hxxps://drive[.]google[.]com/file/d/1oMGzsTl1ADz5DDQpJpGWtzPK9Z0c9ARi/view

Analysis

max time kernel
151s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
16-01-2025 23:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://drive.google.com/file/d/1oMGzsTl1ADz5DDQpJpGWtzPK9Z0c9ARi/view

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
776	LosslessScaling.exe

Loads dropped DLL 1 IoCs

pid	Process
776	LosslessScaling.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
5	drive.google.com
7	drive.google.com

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks SCSI registry key(s) 3 TTPs 4 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000	chrome.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags	chrome.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000	chrome.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies Control Panel 1 IoCs

evasion

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\Colors	LosslessScaling.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133815455770100130"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000_Classes\Local Settings	chrome.exe

Runs .reg file with regedit 1 IoCs

pid	Process
3512	regedit.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

pid	Process
2544	chrome.exe
2544	chrome.exe
776	LosslessScaling.exe
776	LosslessScaling.exe
5332	chrome.exe
5332	chrome.exe
5332	chrome.exe
5332	chrome.exe
776	LosslessScaling.exe
776	LosslessScaling.exe
776	LosslessScaling.exe
776	LosslessScaling.exe
776	LosslessScaling.exe
776	LosslessScaling.exe
776	LosslessScaling.exe
776	LosslessScaling.exe
776	LosslessScaling.exe
776	LosslessScaling.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe

Suspicious use of FindShellTrayWindow 36 IoCs

pid	Process
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
1608	7zG.exe
2544	chrome.exe
2544	chrome.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
776	LosslessScaling.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2544 wrote to memory of 4716	2544	chrome.exe	83
PID 2544 wrote to memory of 4716	2544	chrome.exe	83
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5112	2544	chrome.exe	84
PID 2544 wrote to memory of 5032	2544	chrome.exe	85
PID 2544 wrote to memory of 5032	2544	chrome.exe	85
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86
PID 2544 wrote to memory of 1592	2544	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://drive.google.com/file/d/1oMGzsTl1ADz5DDQpJpGWtzPK9Z0c9ARi/view
1⤵
- Checks SCSI registry key(s)
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9f2dccc40,0x7ff9f2dccc4c,0x7ff9f2dccc58
  2⤵
  PID:4716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1912,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1908 /prefetch:2
  2⤵
  PID:5112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2180,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2164 /prefetch:3
  2⤵
  PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2444 /prefetch:8
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:1020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4348,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4508 /prefetch:1
  2⤵
  PID:976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4900,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:1
  2⤵
  PID:4448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5380,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5392 /prefetch:8
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5424,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5540 /prefetch:1
  2⤵
  PID:712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4524,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4356 /prefetch:1
  2⤵
  PID:232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4796,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4808 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4636,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5088 /prefetch:1
  2⤵
  PID:2932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3144,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4332 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5808,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:2348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=6072,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6112 /prefetch:8
  2⤵
  PID:2404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6204,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6232 /prefetch:8
  2⤵
  PID:4584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4908,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5096 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6196,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5952 /prefetch:1
  2⤵
  PID:5796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5688,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:6044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6604,i,11887438034356227728,17232521481469650559,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4644 /prefetch:8
  2⤵
  PID:1412

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4584

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4980

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3a0 0x440
1⤵
PID:4740

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4812

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Lossless.Scaling.v3.0.0.2\" -spe -an -ai#7zMap6021:112:7zEvent7851
1⤵
- Suspicious use of FindShellTrayWindow
PID:1608

C:\Windows\regedit.exe
"regedit.exe" "C:\Users\Admin\Downloads\Lossless.Scaling.v3.0.0.2\Registration ('Crack')\Double-click, confirm to merge, done.reg"
1⤵
- Runs .reg file with regedit
PID:3512

C:\Users\Admin\Downloads\Lossless.Scaling.v3.0.0.2\game\Stable v2.13.2\LosslessScaling.exe
"C:\Users\Admin\Downloads\Lossless.Scaling.v3.0.0.2\game\Stable v2.13.2\LosslessScaling.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies Control Panel
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:776

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Network Share Discovery

T1135

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\360fca9e-ae4d-48d0-b539-f2b1fa4ff03b.tmp

Filesize
11KB

MD5
ba03bb0352a7982ba44043db74c6b38f

SHA1
16f29978efc88f788df63befc628c1311e74d335

SHA256
23165c259015f9656c60d5a695e10e397d010e848c77432677bc6966221cd121

SHA512
cc8db8f7fdbcfea38d58aefd6ad8aa4d61504355803f2c8cca0b6d3457fac9f25ecf5b58ee9b2c8b49d7602468812cbe61d8accacd8284a97f48b14cf132e990

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
ee2108a2b728618462dd33d3f86ac992

SHA1
a7a9cb579dc5b76d011b86cd1184be86e29ccb11

SHA256
cc610026e6179d841d5913040604619f8f32bcf455f55d1f68a5c2defa354f73

SHA512
a6fce447cfcac568bf8bd641103d40a5dd7841fdb19881135276a4859ba5083dae6e8fb90b3d2215af30def98f4ea21c7d5863bc497b005cf12fa8765173bac6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000061

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000067

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
a15a14839dc0e9c038a834e77187d9be

SHA1
c9ec2ad622d49ba98684489607deb3f2cc29a0fa

SHA256
8c9f472e6d532422a8f1853bccef17c8a66207a7536e1462d5c4dace50d81a76

SHA512
721c8a770195d1b9613e75e9ed48f695365d7c8b821eda80a8659aba8c8df4c54ce39b8cd8ca97f319d0655d42566e9b15b5554f91aee6da7114948c20f591ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
68f9f7676d57584d93790919b2c5e1f4

SHA1
7e349b6fa2e92020727380c3f4a35d6cfa329410

SHA256
0fba6a562ec1507317f8e4ca13128f33eaa521a092c657085a39a2c079ec2cbf

SHA512
46be31590670e46ee7a73bbff76b69e5a7886aa8ce947fffb6ed112289488281850fbcf2264516eb2d360240a598029fbb6a7021c1b8d0c22e681f23799e481b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\1ccff269-f5d3-48c5-bf94-9750f1790af6.tmp

Filesize
2KB

MD5
59f0e6e7fd10621e5370a0ecac61fa82

SHA1
7721905969ff054be0814e8e7c0fff1282f73e66

SHA256
16219f84ec69ced2ba1d71a0946a16b0da28ae3f9ff66ee6e1faab06b2b29b83

SHA512
5cc58291c3b6178df0052222c24df328866a6a94cda29a292def095bd4b560becec65d0799729ce062009e3bf9f7a8596f00af9bb463f892c7637d07487f9105

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
3d126d4cac9e54629ef48ccde39b1229

SHA1
8009362d67480695bff8eb9895548c3b03f835f9

SHA256
847fd957e9fccf01eefa98c3a7ff21b188b795f0aef5451d6ba0fabdc8a2d9ea

SHA512
8b5d65c3d3b57344c4f0a7bf742566eb57ea32aedf40032a235ef7a0ad9bdecc717abd56ca89205263741c7a913cda6083dca1f89de4e08a2341614489ad6f9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
6e544786b3eb9237e4b50eea0e7405c2

SHA1
e241a666d46c66b15b03d48e9d87725ee91baf3c

SHA256
7a8a5e8bcc5a34762daab40abf5a72f3dd6ce0d09c8d44c00d382686ce4e3e9c

SHA512
60e38f658ed4e2774d746c6dde2d5cdc5282f2587bae632d81d211112bc8054583713141b1030d2649a32cd55fa162d76a82dbf33b6df292428e2458db101b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c7c101d7bc1521d55b432a0e99dab2be

SHA1
c03f671275c4b7b2a38366ccd5cc5c6106215e6e

SHA256
a8fcd701c962042373a237667eff30ca5b1f40569a8109529f1712971c39c69a

SHA512
87f09afb946b56f0dbde7d3dedd5ee9e699c61c74d5e196b86ad0f85a089919732c25005ef55be4e7f367345a08275dbee9d34b4f4a15f67f54c5f5105c6d49a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e1b48e647d62de3deb9f0a3e0649407c

SHA1
788af54197f49164f03ffdd2e60b04753fd9eb7f

SHA256
0c8e95c196e122c0f249e8a21270b8e9c389b0c0133c2d92902f490725d42c76

SHA512
26de3c226172b419e3f24a4d7790dedada183f4b42e5f1632f5dbb80da64802fb6a58848e1940c4b52be406aca8e7dd035944a970bc4435d8b459bd5c47268ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
27190d0c477bbbc2aad226f1240fd454

SHA1
134e4de7b66c48885a72c2d2b30852e2e567691b

SHA256
077f95ffbb5899d52fc485994d9b639da9ac25562c9c03e6b494f20ae298ed9a

SHA512
96c2fd44e538ce020ccbd09ce7448086ff19457aa22e5c0e30b1a79c590ca1ccc36297ec682555adffe071b744dad0db220a7e615d8e1a9b664f3be1055d9215

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a278fd4b47589bad5829c0fada3d8e4d

SHA1
a613d9e78e699d3cafdf1f89b641a11172fbf115

SHA256
ca610df5629e174d259f88ea132ec9360a9f9b02d0072a698cb134c7f051088d

SHA512
423b84e826e9c2a7cbdf2bc8f9e1ead329ebea9d21e4bf2e468d64c81df6a250e6ef88682f4a24211753781beb0ea192d12548194c9fcb39e000c3b1e163e240

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
6fe6ec5c5aa237c7fd7118b759ea5483

SHA1
fd4436bb6525f52b1de88a1ecdd2174a8394c1fb

SHA256
048cd39699180788fda58b31e94a55c3f22df275c5a0433c56f9c9402de90473

SHA512
b53c8809001414ae4cbbbec84b2a87366085c20bd8d065bbc33f3074a79a9dbdacd50e94e6f160b85b6344243483ffacef2b94d6a6acbbc3a78fd1ab019b1731

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
b50898edd48832bc13676d3d7d93dc55

SHA1
cceb2eb977a355ced118ff94604c2ef7211cc9f6

SHA256
1cdf31f432bd5e777d6b37dfadcd31c712c9fdacc8878a6e7a82204851379570

SHA512
e6f9ae0a6fcf01e606765e2cf97b40ee49cfa9e5c8a18c54506d663dbffe3b6fcf925bcab714d33137c855527bdaf2952ab80903fb86c3e4c74d215eb01735d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
c6ba42f1ab6c163925a2cf47ae484421

SHA1
68757ec9c5f94cdbadd65f585885536652f33fa9

SHA256
d2aa08fd49b7071f201150144f6e2bf4b6bb2644ac003a29ff154d1132e9a0bb

SHA512
defef3fb05d9bd701708558feec75faf23083ba8e1905a2c86c0508e31e7261b8dc619b79036224d0d1d87f72e49b7f9d16ca3fc1bc5dfb28dc0dcdd458f81f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
dc12e03f240de3b0cc9a42e32bea1c7f

SHA1
dd882a34a0188c8269eea18a852b26e0d8f9f1ee

SHA256
87a1a368da16824362d44422682a49a67fd1adeec346c5b396d3e6babbaa1d87

SHA512
85d30d80f988efaa30dcfec630c427065595b50817d71ff1a2574163480176734132b7895b3ca30f9b8a7f39fd0deb0f8f5c99d2ecb974a5168c7e19333afcf5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
15bb7e226da85dec52187a1492a87506

SHA1
5dac9a1a72f1d42f51d4636a0dd89885f3790b07

SHA256
57d5a1738e7fea518845a3ad89c4cfedce9535d45c8df075e82b2e3e0e6907b0

SHA512
24c680294b5d039ff7a29d441974e64696bbcf4aba4c63a440232d5c5df87eafcdcd88848351e3a21a863b513bf0dd3757e55b8832748e7b08f75f9ed06b6f7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
ab608f7ea8277cae3b932b17d574fba9

SHA1
eb9c37487ef7600a2ce46d333a04f18fb2101a48

SHA256
51e26c31e8b62a326119dccc43a5eb8c65ad0b4a25b28dcd83f310b8577472fd

SHA512
690adcd1fa34798eef5b1db93012dd0b2cd5c7043afa42634ce96f16b82cbf24ca46ccfa0f6a467cedf225aa0373db417afdb4a9dd089eda56c9fea9bdcb1804

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
d94321004d037f6689b797f15e916f21

SHA1
542220496c4cce23c2a2a959c288d078e5ae5f53

SHA256
c6405330df0c3003bbe185786adef1b83a24f0f5a18f9ec47e05e521ad43cbae

SHA512
8d478ac467cd1e6052411ca3318a8b4ab7c44653e27646a6c2bc6e26368732051b14085d064c9e83a370181f02137252190764c4f7246245ada882662ed5730e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
b7fe12f6aa01e96fa2b721b612507caa

SHA1
dbe7f24ddccb34478240a38431d5f795ba0cc9a9

SHA256
a55c9a25210a966e1cce2543bf0f0dfeec94515049fc6ae6014ef3a3ac1b4df8

SHA512
f2baa0d8f3853c2e3539e37e8ea0913eaa73bde93c493e697a1159ea390be2cdf2070aadd2900b1ea38f9b507d32b231e7b5a11c59f869344fbe53c547541b09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4554e1321c59941726a0154f64e7c1e6

SHA1
4fb99531c0695de4ff4ffb9afff0c805fd26e550

SHA256
86be0903462314ffe378557e3499500880f14d7740b76d9c28f301da43402581

SHA512
4cd8fdfda72e8ee7b4da6a63adea18f9ddc5017e51b80b1d9fbd01b349a2f1859f0e1a65123567f34b1a857fdbc867463a8c65406c80acf6e1d7c86ce57e42d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
ce80b63c1f943c939dfadadf7b1633e1

SHA1
eb1b73f30c2aca160b7f7e440ecdb5dc1d2305e3

SHA256
2c290cb1999f9ecc0e543ffef1f4b37684773befb9d69118ca00d84b01531661

SHA512
e193a9516192c3744e03cd30a05baab4cc4c4d790339792d788353fb06d6dcba7d2d8646950d1620667f075c732b9a3df0def9f03f3340a6714276304b5bc343

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
c1ae6d6a00bf559dbc2d38fa489fb304

SHA1
2a72651f8b0a8b699d22a56bebd5aa2fa9d3117c

SHA256
ab735f97a2aecac79bb33d2c78eb5819357fab814b735d8dcbcad827bd236233

SHA512
26b09a7caca161524327f5588c5839285c1e381ca75fb40c242aa2ff10f395d9668d539b3ad6b1328664060cb447ac9d7738a2136fa8218483ddb2cde1e470d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
60d3ca2ea6dae3bbecbf64a49850476e

SHA1
d55af3bb317352ce5bbf23cba57e77f3aa0b5288

SHA256
59d7ba438ecd15caba2e11c6621f6b893144cafcea0dc1f8fbda4a22bc5b601a

SHA512
0daefca9cb65ad285ad12ac08ce4e5265b2bc98236c5ced41878d60046cd40858dcbc7ea915a032ceb6cecf7a4098ac04113ffa8aaab7a57271431730dcf0de8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
daf1ac9cdf3abfe6b2b897a777c6e79e

SHA1
7f4a46509d2b63ea7df54f833980d6ee681f7dc4

SHA256
1104c0f2a2651b3d1fbd9586635210a035f7812000483ae9f9db6e3e4705f51a

SHA512
f416a2b5c2c524ce7ba00673e8eccafe47f64165b6a99ef88c9cd6e3d338b82d2b568b2dea12880a0b666ae010297e4c2ea15c1734ca99a266218131475aa13e

Download Submit
C:\Users\Admin\AppData\Local\Lossless Scaling\Settings.xml

Filesize
2KB

MD5
4f5686511ee8bc682c3ccc745b3e6c9f

SHA1
5a37f58f1169c99fda2d4b6ed1ba9871d7fd40b0

SHA256
b1b8ac889843cad290769fe5ce77857709e8727f5d174e171ba164aaa3b18727

SHA512
e83e9c87b15ee7c86efe80b2207ad5574be3b284ae68534f9bd466dfea7d2329c0ea92a261777f48ab54c389a1d3e097bfb12159c7b8d46573230c74f1e971bc

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\Downloads\Lossless.Scaling.v3.0.0.2\Registration ('Crack')\Double-click, confirm to merge, done.reg

Filesize
250B

MD5
ff047b633dfa3af4e5b5c78c1c84515b

SHA1
edca05a1a23484322da3932074af30de93d4c041

SHA256
963e9de4561957e19eb200c7446aaba4e59392040eaa5006717bf826a589cc21

SHA512
3e0f46a9c8626a6f53e710676b42802f014f9bac8dbb1af58e42c3e1f7df80ca074e137d4b98fa5739b07028f11eed7f569b55232a2c85dd5d8a7b23dc8420d3

Download Submit
C:\Users\Admin\Downloads\Lossless.Scaling.v3.0.0.2\game\Stable v2.13.2\Lossless.dll

Filesize
4.9MB

MD5
a434adaa525e7d97a4cab2aaef00a2da

SHA1
8beaa8834c49ac5183660e56212096904f532a97

SHA256
82af77823e0a5851635416339018b03e67f11199fe2692843b2fcb367c3c30dc

SHA512
9424a2b919b3ec29e15648218d6ed4660639ffe68b7d56644d4da6eea95aa99817b11d35755c18e45b2bdde0c7369126cdd838f390746aa2490855e148c7d944

Download Submit
C:\Users\Admin\Downloads\Lossless.Scaling.v3.0.0.2\game\Stable v2.13.2\LosslessScaling.exe

Filesize
954KB

MD5
b480d9c89ad071d6fc0894b0e09f6843

SHA1
85d0ea7294942ccd357276bf29aa67b2bd5c05be

SHA256
86b37de72531fc3442e30dcf3152c5ee1d314e6a58b482fd2762ee9039813184

SHA512
618ce021282ab2b6108d7386ab018904668f0bcb667f21f95041eb584d9feb570c331f7668ddd23afa26725a6aa012a071bd61111d14329d0462473a5a3d2c3e

Download Submit
C:\Users\Admin\Downloads\Lossless.Scaling.v3.0.0.2\game\Stable v2.13.2\LosslessScaling.exe.config

Filesize
174B

MD5
2a2df45a07478a1c77d5834c21f3d7fd

SHA1
f949e331f0d75ba38d33a072f74e2327c870d916

SHA256
051099983b896673909e01a1f631b6652abb88da95c9f06f3efef4be033091fa

SHA512
1a6dd48f92ea6b68ee23b86ba297cd1559f795946ecda17ade68aea3dda188869bba380e3ea3472e08993f4ae574c528b34c3e25503ee6119fd4f998835e09d7

Download Submit
memory/776-1507-0x000001F4FD760000-0x000001F4FD768000-memory.dmp

Filesize
32KB

Download
memory/776-1499-0x000001F4E1BB0000-0x000001F4E1BB8000-memory.dmp

Filesize
32KB

Download
memory/776-1509-0x000001F4FDB70000-0x000001F4FDB7E000-memory.dmp

Filesize
56KB

Download
memory/776-1498-0x000001F4FA3E0000-0x000001F4FA406000-memory.dmp

Filesize
152KB

Download
memory/776-1497-0x000001F4FA2C0000-0x000001F4FA3A6000-memory.dmp

Filesize
920KB

Download
memory/776-1496-0x000001F4DFD50000-0x000001F4DFE42000-memory.dmp

Filesize
968KB

Download
memory/776-1506-0x000001F4FCBB0000-0x000001F4FCBE8000-memory.dmp

Filesize
224KB

Download
memory/776-1505-0x000001F4FCC70000-0x000001F4FCD2A000-memory.dmp

Filesize
744KB

Download
memory/776-1504-0x000001F4FCB00000-0x000001F4FCBB2000-memory.dmp

Filesize
712KB

Download
memory/776-1500-0x000001F4E1BE0000-0x000001F4E1BEA000-memory.dmp

Filesize
40KB

Download