danabot | hxxps://github[.]com/Da2dalus/The-MALWARE-Repo

Analysis

max time kernel
899s
max time network
889s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
16-01-2025 04:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Da2dalus/The-MALWARE-Repo

Score

10^/10

danabot banker botnet discovery trojan

Malware Config

Extracted

Family

danabot

51.178.195.151

51.222.39.81

149.255.35.125

38.68.50.179

51.77.7.204

rsa_pubkey.plain

Signatures

Danabot
Danabot is a modular banking Trojan that has been linked with other malware.
trojan banker danabot
Danabot family
danabot

Danabot x86 payload 1 IoCs

Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

botnet

resource	yara_rule
behavioral1/files/0x0009000000023f14-797.dat	family_danabot

Blocklisted process makes network request 20 IoCs

flow	pid	Process
180	4944	rundll32.exe
184	4944	rundll32.exe
187	4944	rundll32.exe
188	4944	rundll32.exe
189	4944	rundll32.exe
195	4944	rundll32.exe
196	4944	rundll32.exe
199	4944	rundll32.exe
200	4944	rundll32.exe
202	4944	rundll32.exe
216	4944	rundll32.exe
217	4944	rundll32.exe
219	4944	rundll32.exe
220	4944	rundll32.exe
221	4944	rundll32.exe
222	4944	rundll32.exe
223	4944	rundll32.exe
225	4944	rundll32.exe
226	4944	rundll32.exe
227	4944	rundll32.exe

Loads dropped DLL 4 IoCs

pid	Process
2388	regsvr32.exe
2388	regsvr32.exe
4944	rundll32.exe
4944	rundll32.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\V:	ChilledWindows.exe
File opened (read-only)	\??\G:	ChilledWindows.exe
File opened (read-only)	\??\H:	ChilledWindows.exe
File opened (read-only)	\??\U:	ChilledWindows.exe
File opened (read-only)	\??\A:	ChilledWindows.exe
File opened (read-only)	\??\L:	ChilledWindows.exe
File opened (read-only)	\??\Q:	ChilledWindows.exe
File opened (read-only)	\??\T:	ChilledWindows.exe
File opened (read-only)	\??\X:	ChilledWindows.exe
File opened (read-only)	\??\J:	ChilledWindows.exe
File opened (read-only)	\??\P:	ChilledWindows.exe
File opened (read-only)	\??\R:	ChilledWindows.exe
File opened (read-only)	\??\K:	ChilledWindows.exe
File opened (read-only)	\??\M:	ChilledWindows.exe
File opened (read-only)	\??\N:	ChilledWindows.exe
File opened (read-only)	\??\O:	ChilledWindows.exe
File opened (read-only)	\??\S:	ChilledWindows.exe
File opened (read-only)	\??\B:	ChilledWindows.exe
File opened (read-only)	\??\E:	ChilledWindows.exe
File opened (read-only)	\??\I:	ChilledWindows.exe
File opened (read-only)	\??\W:	ChilledWindows.exe
File opened (read-only)	\??\Y:	ChilledWindows.exe
File opened (read-only)	\??\Z:	ChilledWindows.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2996	2244	WerFault.exe	122

System Location Discovery: System Language Discovery 1 TTPs 5 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	DanaBot.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	regsvr32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Avoid.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Hydra.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133814761252328417"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2878641211-696417878-3864914810-1000\{2121D516-E4A4-4B51-A79C-F90462D689B8}	ChilledWindows.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2240	chrome.exe
2240	chrome.exe
3436	chrome.exe
3436	chrome.exe
3436	chrome.exe
3436	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2240 wrote to memory of 4912	2240	chrome.exe	84
PID 2240 wrote to memory of 4912	2240	chrome.exe	84
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2352	2240	chrome.exe	85
PID 2240 wrote to memory of 2084	2240	chrome.exe	86
PID 2240 wrote to memory of 2084	2240	chrome.exe	86
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87
PID 2240 wrote to memory of 1060	2240	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Da2dalus/The-MALWARE-Repo
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffdae9bcc40,0x7ffdae9bcc4c,0x7ffdae9bcc58
  2⤵
  PID:4912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1920,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1916 /prefetch:2
  2⤵
  PID:2352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2020,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  PID:2084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1828,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2432 /prefetch:8
  2⤵
  PID:1060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3180,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:3120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4544,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4636 /prefetch:8
  2⤵
  PID:676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5148,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5040 /prefetch:1
  2⤵
  PID:4664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5352,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5388 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5548,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5508 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5292,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1668,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5356 /prefetch:8
  2⤵
  PID:1372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5036,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4636 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5752,i,12952588140452595584,4566155898652526091,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5252 /prefetch:1
  2⤵
  PID:2964

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3884

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5116

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1968

C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Banking-Malware\DanaBot.exe
"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Banking-Malware\DanaBot.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2244
- C:\Windows\SysWOW64\regsvr32.exe
  C:\Windows\system32\regsvr32.exe -s C:\Users\Admin\DOWNLO~1\THE-MA~1\THE-MA~1\BANKIN~1\DanaBot.dll f1 C:\Users\Admin\DOWNLO~1\THE-MA~1\THE-MA~1\BANKIN~1\DanaBot.exe@2244
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:2388
- - C:\Windows\SysWOW64\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe C:\Users\Admin\DOWNLO~1\THE-MA~1\THE-MA~1\BANKIN~1\DanaBot.dll,f0
    3⤵
    - Blocklisted process makes network request
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    PID:4944
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2244 -s 464
  2⤵
  - Program crash
  PID:2996

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 2244 -ip 2244
1⤵
PID:2764

C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Avoid.exe
"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Avoid.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:4908

C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\ChilledWindows.exe
"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\ChilledWindows.exe"
1⤵
- Enumerates connected drives
- Modifies registry class
PID:1536

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2fc 0x41c
1⤵
PID:2984

C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Hydra.exe
"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Hydra.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:1052

C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Melting.exe
"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Melting.exe"
1⤵
PID:3044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
c8545e3892f454f971d23bd243cca3c8

SHA1
643fb42661613979cc014a8d67bd2fb7437ffeaa

SHA256
5a12d76979cc4f86aaf839d71b5decef00d3bff260d26f76a4c877b54e9f1d04

SHA512
2c4161e49fe5cd7340ded8c06bd6db0b79337872dd96b047e6f02315939076c938174bd0dda7cc7b73e1ef591e8e43cb42a50d37b90079a9bc6281b9b1479295

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
215KB

MD5
d474ec7f8d58a66420b6daa0893a4874

SHA1
4314642571493ba983748556d0e76ec6704da211

SHA256
553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69

SHA512
344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
41KB

MD5
3bc2b6052ff1b9feff010ae9d919c002

SHA1
dd7da7b896641e71dca655640357522f8112c078

SHA256
483a3494759a05772019e091d3d8e5dc429d098c30007d430639926c3ffa16e5

SHA512
0b1632b73fd87e8e634922b730f83b7950e9a39697a46a3429f0bebb3f1ebd14c815a4651ee8f663a437d00ecbeb6ddaa47b2fcad719777edf1b1de8a7cad0f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\73a9896da2e8f016_0

Filesize
280B

MD5
24257b2ae35e7565783e584bd6f6a49c

SHA1
3647ed4f7086f777d41c7b6ded277bc42ce14d70

SHA256
a457971185b22bfc9ec331abc35d87c904c84d68568aabd2eb564e61ab44bccd

SHA512
51357b9c6304c832c6a18a674e3ecdb340a3aec728161fae5d2dbb4933f0e2c1bd128b80782836041bb0c9b97f328d3e7f12cddce7d3073bcb5955c07b670c71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c66ddf7a6547e2a9_0

Filesize
19KB

MD5
b74299600510546e784d3c41cb1dc8ab

SHA1
77db3bdabb13fab74b137a5ce4a76caa4a7670a4

SHA256
dd559a1c1c826d2fcb6a153bad2683f4257a6a6b69ff81df28b50343adc48ca8

SHA512
1946e30883e51f58778e8d171e9a7ae327c5afc572c55e6d5fab2bf20e03d44c0ba1981e8bcbb14692ecb4e2cdc025afda595546be0cdca518d7810cd5f1f0cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
6KB

MD5
4e894141564a3a104ad899f873ce79a2

SHA1
34849a9b2cc4793f3571e2dcb918cd6334d96cd4

SHA256
9c2f14e44f33bc15356d1a2bce70ea369e534e3f101e9bd5c69b75ad4958ab07

SHA512
a7a612913148bf2e35777140f14cafadb836903089ec7c30ca89e9d84f7ada6e9d18515ae47a1efde88c76d5fe6d7429a5a8a73e8bbdb89698a87689d8d0de81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
88e3b17edb151d51e45f5c4ef7e706a9

SHA1
bbd517f4f37be992c2b60c49788661687c4dc1cc

SHA256
7ac06cd03bae4e3e6851a2ae9f4168b9dc198734363f260b9a07a29208105544

SHA512
c815cb9be6d4affb1d3f7bf8a83309c2b5f4403d2e98b71dd2e2e1e44f5b47820544d693c0cc5a634e9054224a8df536f87bc1efc7b6fb7418cb4f9075d12af4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
0a695de6958e53da532d0aaa84ccba4f

SHA1
ef39cb631d1c22746ccf41a8c91b6b70ba52e68b

SHA256
0af62b9731eefb318a113cf6566971a21ada94ef36e9ecb9549009863955e007

SHA512
efe5052898a362013d4f25df01cbd6057425b6a7d2684d9cacf17c04e617a642a46358f670faa20fa1710408bd8d294f5af1d66a52acd0811b248e9951c594b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
68a93d0a7c1d209d7224e517db07bb14

SHA1
079fb13284aefef3fd4f56dc357290195cd404b1

SHA256
499c7ee408a9e4049d753a87bb7c7d063b6525e9a3649847f90bf5630a521b03

SHA512
8ea8ad0953d0ff86c7a072c473e7b2c7e36a2e10944e917fb86af36ee80f0eba7139c7ad575d677bc2ca26f308dd3389078c116f1cb0a81d6de94ed098c858ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
d65410b404cf29e55b5e54d3542f7cfb

SHA1
c87d72ca6f7d29211062c66846cbfb4ccaaa989a

SHA256
a917422e80048495e5591f39cb9d0b287fe1ace8d9306bfc10ce360cc979cccf

SHA512
228397cde8697a651872c7f3560d51df21b2d16e5905548cd3db7a95342bbfa452d086164cd5e620c3e99cafbe51d647ffea34be82cc89eeb5311589ac87a76c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
378fea4a207e9fd755202c4a73ccade2

SHA1
bf8be6981929dbde41c523492d55d87d63ee8d15

SHA256
92a7bb5dfa4ec61cd42417df99617fdf29ae4361360b2d473262657df233c591

SHA512
40d6ce348171cbe63891eb72764dbdcab36acd83a0c75f0f3220b552d92593ca6bb7d0bb468e11b85718bf5f5c46a29613852f8fb5e5a595748d5a5af5da2e35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
81b15398314087be12d1995397bd2962

SHA1
36a0d2a2e54829186c723cd125e3f045ebcad0c3

SHA256
6640016d2d28c9993bb6a2badc0476c472df7094d081bcc863c24423dfc19921

SHA512
cfe758944ba7d99b459d34c44d86aca70ea0b1da98c6c3b933aecbc035d9ae86666f9d82ad09b260d2b2a622bf3cbdfece16db39130c324c7f5b8c7e7dac174f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
81129153334761b62fed9a8745b8bca9

SHA1
fe77124fb62d171030cf09bbf3e68254d7d1193b

SHA256
5df6cf6596d71d3dc6bb0e52ec8c45516107ecd281e032c5750838a6eb12bd02

SHA512
d8b4aa0c9ad82b48c94cb5f3b44b68433fe6b7b058564ca477a091591e3abc07b9d97705a5b6d22556f527be351de756b9c54a0da70afb56bd310c5612b9302b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
021adb64641328e87acc40d285a38791

SHA1
9f738e964060a83f7ae02b0474ac2991ffbab67b

SHA256
f0c4140ad1225082cb161363188772e248b65b4f999306c2f3bf8a0ca15f3d3b

SHA512
d377c08c793587bebae915c3879e79847ad7e1718a9478c00acc21d77173a8907de96295711fb22113248b845d1a38fa13ea771f8277dbbb9a04da8d77881fc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ad07dd6f092b12e107c6e0aed4c60cf8

SHA1
fb46ea0ac8b9ff758895ac11703e2e85db29ba74

SHA256
14dc0994f5e193d50490db839abbfd5876823a91d2a84411a71f857d13097539

SHA512
543afe60129ea16454f884e881238e365022613a4c2bc6f4e0750b7a110f5b4c4f528ba95de245e59a71d4ecd83d567cddecd6a37ac686ef863a34da581d5328

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bbdc09598baf3c7c93cd559c8bbd0a5e

SHA1
c1e7365d421e38031c52a70d7e7192bfb78bc2b8

SHA256
1f7723f93c71834b1bd218c98988401182f3558d33e628a5f7a946f9f76fefeb

SHA512
a24f5169538aa0f94aa677073cd8703f3c93dc289552ca5ef605860f6e9d659d1ecee87b3c24a991ff6a6955f56713cc4fb34c7680623adc2f0861ab10f31cf0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7e9669b5952a572daeb3ee1fac48bd41

SHA1
e19b7218017fed55a1ec7165feb87458296bd43f

SHA256
19311fb2cba738989acebe116f4e8ab125ef8171b9f39ccc44c6ec90d4b3f16f

SHA512
b2c902cdefe71e8c7ac152c135504880d56ed9c8abefd406462228e23d8137a5829f8c5a81aff871822412f8ccc7aa46652cbff504e071a5c758e988b4d5581e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8e98ddfc332563b81fe6e140f6d41ba1

SHA1
38df5e3bfe9a9a3cf746ff32d569facdb4bf90d1

SHA256
9c9cce0edbe75a2cf6d8b8811ec1c6e2ecf083fd5167f02bcb281dfa1dde10f3

SHA512
6a6a8c10c3d2ae210e8ea0380a23a3e1bb38568a28cf06e72947f8e3df04e7a847c9bbd770869e676073792c0dad1e030dd0083e1bd85d6f7e2a9d089ea2a002

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f9861e67e6a60de5190d653b2a1ebb82

SHA1
a6715841f72867b32c39c970e183418e75eb9448

SHA256
b808c54828a502c69425e5e1fa9441bbbae9a59e735b367dce6412d1f0e11bae

SHA512
ebf6b3e9b2370608d2f8a040b9a52efd202d90f4e62b4768a956e4ea805c227f3a13da4b8d835d7214cc27d0a76635f99c42c8bbf1c6baba39e6eca11d74a52e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f6be3fbe6d9c4b15fc527075fbfd0599

SHA1
8a62fb0a65d8bbb018c5c58de68d37a0a4828322

SHA256
4e130bd6ef0b295f0d966aab0af43efe116029e64c3fdc7323ccc19ae5a3429e

SHA512
5c0cd60539a1e4b999d0bce0ae0901cae829a8caa32378fae8dea0716842e47f604046334e7ba2a7d899f4ad0c49fef794a8d1bd2d1144be3a24849f7510bbb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1e9e8c59d1bc31a28e9ab9189a82cf6e

SHA1
7371bfb2b63951e0da705f6c8b4278b92be1cab3

SHA256
14c770aeaaeb8406fd4a645bdc216e5df94e49016a91741ef69bf17fb1262275

SHA512
cf7dbfdf4ab7f1c734cf103f5fd4d181c44647251ed4be7ab73de34e9d8b977b2c262533503d5a790b5e1c7e9ec348d2f63d17dba60acce55aab78cb7f3574c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ca28cafc4e12f13c5b30ee7949264eea

SHA1
5004e9c3f21f0ede9e4dbdb28fe0507516adb572

SHA256
161e78ac3a2fea214763f2cbec150e03e63d8fa6f273298283948d92a15e4e17

SHA512
a1b66339d255dca823518eb42388751d2a97af761deb2e7c1ad64d418f62fc7145e86ad50f3c047ef883767e66fd5e8d2dc7057242d4c5a2bb6ef7e08490d67c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5f3fe840a09c0bfb055435d28cf6c5d9

SHA1
ae76aac3bb3737b3735ce5f4b8bc7ebed2828b41

SHA256
8a77193a380b688d5d4bf668dca75d65b10f4fca5fa17b084dd242204caa3f25

SHA512
521135da3f69e7cd01bd034c79e2e9fe9df64bafe3e3e6ad236420d5b42e3b4c9a309f13e0ad12946e007f193bb7d42a39e8a5850e5658ca7776d1bd08b6d338

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
25a1dbc42228de1e3916e356404772df

SHA1
82c7514ce3a9a631126a6c83ba64858e355b1ac1

SHA256
e8b092a43de081bb410bd6d0a3f8a0683c3dfd9b31980f63162a9cd3ebe68f33

SHA512
ba0c6c5526af5fab750a07b92e84f53293c769f8c94a2e447af0902a70be4e292a9d18756f7dc77a73f57fd9727d829ba0c76227e8debba66cd43b77d2a32f95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
bdbcbffdbe6302d65c01b92a2d85f71f

SHA1
997fa827e51898f0479ddd87a7ffabea7fa98ac6

SHA256
a44d0b5dbf31ab0225199b523c817a155ded65ed96ef782c21c979e8cfb07db1

SHA512
1caf5baa353a2c3760db81e895e972a42c970d9454d4d69962aa3c96cda2822b7353f5c981f446408ac1c5b8b54df6e36452799e0c9992e3689840ae906c6e50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
03fb9c4d404abfceab16442e43254c55

SHA1
61adfaedffebd8184bb67578ba5497d4d5aa0171

SHA256
4ae290064120eb65b8190712b92da941f63e4432eeb2b1aef7e413f6649c5398

SHA512
5ad2ce26ea776a54e042aeec8e268ef24e803b35f40ca08ec6ad9bdbe7e56e26554e428e65f55c2244c1eef15507e6a98ade37c32abeef615518e22e69769633

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
085164ac2630df74e75354fe06a373c5

SHA1
4313a23c7e1506dee1ffc49765eef7930269cac3

SHA256
a7cf22ef2caad290d522901e5ed33a98c6accec272ff64c5e4f9e51d9e8506d9

SHA512
f3c2e8a7224c4cc4934df871d9bb51926b79404d1cff33efada4ef2d4158d487f20ccb0d1da6d95c64d545590c3757e0228371326e1ca05d18f0118642ea19d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
22c1b63cfa55ab914a031d7134aa73c8

SHA1
dc60d33639ea2ebb73d87ec772cfad77d49ee8f0

SHA256
6d3f8467f78c386cfea9fb521ec9cbbe705aa7ba4ec1e9cb66feda0e28b988ef

SHA512
ae09113f988f9c9977b647f3364ec5163371119cb2400f3f9a8307f3f8ae9ed52a25c4c94c4490ceeac4fdfd4b077d851a9e9cc8d153c13c589ebd77888c7d71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8c63dcb00cee1882c17d868ec6c1a17a

SHA1
2635518b72fd0ac16ac722ea417662bcff15ad01

SHA256
cf540c3ce6a7155fa30abe6172a5b4f2125bbe3ed72ed7fceccf364e70d5d213

SHA512
15c85550f0b870c1932bed7d014f7ae47caa9bb7a104d8a9075511f332d1852fd87b4fba7103185d937b5e9ca05f6d6e913f664a28cd6324c2f0e999a09fcab2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
92702d71fb0ac384ed9ede6b39d24af0

SHA1
1dcda9db21b72933684c6ee83afc74887a138942

SHA256
168e1d950442df25cad17c95569708dad86865ae337793396a91a219d88aa89f

SHA512
99b54681a57b882c6b8cec5b6288b511de431c05daa2a58576abc39a24fc41f3f8b7766d0f3f43f0532fc950e3283154c620301b2ec75d0dffa288d171b97dc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
3a99490458456ef5f40eff1c08b2ff86

SHA1
294adff13756ea5a3b134cac76996ba4b669afb0

SHA256
5d06b6d30a60cafa014a669d336624f618e9c58440595dfa0fb7088fd67ce34b

SHA512
ae71ddb4c9cb7bc3ed5777f319464681527d20235f980ca013f8716add7893aadc4073c1424aa57939c5da25d9872dab30eb1655238c21c4373eac92f9605c9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
14e92448de3d67373ee45fd66e2aab1d

SHA1
b065c2529bb8d563bd1771bbee54be156b16e0d6

SHA256
6279c9625b76fac12586927d86523ec1ccd0e71d53766ec02d34901f4190aab6

SHA512
7a43e83008cb5cc853a487fcd610961cf705b594659060027cfe1af8f0988115aff2f786b4c71d7a3f2effafda5cbf726b3a1cbdec01dfd803d2989931faee7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
f7370f243b0eee4dd79269936456b09e

SHA1
84d66f22b425de3b1ec9d162b1b7e69826be3b21

SHA256
dba80688909b5fe1828c6d734264a0744167beef7e6ddd951aed2ef82f9fe364

SHA512
e1a1316e192f72686cfc5d3fbb8b154b780e00f1f0900634977f47c71e4f0dd14645a8d242477f47a0e37f7b0d37c7146ca1d83695b10357fb0944802e260ae3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
1bee2a999fcf72cfa556a8dc48db29b1

SHA1
07c7b8639e48c83c4e0902f55a91ab7aa8f07943

SHA256
74f734e16c074a9efb1703cde997b0fde1f7e9170fc02ba9741849975e547dc3

SHA512
b819ad79ec1b8d036d466658464d4d09ef6da982094d403a8cec72fd90b0f8ee902b888b325259a31f74a8c712e327974e77ef600f11c50fffe4e82eb1efed80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
670d803eea29cc468ca789e99bf58dce

SHA1
9f804e219b9427af49b168f3cd2c8a2f7d44920d

SHA256
f61f1d63210cac3e68fc3958dacd5e1525e2f080c33279cc45fea848ad939dda

SHA512
07cee1661de7f3b7758287fa4485f351bf2acbc3f3d6d50ab87598b6ccdd4a288b7e98b0ce878357c07e7495bf2c36762c2162f669c54f3f0ddcd3449102f1e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
96746b181d241517c53c55c908da04c6

SHA1
4317141861a503de3fed1486d8ed48d33b42ace3

SHA256
7d449debbe7f13dbc5aff31dadf45fb548300a97565079988031596a2c3bb912

SHA512
e43995288405e00df92aed332adf7c23cb92b73e0b1a249f20d45f7002a21acedc35e7caac64cec6c2ec60d31a81535149272bde9294cd8c762e8b0bebd6e325

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
8c1bac290b2d1ef18bb70eb880b5c8ba

SHA1
6e3b26c77c658a8bb86eb2f817873d65ab8f0304

SHA256
deba5aba262125552d6f34a3d16ddeff409dbab07715d2e4f1a6f5dae3d0755f

SHA512
27dbf97f46b0d4464795c30af18609be7b5bd7e9415b959a9402acbaaadf9410b8adae9a86da3f894f3924cae2260829528ed0b45e1e80bdfd38136f35db7fe0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
604e511954ff2550940db0f8f387499c

SHA1
1dc8f11af498f7cde334f47d118e8be872bbd15b

SHA256
09a43990d0f816297269928f6d2654e822cbcb77daaf081600050a7b93f9cee4

SHA512
fb15ccfe9c442710c170652592eeafb4a1c880e26853683b302c2ee39f68ffb52fb60ba206695847cced01fa59e175c994f2070f4b076d096f281d3697231742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
20fd3774fec1518f493dd5502abc19a9

SHA1
fa4cf7801ddbcdb21ef6d404f8be42a2780ad954

SHA256
720cc18e0afaa090fa1fec292c9f1017f22cd467a003f5c9c4707da8e69b6879

SHA512
af00017bffa115a9126ceba6331135c9a1c7569a91173a70fc81eabb52a326e9f52034e7755bf8f512f97ba149cf4618e3cf3ffb720f1ee33d6e4fd38ef11713

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
501f626525ccfaa710d969d0f5c70e42

SHA1
f445fd9cc440206fe3f5045ba437af2043829997

SHA256
2879dcb1fea8a1055b339dc78f14c064585ce6b422e6e1c9a95aef037a765e8b

SHA512
87cfa72f6c31c5683346654c88e76f800f30dff831ef8f5a5c63046fa743787a26077ebcf3914b20a9db8b6e91ec1d1daa818ac7c3b42b8994375d2fd0c66f79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
28676fe66d1e489bacad060f13784826

SHA1
144017dbf934a6e75cfed364002944b58e459e96

SHA256
5cb96142a711eeeb9ff8f0f562ac02785d197e9f1d58272860d46b0a49480728

SHA512
e823c9ef8b0d880f5a320b2d48b21154f01f4dfc0863a4926b32cecc34bfff7fcfd121c56482de360abc494e435cec4dde2daf3b5d6d740c3da30e3a05f98be9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
16bf2a5e58d9005c5a5f0b0c7d1337f1

SHA1
da978717ed82c1bba34b589d8e72e5bbcec2af18

SHA256
56c32f9b1ab6d4d46630531457f4347994ca57c2426c4c2e3dc7c96987c4ed06

SHA512
f8c5b3873180fdcf9e385cada9e519472e6c57687c7fda2869fba46300937c118ecd04110ef08c45018840d98a634f5c84a6d3193bbe08ce7adb0f14f1b6d798

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
ae76eefe297fa5d042680d30d489d945

SHA1
5ceb90146b4862870f64d7be3745a3efe94b1322

SHA256
ee3a736acd6869269ff7c6359ee7ff54d45d3291fa61f13fa2710f941e4184b9

SHA512
6a7da68e208b1408799345ebcd831b800976ecbbcf7ebef60243b5abbb963dabb9736fabe5daadeafa888df22279493c7cda11374ab51bbb678bc19c3733d3bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
7fea25f8cfcdc5981cca52e7607809b0

SHA1
60350ef6f32e0f10dff53b0301887486e4309eae

SHA256
6862e64705af7400a45b2c8fb7624cc5c0315e00bb5929956e82eedaa83dfc9d

SHA512
d15ed6bdf7aa073b205a10237b05b7c05f2392fbfeef192f9cd6fa1ec91709e76b988c6571e977005730a2772054221d71b1fc717b244d5c379dface94217723

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
3dd6c6ff87379f90955f8f0c99f41c08

SHA1
670fc23890a5edd6eb182e0652c65e87753b532d

SHA256
ab9944c585427a20ee5f5caf512483e764daa2c0938d25e4353f118ad248f1a5

SHA512
f4e453e1c3c5d16d006d930ed736f963170bbc72a6043586f39c8f2cc515cfca8ed642bbfadd2f59dc5597dd9d8e584e5f454dbc902978d23da57654d15ba289

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
69e883d46d539b2c36aac9f85ad51f5f

SHA1
8ecf37ef2c9afebb9e738031b568807cb4b21946

SHA256
abebecde97a6e364bf4e479b2082864cbcfa3182c3bc0dfdf303ff7fe824c62b

SHA512
6adcfab1c7c5166491752c475d7a546799234277098891d9b8d69a8108a6267c2815f8f520075e5ce2bd0b926087900b6aac907151841ccc22a5e27f446d1ec6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
3663a98e502c4a4b728fa52df273722f

SHA1
44c3caf4d66381ed198e1a949eebfa2542ff1281

SHA256
8aff45512466ca7c3e8bce29dd20f391329732fdb73683f962988f937f604180

SHA512
70bfb3aa35592eecbf8f8c02112a74f2fa79f124e6eb16fd9bd1f7d064f4a232eff74d1890bd32f48897f1026855d2364d99dd5cd1bcbad6d03a7e1ab5de47df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
386b3732654a2bb9480250ef7477767d

SHA1
1bf4f7a9ba1e6f6c6795d96cd7b8bbac21335dc2

SHA256
3b0896fe2d2cbc8f1e154364c11a81a21f87eaedea280f2413cf2ecafff3d0a9

SHA512
d737c739a7d7e5134d308169e88b07f2f03673b357f2cda01ae43673f3894e512f62b4200942049ae1d7aed277ab2f644f083563f264971d61ff237e620c0401

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
0e5dbc22ac18b5c8a3ce55e2770d9285

SHA1
fd32d48261e638493a61bc1e3d2f3557933ee7f8

SHA256
360f9db4f07dccba1915766019927d33931064c058fd7239de9c03df2de6b962

SHA512
b570e4666098ff27cf712f990b6918b5e04813569d1f237c9137274b31a57a6e9cc4ed4288324ec9dae2a10dd729cc5a6f9b4bcc7f1c0a468cbdd9439564de46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c88d9bcb6d3ce1f88ae325fb78251c63

SHA1
0abd6282a7f4f508c43dc991cc7b93cb9976b8d7

SHA256
fabef8e0986bbbb7111f242fef7e4babb0714aa4ea47065920a619ed1d09fddb

SHA512
f44319859b47cdf0637eddf8788aec483c1a35fddaeb8e5d591c0882dec3c15e47ced7dee5c5ca073e1a0f2cdde40673a8f1fc548e2af02eca8c2b2a1b1d07ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
7ef88c28c5c6787ec701f9abcee6fe12

SHA1
63a7b6ae8dfd581faa5712901f7ecde5a163dbff

SHA256
a3e9cf2e571cc4172f145341fbb2f93ca855dc01502dc0d3533ae7e12dcd9d0b

SHA512
eb01bfdfba84e06b19708d0967e675f0db6702b88538e9b453391fb9e9963cfbc95235d864c03fd574ab29a5c6f350cb246f4303ac68c0ec8e74ba22a76fa7bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
a341d787e1a3954278859a8a2b97ba54

SHA1
170815b46ae0e6bab318fceb55a1d700feca1e5c

SHA256
664977a06e31dce27310c287d0658cefc63e1ccfa1c898e7cd2bd7d54be57dde

SHA512
ef8f2e570da2c097daa8b92514380f71db649c6fc754ad129cea5b8a439fb7057f43bfae6192445e60508b54e5f85039ccad44910514348482e227edacf0b219

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
aa67d15766b0ffbdd0077f55f65298e4

SHA1
54ca7515ab03d43d506a017ecc17bb025fc7a3d9

SHA256
17183c9edcc83200385234fe4fba3a204108195a4811bd2bad90b26dd207f5f2

SHA512
1e47cda02d4039301ad117af637a85b29566f14f825f2852642aa5d983d6e6024c6226f418acf60c6b743f3356f12c702cbea7e31a4451a70628b63d5bce85d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
ec551cb94307bd526af258b151d45a07

SHA1
c3e019c740eefda8fb67bdaa0bb4e1c35ad4aeab

SHA256
91e86a0fcd75d9b247c6aae36e072e7898a7a56ca0d6a398f84bbc0810d22d60

SHA512
e72700d49fa129d18ba3202cc80cbcaee9484c9047b14945c0773d2c244a5411682b1c7d459168b5601d45e0613808741b5250e368c4b85265fac130264e8869

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
4adcb4f184740b23cff17767695a6627

SHA1
7ac87b783ebc326cbcac513dbf9f4accba45be6e

SHA256
5e42d19b083e6258dad01153fd31c8d7fa080bbba2fe233478b0413d0b32e3aa

SHA512
debd394850fcfb9fdd39f2e416b0132982a5eb2f2fbea9d8814c56e96d7582c79841e8df821249971c8c0646c3111c2f365fdd0c386352e5237682d2991daef5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
4ebcd140509fb9374a2f9bb73dec9e6a

SHA1
d0b5a1676a20b75e38d7e231c45a8d09dac68c57

SHA256
3984702dae2e93161e779d388faf2012d3e08b615134601ca9a60670ada41dca

SHA512
7a1e1dfc57a6b956ec4dfe2f8d74b52cbf1175ba0a34319668867e44a268fc150bdeffb92c694de713fd9c368c55513ee4cfc971d4230ce557802ce300bd10c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
1187285224931b6ae88464047793a17b

SHA1
58631854adae0ba582fcbd46626a18732d02990b

SHA256
1455e5896c5329daf4a8e00afd837f22981081953875b4028ca23059910a7f20

SHA512
496ec41e64577a4f1362bad9c8a32911f13b4713968e505730fcc281b1e5ffadbe62e34bb76b8ca69b7a58b1c1a44db13cf2531dd0615f9fa054f9e50c99c482

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
b9c477b205324c8c262a6b01cd575f2f

SHA1
bbcee437fb2627d27604ecd058f1e19849fe8664

SHA256
b5a8a525fccb021ad90ce25ebff36ef1826ee201f871b0e30e3e96074d83b6a6

SHA512
ef9ed82105ef69cc5b744d2a03f751c742bfe85dc288f1dfd5d811842d6cfb4c4634dfa5416a7c9fc397c8c06cd38c6ab01bfea3604503f2b16db3a442f619c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
cc8c94e840411ba64e555db2d651cc80

SHA1
49e5e2c8c2256a643f4f66dfc4f0e9189b4105f7

SHA256
41f2267dd3cec1de0791ebfb9097e44c63ad51af90633c5eb32b76355aefb258

SHA512
5147defee8707b0445e2e8bb24d1fc8776b6a6401c024d100e53cee59db78606247736e16f08589d694ad85b0b1f7fdfd10b3a65f6a58941de6d43bcda68d86e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
5a5c522511c5922977fcec3124c1df86

SHA1
8145dad3063f2acd7495bbb721fb1b54def5f816

SHA256
7d35eb673c475fbad63d1e83de7fb62ab6e9440791a2b1a9b38ca4fa882f61f7

SHA512
b9307f3c31e8f6e1c1774910266899348e65fbe6b699929089cb7cccd0ace8290f05dd787d2c35e2612ea9c8ffc2435a34b08fcfc072167493db5d4defe20668

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
dd417722423dc4e921c96aa5500a142f

SHA1
b8d6468e549c9cbe3942555b6d621a280adb7220

SHA256
45c4f4c4bce51afe3af92d90967570209fba2a7238c1267dc941509b4c3f8bea

SHA512
9d3e5ce965e5d1693742918e9c0eab50c155965e263287b89ee849ff59dd0382c29d8afd62a244dd327a13c4915ecb26f0bda46cf25b18e8512d340984e4b106

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
00351f4593cc4dcbeef71820a2eb9f68

SHA1
dd261ed35551faa313bcb57d4f52556780d786c6

SHA256
b47feb616e49066d3bba485100ee2050aa747d4687ff8a9af9022bcbecba53fb

SHA512
899f0b44e83903d6f04939d3b0bbce94f231cea1878fffa5ada5eff05dfdf5328d646f0c513662984fb76cfb157d21e3c7d740052c5fadff7bf06e7f66b46c8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
da5a24ec9ba2619f0f4db7fbdcb427ee

SHA1
b9fb162966909f13693a32ec068b53ffefbf3c10

SHA256
6e4b7868564a7faf3fec03e5fd9a416a3b6698014d0bd323a3b2bca2bfd7021e

SHA512
87e901c75a6f85d5585bf9dd27539e0c763592c36394cc4574ece93ba7ace4c83246a002ede736828920cf446311f4ae519a54927109d7303ade489b252d6417

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c8307f0c33b686559e90c3e086cee442

SHA1
e581376febe689130bec7ee10850f5b3c7f9de04

SHA256
9614713cb2db6e387ae10669b07bb74a185b7e1bb809ff26081cbdc96ba30495

SHA512
38470a367d5be9f02f344dfd032bdd0f3ebc0d0b3c2e89d798fd4b04446659d3a458f833836be2bf4cffe09b5c335e3e045340790a53dad9c0f27963f392849b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
d30ee885cbfbe12d9526016930ba73aa

SHA1
154cd2534215e992f71e32e4aba74a41a19a48ca

SHA256
34354251252cefe46a2910fb74d16b3770cd850823b4b8555dfcd1c7c60fa11b

SHA512
be6bb8286d461de1d1691360215955126699862204e5218599c06705fd7b1a261c5ad2d15284ecdb666c71a3ab007a04143a473443af1c251c4472c54b166025

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
37fcc107473630b94c674458dcdf6f69

SHA1
2bad1b120c49917ec830e10d8ad19f2207856857

SHA256
4656672a7c472d4a961aa27db8257d444b485b74c7bce1715a3f56f46a3c77ac

SHA512
92014d19f2461813c597345775d874004a2e0f9086ba426ed975db8d7d695962fdcc6d483bd9cd2e6037c6a15fbb3200dc5b0e73b28085707bd27b8181eba9b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
de2ecf2169eb636577d074c43519790c

SHA1
f03a3e0de11e522ef5ca4f7b72f5684bbf38a639

SHA256
dd57be4ec4d0bca86f8cf37012980e848e1b554a2215068bf9338e5d0ce6cac4

SHA512
b5d015b3652aa2c8fbe4f8e1becf1553875e1480151d44c3c745b261d822199d5b71b013957bb7ace1d66ae31453d4eca92618510b89b787012c3e28d2b70cd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

Filesize
896KB

MD5
8eee833df66f9ea1092e2113e4f9d345

SHA1
6a36a50597ee6a33c96f901eee4aa4263c6a09f4

SHA256
f075e02323452398946318d65a9766cc5e779edc99165e8c50421345ab0d410a

SHA512
9dab7f9ae84ca457c4fae740cbbc7a841b9994309d4f10ef2e041b2f40aff7a7cae1c08bad16619c98f9b80b8d40e3e8d5ac4086da3c6c8a53ae95648cf22de1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML

Filesize
9KB

MD5
7050d5ae8acfbe560fa11073fef8185d

SHA1
5bc38e77ff06785fe0aec5a345c4ccd15752560e

SHA256
cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b

SHA512
a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

Download Submit
C:\Users\Admin\DOWNLO~1\THE-MA~1\THE-MA~1\BANKIN~1\DanaBot.dll

Filesize
2.4MB

MD5
7e76f7a5c55a5bc5f5e2d7a9e886782b

SHA1
fc500153dba682e53776bef53123086f00c0e041

SHA256
abd75572f897cdda88cec22922d15b509ee8c840fa5894b0aecbef6de23908a3

SHA512
0318e0040f4dbf954f27fb10a69bce2248e785a31d855615a1eaf303a772ad51d47906a113605d7bfd3c2b2265bf83c61538f78b071f85ee3c4948f5cde3fb24

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\chilledwindows.mp4

Filesize
3.6MB

MD5
698ddcaec1edcf1245807627884edf9c

SHA1
c7fcbeaa2aadffaf807c096c51fb14c47003ac20

SHA256
cde975f975d21edb2e5faa505205ab8a2c5a565ba1ff8585d1f0e372b2a1d78b

SHA512
a2c326f0c653edcd613a3cefc8d82006e843e69afc787c870aa1b9686a20d79e5ab4e9e60b04d1970f07d88318588c1305117810e73ac620afd1fb6511394155

Download Submit
memory/1052-948-0x0000000000A10000-0x0000000000A20000-memory.dmp

Filesize
64KB

Download
memory/1052-951-0x0000000005480000-0x000000000548A000-memory.dmp

Filesize
40KB

Download
memory/1052-950-0x00000000052B0000-0x0000000005342000-memory.dmp

Filesize
584KB

Download
memory/1052-949-0x00000000057A0000-0x0000000005D44000-memory.dmp

Filesize
5.6MB

Download
memory/1536-826-0x0000000000970000-0x0000000000DD4000-memory.dmp

Filesize
4.4MB

Download
memory/1536-838-0x0000000021780000-0x0000000021788000-memory.dmp

Filesize
32KB

Download
memory/1536-839-0x0000000021830000-0x0000000021868000-memory.dmp

Filesize
224KB

Download
memory/1536-840-0x0000000021800000-0x000000002180E000-memory.dmp

Filesize
56KB

Download
memory/2244-806-0x0000000000400000-0x000000000069A000-memory.dmp

Filesize
2.6MB

Download
memory/2244-793-0x0000000002770000-0x00000000029EA000-memory.dmp

Filesize
2.5MB

Download
memory/2244-801-0x0000000000400000-0x0000000000AAD000-memory.dmp

Filesize
6.7MB

Download
memory/2244-794-0x00000000029F0000-0x0000000002C7D000-memory.dmp

Filesize
2.6MB

Download
memory/2244-795-0x0000000000400000-0x000000000069A000-memory.dmp

Filesize
2.6MB

Download
memory/2244-802-0x00000000029F0000-0x0000000002C7D000-memory.dmp

Filesize
2.6MB

Download
memory/2388-800-0x0000000002110000-0x000000000237B000-memory.dmp

Filesize
2.4MB

Download
memory/4908-866-0x0000000000400000-0x00000000004A6000-memory.dmp

Filesize
664KB

Download
memory/4944-816-0x0000000002510000-0x000000000277B000-memory.dmp

Filesize
2.4MB

Download
memory/4944-805-0x0000000002510000-0x000000000277B000-memory.dmp

Filesize
2.4MB

Download
memory/4944-878-0x0000000002510000-0x000000000277B000-memory.dmp

Filesize
2.4MB

Download