6baaf9d9987a853db6a3f5f9b270e76b9
SHA256 b1bae1b5ea61818838b92cbc928e0752de0e1c66037b5d750c714ea495318a6f
SHA512 da366b99c365ac3d013e3dcab3f7209b4cd947a4a897953c43bf1b3c7ed95d9c7643ca6ace2a3075de7b59803a44a18354a381df9fe709840dc8606bd1ce8d56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 608f6ce9d76f075190aebcfb37710030
SHA1 b3fd1833315b31783fdea27fb45a35bfc3deb67c
SHA256 91a851410e92df13944531f15b58124bf76409ece64bf3ccadb9820ec585c3c6
SHA512 4a332a7f1d3fb6f0c2cbe7deca4f941bce8f1216cb42e343d1eee45094313320e2214e6cc4ebc77368090ff32f394e538d15eb940bac6c14e8c3f7bd181900fb

C:\Users\Admin\Documents\C2Panel-main\C2Panel.exe

MD5 3c4161be295e9e9d019ce68dae82d60a
SHA1 36447fc6418e209dff1bb8a5e576f4d46e3b3296
SHA256 0f6481dabf7871823f259eb95f3b85c37d1de8a7d1884ac77a97d887cf96f75d
SHA512 cfa2d491a5d28beb8eb908d5af61254ac4c4c88e74c53d5d00ae15ef0731df1654304199996545d1074814c0ea8a032957b28d70774f05347616428e667f70e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 81330b2e2b7c486ed8291c82004a04ac
SHA1 af49ffc7789c4827d4dccf07ee39bf43cd9ba90d
SHA256 8f917db3c48a4cec52605f237beb4ce389261e2451cfcabc4ef3d099da1d0c90
SHA512 0e8b005dc6bb785a868d4df41060ad5d512f52c8bf5173e482e845f183e0010db694c498f94636bd80a4a689f6b05a4606babec6afe7683ffb576c2913b0646b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 31052f5f1a8acca1e19427b698ac5276
SHA1 7cf93b6f40a5eb636666f1a984ab0be2061e4c21
SHA256 2ee560fa5e7b68520849af9b807f91af9d86c2420fc5b8af4aae22062174271a
SHA512 72c1529ebc5c443333b4554efbd216c2be2a6dd91775364fbcf338c0ae35f1668d084f250114b5239b124081c8972c9eb0b13e4668bcc61d8ea35f44c830999b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d2f5076c5d556f5865ae1777da65aac0
SHA1 53af84a98a175795fc6e70cb8e70c80f5fa256ae
SHA256 4524ccf3f2dbbba3b992427f696fa4660d4ca75bc034d4b3c1136be62e09439b
SHA512 cb5d195bf6eeb4c3ad0577cfb836ad62319592ddbe912fe3ad16220d690d160551e98f6efd4f66ba3d34f5ea4c52e4e1621e556de30dafaedef7d17119efd450

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 61cef8e38cd95bf003f5fdd1dc37dae1
SHA1 11f2f79ecb349344c143eea9a0fed41891a3467f
SHA256 ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e
SHA512 6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

\??\pipe\LOCAL\crashpad_4788_JKZRGGMJCJSTLCPC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c7c97e9b-da36-406f-b32c-371629d123ce.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c3acbb9745e0f45b009c8ae79ab14e16
SHA1 385051fb5c47eb1e87ee4554ad003485c86f0a8e
SHA256 31386083329344e01b9b009ab505155d78e342ffb049e49b12cfb7ed575708cf
SHA512 0a0d8d85188396d0001be56bd74305d8eb2b01c6d45b4df514eb31fc4545dde2c2f4bc27d3c0390b61943f0c81c058ed2796eff321fc1e953f29aba13d11d952

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3c2ffa8236908a9ef44b76c871e655c2
SHA1 5f75c4475fbe72b2f5c762107967c8887ba5ab92
SHA256 179b4e0231aa050fbfb349215cea49a73692f6f6c7c0dc545491a2ff6a9e3d08
SHA512 547295ad3875a8758058bf80c80e7e4600a7bef5c8c7648bad958aa4619c05ce714e7a15a866bc37ffd72692b3bda01d9353535f01a11b340b3fdff7081c3870

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 567205e77cde689676edae00988ec52c
SHA1 18f47cb8197ed2def435dfa7c951349245589aad
SHA256 4adf8af14d568a56d4629830e3ff7ca768aa4d9514182fb4bf86f3adf4740aa2
SHA512 7a11d6f9fddde0b0616455bcbc3ed915df2ad23c776707639802e1133474e83ae5836dbbfef2be44c328a975015218a4e87add3557d7eddabc68715a5508a951

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c14d0e263df4ed335b2fa6a29006a5d3
SHA1 7ed6e9e4cc49066e699ee4c0c25780798144c9f8
SHA256 30367e82d71ef7872be3ee7a2a01b3738878731c663c2a124971017f9469a23a
SHA512 1281eefc991ce4e88082f1645674040df68923c9e922761df5928120926808b4630aeca37185ed576de229611a37a133a546f55d6f87a8740534c95a4b651a98

memory/5184-1465-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

memory/5184-1464-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

memory/5184-1463-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

memory/5184-1475-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

memory/5184-1474-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

memory/5184-1473-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

memory/5184-1472-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

memory/5184-1471-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

memory/5184-1470-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

memory/5184-1469-0x00000271FFDB0000-0x00000271FFDB1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8697dc90cc237b0019a9b0684b257a07
SHA1 5b560e636cf7f8275ca1537b1fc7715d570459eb
SHA256 871179f4ef1ff1aeec0d785902025955a2ff76213bba03fb27cb9d34f0eaf162
SHA512 1c7b812e2fc7510ccdf0d162b25c2dba262a85084044c618bff6d2d82aa92a2faa88e0b935e8aaded4c53ce1e86ae260f17e06430ccce3d569c3b9721151d94a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d3d4830253e94c1c82d506f45e86f3fa
SHA1 92acc2dd12af21805c02698da83d91390b71a601
SHA256 30f0fd2115c640f6f28d2b9214a1ea85fd97dbd937f3763f6660b8bc3d23a5e1
SHA512 49007c5893634a889405ac4bd1fb02ee9931c34309050297c99c580605b974dbc88648be926957ebe14f69c3e31c1973382a959d8e0a6f99323aca00d8fdac03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 34cead0d10f0352bd87263660d6932ac
SHA1 d697ca0dba78d23bfd280a2f735ab0992047d9c6
SHA256 ab4766451f275c4d8f350c31300a30380ae686e0eef125456e5f94877bc2db29
SHA512 06618bd05566322c3ddced60bbaa720f35fabbd97f154023c79d85c53e779e7a6ce690d92c664430351c6ca9039bd59a8d12517931172f8a0a6e6e985a75e1a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1

MD5 366ad097e16a6a23685bd78a81673703
SHA1 b65c5e9c26834bd685fb8e32a6cb207b3766079b
SHA256 736c855b600a99292b9e30505a61863ffc32043455177a7425294643833e4138
SHA512 5ce569f4b3c4b5d2c423e8a0fec8243b6348c4d49900abf25b2f9914a4549a641eba0f4c7324ad6272e3011305eb68adc86f9197de5f1a30cf115e4842eaa2e1

Analysis: behavioral2

Detonation Overview

Submitted

2025-01-16 21:40

Reported

2025-01-16 21:55

Platform

win10v2004-20241007-en

Max time kernel

413s

Max time network

423s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\DrakeUI.Framework.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\DrakeUI.Framework.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 7.98.22.2.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 134.130.81.91.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 253.15.104.51.in-addr.arpa udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2025-01-16 21:40

Reported

2025-01-16 21:55

Platform

win10v2004-20241007-en

Max time kernel

425s

Max time network

427s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\GeoIPCitys.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\GeoIPCitys.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 7.98.22.2.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 85.49.80.91.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 253.15.104.51.in-addr.arpa udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2025-01-16 21:40

Reported

2025-01-16 21:55

Platform

win10v2004-20241007-en

Max time kernel

426s

Max time network

433s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\HVMRun64.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\HVMRun64.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 7.98.22.2.in-addr.arpa udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 212.20.149.52.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 201.64.52.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2025-01-16 21:40

Reported

2025-01-16 21:55

Platform

win10v2004-20241007-en

Max time kernel

433s

Max time network

435s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\HVMRuntm.dll,#1

Signatures

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\rundll32.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1696 wrote to memory of 2416 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 1696 wrote to memory of 2416 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 1696 wrote to memory of 2416 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\HVMRuntm.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\HVMRuntm.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 7.98.22.2.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 22.49.80.91.in-addr.arpa udp
US 8.8.8.8:53 253.15.104.51.in-addr.arpa udp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2025-01-16 21:40

Reported

2025-01-16 21:55

Platform

win10v2004-20241007-en

Max time kernel

406s

Max time network

407s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\LiveCharts.MAPS.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\LiveCharts.MAPS.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 7.98.22.2.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 200.163.202.172.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 22.49.80.91.in-addr.arpa udp
US 8.8.8.8:53 28.73.42.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2025-01-16 21:40

Reported

2025-01-16 21:55

Platform

win10v2004-20241007-en

Max time kernel

429s

Max time network

434s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\LiveCharts.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\C2Panel-main\LiveCharts.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 72.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 7.98.22.2.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 167.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 253.15.104.51.in-addr.arpa udp

Files

N/A