b7dd3bce3ebfbc2d5e3a9f00d47f27cb6a5895c4618c878e314e573a7c216df1

Analysis

max time kernel
347s
max time network
357s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
01/03/2025, 16:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

The-MALWARE-Repo-master/Botnets/FritzFrog/90b61cc77bb2d726219fd00ae2d0ecdf6f0fe7078529e87b7ec8e603008232d5
Size

8.7MB
MD5

100bff2f4ee4d88b005bb016daa04fe6
SHA1

36e5f8f70890601aa2adaffb203afd06516097f0
SHA256

90b61cc77bb2d726219fd00ae2d0ecdf6f0fe7078529e87b7ec8e603008232d5
SHA512

a1cb52bc6edaa7f8bb216d2a5f3deb0b8468c64b43931ef570c05e6a9872c63f00aff50d69686fdc2ea25d3d83da4bf9d78f5e6910643163570d0bd6279c6e16
SSDEEP

98304:wRINZeR9Zy031d3eDi2dZQT3/S1GVlOre53ziKZ7Xk:wRINZeR9Zx1CFDQD/SQVlOrKr

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file 1 IoCs

flow	pid	Process
185	1948	chrome.exe

Executes dropped EXE 1 IoCs

pid	Process
5596	Melting.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
184	raw.githubusercontent.com
185	raw.githubusercontent.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133853208489053611"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1100	chrome.exe
1100	chrome.exe
5608	chrome.exe
5608	chrome.exe
5608	chrome.exe
5608	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe
Token: SeShutdownPrivilege	1100	chrome.exe
Token: SeCreatePagefilePrivilege	1100	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe
1100	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1100 wrote to memory of 4092	1100	chrome.exe	109
PID 1100 wrote to memory of 4092	1100	chrome.exe	109
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 4808	1100	chrome.exe	110
PID 1100 wrote to memory of 1948	1100	chrome.exe	111
PID 1100 wrote to memory of 1948	1100	chrome.exe	111
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112
PID 1100 wrote to memory of 2496	1100	chrome.exe	112

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Botnets\FritzFrog\90b61cc77bb2d726219fd00ae2d0ecdf6f0fe7078529e87b7ec8e603008232d5
1⤵
PID:3068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffa0f41cc40,0x7ffa0f41cc4c,0x7ffa0f41cc58
  2⤵
  PID:4092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1984,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=1980 /prefetch:2
  2⤵
  PID:4808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2248,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  - Downloads MZ/PE file
  PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2328,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2340 /prefetch:8
  2⤵
  PID:2496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3188,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3444,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3456 /prefetch:1
  2⤵
  PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4520,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4552 /prefetch:1
  2⤵
  PID:748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4720,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4728 /prefetch:8
  2⤵
  PID:1816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5000,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4924 /prefetch:8
  2⤵
  PID:5128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4972,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4748 /prefetch:8
  2⤵
  PID:5144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4944,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5144 /prefetch:8
  2⤵
  PID:5212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4700,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5292 /prefetch:8
  2⤵
  PID:5252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5256,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5216 /prefetch:8
  2⤵
  PID:5536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4892,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5084 /prefetch:8
  2⤵
  PID:5636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4708,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5068 /prefetch:8
  2⤵
  PID:5736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4748,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3860 /prefetch:8
  2⤵
  PID:5776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5176,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5388 /prefetch:8
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5260,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5576 /prefetch:2
  2⤵
  PID:6020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5520,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5696 /prefetch:1
  2⤵
  PID:5128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5588,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5820 /prefetch:1
  2⤵
  PID:5580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4424,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3456,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3228 /prefetch:8
  2⤵
  PID:5180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5312,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4780 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4876,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=1528 /prefetch:8
  2⤵
  PID:1944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4968,i,6106553879629001198,18078815564620518390,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5032 /prefetch:8
  2⤵
  PID:968
- C:\Users\Admin\Downloads\Melting.exe
  "C:\Users\Admin\Downloads\Melting.exe"
  2⤵
  - Executes dropped EXE
  PID:5596

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3236

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
6a426533594b444d0cb243578986c2b2

SHA1
13e1ccd86791a18201f2f1fa4434473932760f74

SHA256
ccb3e1eb1ede3ca31ab2116ac8db22ae6093b72892cec058d04b3598ebfc6dd2

SHA512
7a2212e63aa121198b1908cbccd073d97df33f0ab6a175e84c2508d85f23b67594149be802ad40534360fbad4d575d559c6889db0473243cd5ff849b9350f368

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
3KB

MD5
3039ef48e9e448df18fd05c1000d84e7

SHA1
eaa4b5a85c299b537af4b2b32e7b5092e21b782c

SHA256
949020b274a7165471833541b4ece3000a6eef405e6e16c384bfadfba5279212

SHA512
c3950b6430d646b9897b91afddb353069b6b27a3bd7af1f2a5b3ec581af438526ccb6c99830d503e267d978475d19b8a3d6f5c23a1534943201a45ca7741dc8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
3KB

MD5
d8a12f37125d9df06055493642fe7442

SHA1
9bc9f4f26346ddf2f9602de237fda63f90b9ecdf

SHA256
07b303ffa4a02ec916e95fe6a005fbd0e1f98f0c8003d041c82b4678d875d20f

SHA512
3ce7f1a28931a5d3033bab445004fa6e2a0f8cc55fbf2bf49e3ce28ef07b2a0c0a29c8ba2ba2a689d3f8eee7747fe5d13c130ec5487176d97e2e45bf678ae2de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
1050e81f72f71e614cf749031efe58ba

SHA1
a5e2b31aba4ad97741ef7fd918c5aacfd3bdab24

SHA256
4f48eb3dfb8d6aad66e4fb75f1c4fc57185881f7082a696bcfc39ca24b833d61

SHA512
76040577841015dd2dc5b092c8a631033e6a9b8f2d02e73ad4c658fbe78b4925ebe0373e8406529524da946a6e176c0064642211caa51cb169acd44a46e368a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
2696a7cef873c11798e6f6dde8112d12

SHA1
3c33f71ee8d6d4aa5b3456c4856f4d6be667abd9

SHA256
0c42532e4ca4e29228459eda4628873c7fbd9a24627b40af46ef145a3e6a91eb

SHA512
7be9ba0e43bf45217d22dd3095e4159ae577af5479c0e8349e1837f437c2906e2efe7a820c25e7347e4022171bc8010b4bac68c38648c6f431eeac4ac4e0f975

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b458468509771d43ac245fde5b0b0d16

SHA1
78329f1cb8f8d8944a7a2692878c6a4b9ac71449

SHA256
9b1c31ece51c30586dc70f5883ed0cee9747b5be5d9cb3ac7fd1cd037a473a7a

SHA512
656299e5d2bcf2d4a323274ae520e4931fd1931e47a32eac0f86404399fe0667b2ea9e6f37b28099b1c3c1960faa64215ad115060723720dfa8ee436fa78e638

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
63d72da0a2886f34c76f0464029e8457

SHA1
141b6ed9e4a0949b23923f05065878a7fd07b3c6

SHA256
aa8f5fe05d86cc864c9e6fe8be4a7c530b9f8c65e36ee3ff0147a4f6298ff3b6

SHA512
6bd6e0fc9e221912818ca8fec4e72e70b03654e4f0fa5691a8d2abf8cf2a1414d423fec3923646c5b534d9ae7db85d11bf4d34ebdd478861bd27a71c1cac3a16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
78da1a626f2313f57ff1ef594dc2329a

SHA1
5c6fbdcab03a5771591c2f3f96ce36fe64d7a77d

SHA256
e53f72a357e1cf5c8e30ff35ea38aeba6867d3e78f4ddf8151eee5fc0ea13cc7

SHA512
9489220a7ea2cbed641e05b3b04914799e1ce446f57eda00d96196a7487799047af087943a20ab712607f21876ca7cefb9f3f34a65abc3818499edf56a755748

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
983dffdd2cb9cf73e6739dcab6e64c14

SHA1
4902519e405f52fde4b08f6353dacfda9a448a9f

SHA256
72f7070a62c9ba49ce85c4c2a4518a3660954447b7562ec538e2adaa28412133

SHA512
94a5b396d35d8a175169052356d6627021a16aae1d2926576d5ad292b53bd43d9ae09ee6bfafdcac9d8f17959ada21528b6d0a1304ae236bfd6ef6633074769f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
e430be1d98746689e119e0fab409e92c

SHA1
12808fef2d068407f4a9bf5bd3bd89c931695d12

SHA256
a548f3b820c879f41b477abe0d1fdef47860254d550f96910d714826ba57e06d

SHA512
cdfe3a8a7b4557afa28479cf90c190f4124f8d6844ef3189e20f1ad48d7f9ec69c35e089f94e6ae3537308ded0a0775f3f9b1e35398bee92adb226dacc2e0abc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
438d119c547784fb099c1a87fac34506

SHA1
3148897833c60f9fb7c1b3ec71505462ad805844

SHA256
aed74acc4a04301980a9016c3890c6f7243bc9a86c20e2c64cc2b24ec5d6a940

SHA512
cdd78f8ffb564ffb2867b12e120bfd4c8b6a33879fc65b3fb9da0fe48f0b93ebe6cd82565838441d8523b1ec188a416904ad36d672259ed796f6c68b8dbd301a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
bb12f36ca036b8f4b20ba33b832bf9e8

SHA1
66d192acdc4533db06fcbc84c7758dbf3d33b4b4

SHA256
549b8deea7f76f75f81532c86e86ec996d17c4d975ca1c4c42eca88de18ad854

SHA512
fd5c8bcfbebad2246394099a64081d9061279ecdb8a091837793ba6b7c2345cb43cbbe73730a0df7d2be49aadea3ea5cfd5c2a183cc07d224495aef6142c59b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a973339343815480ae2f9432119324e8

SHA1
78e2530e51dc56c79fddc4febccb9da33b40ce13

SHA256
a0b57ea38bc1165c4e5a21adbbd7ec869cc286d499cfbcce229da2c5395f16b6

SHA512
bc78bdfeea617ef3e5ef528ecfd0e6d46a895bc9c2d4f79a4c5525c9c842ca7350ad32d62e3f93c982213fbeb593b4c2fc85ee6f174820f9a78cc3f4829de6f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
01b90eb0cb01d2ce8db58267c1fa8368

SHA1
b795d299626ebe47768c8731771ef76f80049d15

SHA256
bfcab4d1f710bf767f3b29d79371cc9fee72dd560e19672cf80461122bd7ec3d

SHA512
f22393725f7c4c9137df2759610cb855534acd80d78d8da4fc84a2ca25b45422fa40e045cec041f05f0d3fe3312a52d35ccb4872445917c487311b653e51fa51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
eb1775bc35c8ccd67c70a7c400535b34

SHA1
ee2c52e45be8c575af952a708566f91828771b23

SHA256
d04291579a69362fee2a66a2c432fa044fdfa6a2fbce2995bc4a5f5d3689c131

SHA512
042d03e87cfa2dbae4344236d832c43b571741da25282762643852fec99838a706e8931e0f1d79938f1ddd4391c06a34fe5b2322581dfd310686cfe25cd6416d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
fc3c53d8aff88180bc57723d958a93c9

SHA1
bd2c350e7665ec4fc2e8b85aced8cee7da72e76b

SHA256
c949bcac273d38c85fd6b9a64c02464a38777b57c60d1e8085b4aef907f26716

SHA512
ab213d0d8242ead47ee968cc5ca5881affff9fdcec2ae818cc112155a276e1f5141679d022262cbc695a7e67d1bf232b49ae9719bdb619352204e96bf4aeea05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2da12e7ab8570c9e0d7880dc7a602e49

SHA1
278607b1e829438c8cbfc11a06326e6122f5482f

SHA256
468af918752f3bdaf92cfd95e815af575ce1272ac76b1eead495db5138990943

SHA512
91527f0ef6e9761307a4f6ff875a0576489c55855534bde91eed1396edb0386b06e14bd0b0c72bd822cffe38b14401f440b105298c7433bb79c3281c5e469b15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
600edd1677e4411b627e6092a4cec648

SHA1
c5b74dd143d33f9d61a1034e70042366844699a0

SHA256
18d8916c405b2c63560a73a1ea0b58f119f177c3e01e4b0c42790c07777a0b6a

SHA512
5dc5daffd343b9e955c53683abcd4c1dfbca889bbf062e5f4d50d3bd1e99a4dce54fed414178f0a4cc7a991307534588285b66e482c5914d3f10aa71827cb1be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a92d0972235148da1651059737044d3c

SHA1
bd728461bf338934c43a73451f693e8fd26396db

SHA256
ca6b526f51f67271161936d705433f4e3b2cfc06783b4cbecaa0b77f95e38c10

SHA512
6d912264d4c1c1ff433814c0bdbef82601d1e7912b20a30239a7557094ecdea104ccb59634f9b773787210d85429c7d929fcb5c262a11fdd89c4894f7c6e353b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c5aa75524efcd0b5db4131f527d2dded

SHA1
3ddd64de83c09149c338553a5e1f7f5416eb22d8

SHA256
2c2532393aed6cb9881ce3f64892131dc5197e52808d850e961dea029e4c013c

SHA512
143dae209acb1e309fea1f8b9727de89fafcbb6c8a893a58f9f6fedd0770912241af0b42360d3bb6b26a10fa54643daba0d5bf23aad8dbf99608e87e5f0df289

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
bce351d553ef9a38d62bd58b8d27e0df

SHA1
ba38a5951dadac875f33eca93a3183c2d23fa29b

SHA256
c17b88cf39b71031c84c86bfbf71eee39ac314173e9be381bc5cfc39fd60738e

SHA512
469f50d86ead34819633c04f5d5eb254d07411afe682a8164958fa8655aaea132d4a3f16178514086a3aab3ec6b5e0f48193b11d5ac879a270c7773702d5e57b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5fd50e3c3634f37ac888f9a7618c7b52

SHA1
1e06872d4ed88a3eb173efeb3050532f838d88c0

SHA256
065a8e5c25902e41760b652e8da8ca2c31240e0c35601c72d39dfc4a74896717

SHA512
693674a6e9819386eeb937476752f8aee3358e26b1c5dc7d2751c219a84b57dc9d0d7ab474768591f1909d761da07bf6ec1b66b8744eece62ea791deead188fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
794e3588373483586a625db9e6ca4674

SHA1
63c5fd3ee42042a77022947c7855e80069b4812c

SHA256
4325c3db6852b67454886935817a50e9d775da6147e267b436cc1fa6bd920ed2

SHA512
1077e02f1fa4d589201f4caa57e2b61053ad41da73f0f3ea8d5aa92f7bbe3c1d45a716208ace54e43396d5eeeb0f5cc3017f9763409449fa59c4007306f7c3cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1dbc950bb4d97c3b1d797b41c75e6313

SHA1
1eb189bdeb4ac7083c8101470aedfe69ee031f15

SHA256
51cc72de2b785e95d3f02ba085b9348f59a842d93be5cc00b2671b04379b3a33

SHA512
f817cde1cef4eeee58d89ad649246580d21b1674e7e339fea19bd9ffc5a9057e4a8383813777c331bd607d2a647be0570b58dcb189bc9b82def91e5fb2cde8ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
698140661d861fc73df46b33d4798f72

SHA1
8866651589e78836b8226b0e90e757177bbce398

SHA256
37776694a251eeee49c4c80cf242f3ceb23d90f6eab7965ff75f8970476764a0

SHA512
1889e90348a9668c9f2fc7a956d5af87a145d6a51c24bc534f0d396fbd07305b34c5364483c775f4e1df0cf2a500ad5622d9e6bcfedfc72965579de26be904f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
31bd1f3fd2605e1d777951f9ea624f95

SHA1
42442ec856894fa5d3d2f1514403af44ddcaaada

SHA256
d5d583a74e1da9ed7be989c581b017f98c4501ddfea8c4bce8015458051dfc2e

SHA512
bf9718580cf94b52f3342a3697e3590501e500a6497bf1debf9081d1487ca7f320bc6ce7ad57549a859277e3bed1360142a064bc2db98c62587b7294e95f74ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
0bc260c23508c1087219e9b4c1a59517

SHA1
52f11178e5a53d7ae29ed8bd5200797a543337ef

SHA256
2345728938f639f430ada22b9ab89ff7b05e24554044cac27683a64ad495ae18

SHA512
081b4fb31fe81e4199fa2fbce8226c5613ea50fb40025b9c08b07f44a5aa2b054169ce99ede330e5d423c6f03e52e8436a238eda1e4fd0f4015a96b16b27c0a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c1cb90f4a8008cbef022c91686809f9a

SHA1
4ea86ce1372456e5d87ff18a372d673fa0432c21

SHA256
d7885470d5ffe9f45e4f36714c7b4c847e06fac3d4eab353644e2d69b30cc296

SHA512
22fab73e956159556da916fab83dc5eb2a5202052f39c49a9ff93927c8eb5dd535be586d3ef4dbee8021337337a6092ed1954b0b90cb371b38bb3fc3141b0354

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
13KB

MD5
8500f2263f504b206f9d762b28110344

SHA1
46a96ed46d01c87c765f3754d69d5b2efef53617

SHA256
4b7a0a65338a085f04099e583f69c889b8b37d9f3e57e21302d92a5e5f4623a2

SHA512
6c22f568f434b7c35c5eb8cca00b67dc043ac85dc78c762959bf703e2b1e1ad1c5cde689ca61135d2915783370c4940207f8bc5a4936fd13157a43e8cf1a9a13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
68b5d08e2a34e3956d840df47a46532b

SHA1
e99725e841fec1aac87cca7b88b1809d14e47bc6

SHA256
da33948691bfbbe96fdabec0b210fe4c3cf1ce87b0a584ce2d2ddb8e743f7ccd

SHA512
24b4dabd240e17fbdbaea2c3038b5dccbc35e5552f0bae356ad6b33633da490bfee41132d476b92025689aeaa86e743b66375f9435432e4c06097d3a705b1248

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
245KB

MD5
463981f893a8194ad029d470eab29718

SHA1
24646ce8b898a798c8d75ea4eb15afc955369cdc

SHA256
a4bb4cc079e0cd4d4966498b1ad04a6291219fc8be34203ae28c12d69018c5d3

SHA512
997107ceb38d363cf688e18600db83b6a9e025f144a398cd30693235bd1c8708800dca7ef28f94d21d9bf2c069ae3655d2d20c616b694804217009a56bc3df6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
245KB

MD5
9623fdf93a29551713d1015aa41de778

SHA1
ca209f47f30300e466a3b3bfe473758cb5801d01

SHA256
a1b23771d2436e4ab6ac1551b03b18eefc26af2f16fafd9c1445a2a223df58fa

SHA512
ed7df0533ed1dbbbbabd20ddc6321582d247cf10e24416a2c9b2baa982fc3535bed39957a9a5f9eee8ac33c04ef5a13dacba81eaffd176feb64ba4f356a3f015

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1100_380804234\57486c42-c024-42fc-8ca6-d2e37d2ad234.tmp

Filesize
150KB

MD5
eae462c55eba847a1a8b58e58976b253

SHA1
4d7c9d59d6ae64eb852bd60b48c161125c820673

SHA256
ebcda644bcfbd0c9300227bafde696e8923ddb004b4ee619d7873e8a12eae2ad

SHA512
494481a98ab6c83b16b4e8d287d85ba66499501545da45458acc395da89955971cf2a14e83c2da041c79c580714b92b9409aa14017a16d0b80a7ff3d91bad2a3

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1100_380804234\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\Downloads\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit