lumma | hxxps://sites[.]google[.]com/view/exlauncher79

Analysis

max time kernel
98s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
18-01-2025 09:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://sites.google.com/view/exlauncher79

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

https://inflameopooi.shop/api

Signatures

Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
stealer lumma
Lumma family
lumma

Executes dropped EXE 1 IoCs

pid	Process
1156	vs-game-force-sof.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
4	sites.google.com
7	sites.google.com

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	vs-game-force-sof.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133816650509291305"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4480	chrome.exe
4480	chrome.exe
1156	vs-game-force-sof.exe
1156	vs-game-force-sof.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe
Token: SeShutdownPrivilege	4480	chrome.exe
Token: SeCreatePagefilePrivilege	4480	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
3104	7zG.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe
4480	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4480 wrote to memory of 392	4480	chrome.exe	83
PID 4480 wrote to memory of 392	4480	chrome.exe	83
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 3244	4480	chrome.exe	84
PID 4480 wrote to memory of 1376	4480	chrome.exe	85
PID 4480 wrote to memory of 1376	4480	chrome.exe	85
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86
PID 4480 wrote to memory of 1452	4480	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://sites.google.com/view/exlauncher79
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffde219cc40,0x7ffde219cc4c,0x7ffde219cc58
  2⤵
  PID:392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1824,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1656 /prefetch:2
  2⤵
  PID:3244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2056,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2112 /prefetch:3
  2⤵
  PID:1376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2268,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2116 /prefetch:8
  2⤵
  PID:1452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3136,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3152,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:1456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4856,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4868 /prefetch:8
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3860,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5016,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4652 /prefetch:1
  2⤵
  PID:1200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5012,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:4380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5648,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4556 /prefetch:1
  2⤵
  PID:3452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5492,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5504 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5536,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5180,i,7594101902805531069,5226509838716136334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5304 /prefetch:8
  2⤵
  PID:2456

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3796

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4536

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4840

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\vs-game-force-sof\vs-game-force-sof\" -ad -an -ai#7zMap11009:132:7zEvent18601
1⤵
- Suspicious use of FindShellTrayWindow
PID:3104

C:\Users\Admin\Downloads\vs-game-force-sof\vs-game-force-sof\vs-game-force-sof.exe
"C:\Users\Admin\Downloads\vs-game-force-sof\vs-game-force-sof\vs-game-force-sof.exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
PID:1156

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
8ae8826bf328f510c3d4d03cae59cf40

SHA1
ed77405c2110475ff13f58f52594ea5f7d156232

SHA256
fd7bdb8dca0a328c1ac24d176d3dd40695e000bf2f66884379a9d395c341c790

SHA512
ec38021f777c10f2444734865f64a40e920390352d0b8859e4f812da91956efe847bb3f7b0c0077a6201613a61e56477f699019de6b37ce14e7477642fa13c25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033

Filesize
35KB

MD5
7c702451150c376ff54a34249bceb819

SHA1
3ab4dc2f57c0fd141456c1cbe24f112adf3710e2

SHA256
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583

SHA512
9f1a79e93775dc5bd4aa9749387d5fa8ef55037ccda425039fe68a5634bb682656a9ed4b6940e15226f370e0111878ecd6ec357d55c4720f97a97e58ece78d59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
fb3702ef54ce2e3001c47255f9afad68

SHA1
883253f747a781c1f6e840c79810e83d7d347d74

SHA256
2b557b7e989aa63b5db23ad2dfbaf8037711ce28cd7534fef47f1c59e15c5b97

SHA512
4a6de9995cc66c4a0aea3da24a3eccb1a083b1e04e703fcdf2f0761132459a5a0ac1dc2d5b24951615f0e97a318cef35978aff0062d7a88522c18517a1703c36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
bd8914f2c479740723feacb9de1cee28

SHA1
7afa301ce8aff2088202fc680d3e40657933ddcc

SHA256
d7b9537f194e53d9cffaf3314225d7c3fb694aff0646a83df7fe819bdcf86830

SHA512
e3ce3ef7f376ed0438c58d542a9e5895c5bbdfa15a81ae4aa7c4898927ffa851af243c88f6c1d4bdc69751d3206e30ca7964831b4aa43151e5313017ab3051ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b9a1ab0efacb16884d81abd3fd1e5768

SHA1
b5ce7c73efac5ce87b385f3c9c093ed6435274b4

SHA256
9c2100ee4de944f1993f4eab05e6fd4c4932a34e74bd37ab92b96837f45e5a4a

SHA512
717486616dce222de11504ea2fdd5b6ff707b2beb28e934126e8d270ebe728b7d9cc8be67f38127bf038207e084440bf5f31ac3a8fe594c8595edd2cbca529a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
a28e869765d0a8bf006b2ab00f33a1c4

SHA1
62a69ba3c8ff301c49394018aa92e537005da346

SHA256
93c7eeb06f414d6407a7eac23cb2cfa4836e1d7597bd8bf4a8672e1ba174e206

SHA512
0c37b3e301afa959b79e3548eefa0cfecc4c7b529036b73a0b8d97aa88c27853f56472e7c05232677bd386a088a1c0113322613f815a094da4c8b711db0507ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d414eedc6cb79b406f71a79b7335f4f7

SHA1
45da7f5cd136ef98eeb77a7a27d4226cb3cbd241

SHA256
f707daa2178db5b013142b12ba8fb33e38afbff17bb99be610d371f4bfb72825

SHA512
addfc9d1a5f6557fedf1859d4bd05f4b15ba0ae1e31db480caa6e79d86170d190a216c887793f2dece584f1b764beba876933d3bbfa3c5494b39a874de483210

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0383918dd2ce982f7409f410b4158967

SHA1
3aa819d15e8f00adc7c55a6ab842cedb5b76a1c6

SHA256
05686c0b082e47d49832bd1167759eb5f4ca369eefbf8096c082bee6b53561fc

SHA512
1bb4b8e1ed4f5d445d350fe6119b8a9ff4769eda9e5fc7c6364f2cd641d732f9441c1f99f287e0d755dfbea050ae1dd551d27d227a7e942ab3eeb7c28890069b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
447acee38c4bd52127f3429f1c8fdf46

SHA1
b4e14df8f3647c93ae004d98bdec6550167dfedf

SHA256
6b7bd0cec560eff2a61e969201e12eb68113c50f9d6925666bdf10fbe5f7833e

SHA512
97ba222fe4ac8726dcc27b1b4c5dcce7278f2e8e0da1acf6c17bc4063ceed8f9aecb97f30aa93afa0a326a65e2557983432e1e5cb3925f562b2c6c9d62b68eba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9709e80a2e82cff512f4865638cffc5b

SHA1
59d332cf7c1ffc999e3928c3f0bf1e777485081d

SHA256
ae4412be54cdc50e4ec82e55b050a9a9c0dcd1b91a323f2b53694eb22fc27408

SHA512
68dbe5a9416c02ab50a4305643e93f4763216299019d07b0820dfab86389987a1f7aecabde4c67fd30349ae8b63692ead206a65eae35cfa66940f7ebcaa32efd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c15deddfe3a725093e9b779ea3733c1f

SHA1
01136f65ed114459bcd2fca6f11fdc06dd15d2e9

SHA256
d243d0fa849ebbaba1bdeddc24aa726ab586d7cc5bbc65ef485f2525d12772c0

SHA512
fc940ead79f0c70eb28d03052c6378984a695f47d249fee80bf3d264fe512eec94943a0d598af494923be9eb40926ba0402849e4fbc0eb032051fda8188d3f57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
38f6fe1eb1b698f38078b2ff9b2a41a7

SHA1
e7a173dd033f69c162ad24889c72651700868378

SHA256
1a969e18dc0cddcce18187e3377cee99a52faf1b86cfcbb88c681ac218c173bd

SHA512
8e1ff3bf28198e0fab0faf33ac2201b895df72b594eec9d8bd3e3ffb98d04568df6723379f87e7d2663d4d14e97fd5cf06376bd137cbe2357fd528417fd7f599

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
3f74a5c77fff28998bad3436c63a1408

SHA1
f4f0526848f2cac75ab9c29e89c5673b2b969337

SHA256
30a8ca2b601ad5c747954de1eb9d5d83f74d73560f9eef71883e8cffd85f0efd

SHA512
b01b2874631123b606b1934120c16c178e9146508acba4b3bdd279c59b14a6bb471a8971e74efa3c01261677cdd5c7ce795a8c814318f7943e9bf52334ecee45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
28e9eb216d98e2354e95ee2656a2a9b9

SHA1
338b5c78b73c15cb73d12734c41b16f0df371b23

SHA256
1c30d78530858516487325aed9322b11f212743fbc8e5071dd55908d9e498bdc

SHA512
f4a4cffb62fe0ac9b060e97d5c4c1c34b41d76e6574fa9c2ecb86bad41f43264f191f384f19e0d0ee44d3746cb3c0bffb8c5f64ad83bda534ca30d571e3270dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
b093eb60f3d93ae43d01ef61e40dbe6d

SHA1
c92cface8ade7abd2167b4e1838f729feeeeea6a

SHA256
f5f6829bbb9be4193b7b51812b7236c7ef99feb6148efc57cbcfd1ad2f9545eb

SHA512
7be4fcf3dd086b3add2f6ac5cf06a7eebff893b50e48204313c683406315a14607b47871815ad2a70841dc6a730a566daf711a0893e8b52b24e8dc845e954d63

Download Submit
C:\Users\Admin\Downloads\vs-game-force-sof.zip.crdownload

Filesize
8.4MB

MD5
6fe73c8cc8c7b5d5817022c53779d547

SHA1
16a8c5c1bca86b64a7e90823f19af40bfcf1590d

SHA256
dfaca0b7dffb83c75470cd4e018fdfce420f6c2880c84c652ef56b8d9fcf249b

SHA512
32828ab2fd1f60e6cf1825c5bc710bb3962b684f69d2d47915ff40356a9ee595620ac96a175e9002eb70d153efb019c4d213fbb6a23cdb39d53c2071d22faa18

Download Submit
memory/1156-357-0x0000000000400000-0x00000000007AA000-memory.dmp

Filesize
3.7MB

Download
memory/1156-359-0x0000000002640000-0x0000000002690000-memory.dmp

Filesize
320KB

Download
memory/1156-362-0x0000000000400000-0x00000000007AA000-memory.dmp

Filesize
3.7MB

Download