Resubmissions

04/03/2025, 16:36

250304-t4hcjavry8 4

04/03/2025, 16:25

250304-twxr9avtbv 6

04/03/2025, 15:38

250304-s3h21avjt7 10

04/03/2025, 15:35

250304-s1s47atrz7 4

04/03/2025, 15:32

250304-sysewatvb1 4

Analysis

  • max time kernel
    111s
  • max time network
    112s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    04/03/2025, 16:25

General

  • Target

    nezur-faking-unc-v0-9bo7ts6at0od1.webp

  • Size

    176KB

  • MD5

    d444757770ebee84843f2922c430a3b5

  • SHA1

    ae36d68db168d69bfe90fb22f703b638070b7d8d

  • SHA256

    20be8d6207184dfd8d235813a15943d41c17434c5ba8d044f182161dca2b33a2

  • SHA512

    a242ab595865991219f8e82a1d1d4c5d01d71a308a8e4ddc4b3746cd199f7890c1c283ba9c815977938a474046d089c05b4490e5323c225d8412f0340418d314

  • SSDEEP

    3072:8ihYfiRKLglPj0xMczOFm2HYyEOEvnYONFs8jNDGCsekDyJNO3:Vh67glPj06KOFFHYyEpnLNZBrhA

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Drops file in Windows directory 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 34 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\nezur-faking-unc-v0-9bo7ts6at0od1.webp
    1⤵
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2484
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffff30fcc40,0x7ffff30fcc4c,0x7ffff30fcc58
      2⤵
        PID:1184
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1808,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=1804 /prefetch:2
        2⤵
          PID:2740
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2032,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2096 /prefetch:3
          2⤵
            PID:3060
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2144,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2328 /prefetch:8
            2⤵
              PID:1412
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3068,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3116 /prefetch:1
              2⤵
                PID:4076
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3080,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3296 /prefetch:1
                2⤵
                  PID:4868
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4304,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3756 /prefetch:8
                  2⤵
                    PID:2796
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4576,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4588 /prefetch:8
                    2⤵
                      PID:4088
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4568,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4560 /prefetch:8
                      2⤵
                        PID:2672
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4852,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4548 /prefetch:8
                        2⤵
                          PID:1348
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4856,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4560 /prefetch:8
                          2⤵
                            PID:4968
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4872,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3760 /prefetch:8
                            2⤵
                              PID:2992
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4620,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4896 /prefetch:2
                              2⤵
                                PID:2244
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5052,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5000 /prefetch:1
                                2⤵
                                  PID:1388
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3532,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5076 /prefetch:1
                                  2⤵
                                    PID:240
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5224,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5008 /prefetch:1
                                    2⤵
                                      PID:1004
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3312,i,16244876099952723695,4978895998538370920,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5100 /prefetch:8
                                      2⤵
                                      • NTFS ADS
                                      PID:776
                                  • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                    1⤵
                                      PID:3720
                                    • C:\Windows\system32\svchost.exe
                                      C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                      1⤵
                                        PID:3376
                                      • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
                                        "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
                                        1⤵
                                        • Modifies registry class
                                        • Suspicious use of SetWindowsHookEx
                                        PID:3056
                                      • C:\Windows\System32\rundll32.exe
                                        C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                        1⤵
                                          PID:3176
                                        • C:\Users\Admin\Downloads\Release\xeno rat server.exe
                                          "C:\Users\Admin\Downloads\Release\xeno rat server.exe"
                                          1⤵
                                          • System Location Discovery: System Language Discovery
                                          PID:2268

                                        Network

                                              MITRE ATT&CK Enterprise v15

                                              Replay Monitor

                                              Loading Replay Monitor...

                                              Downloads

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                                Filesize

                                                649B

                                                MD5

                                                5b85c31c891757f20417d9750eba67fc

                                                SHA1

                                                4dfc55dd0749cced4c32a2801e74c164be83829c

                                                SHA256

                                                77b908cc8f60727f61c02a2d3fe32b04754e1f52c9ed977d5b7e5e33c5f0ecb6

                                                SHA512

                                                ef03e49902b412c99fa3f6faa7f3773a3e7d72647c3ee294278d705f1ad6a8f18f9be833e6b7d49091137462f00769ceda973ebbcf26c2d79915d0516ff7aad2

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                Filesize

                                                1KB

                                                MD5

                                                57f5af550c2af428905530b27b87b080

                                                SHA1

                                                3395f1366be3ac41a51c6f049c87a38e7086da33

                                                SHA256

                                                3a160fe7fd79d539ccaa8edad5362a805f0fd7fa4ae198c49a191a34d8cfeb94

                                                SHA512

                                                db3552b13dbefa3e1c6259f70d16f245e6cf44023b920cf50aa43862649aa238176984c61701f12f6938dc12be8a5226d9624138acdd2a145e1bf7161b45d321

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_locales\en_CA\messages.json

                                                Filesize

                                                851B

                                                MD5

                                                07ffbe5f24ca348723ff8c6c488abfb8

                                                SHA1

                                                6dc2851e39b2ee38f88cf5c35a90171dbea5b690

                                                SHA256

                                                6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

                                                SHA512

                                                7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\dasherSettingSchema.json

                                                Filesize

                                                854B

                                                MD5

                                                4ec1df2da46182103d2ffc3b92d20ca5

                                                SHA1

                                                fb9d1ba3710cf31a87165317c6edc110e98994ce

                                                SHA256

                                                6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

                                                SHA512

                                                939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                Filesize

                                                3KB

                                                MD5

                                                e8dec92f68e2b58b633cc04887c2d55a

                                                SHA1

                                                e86f457437f444aa563953235b95d677f5064c33

                                                SHA256

                                                100cf67b7576e5a0427c29d8da7cc34641d0bacf4f934109c52861b291f25a4a

                                                SHA512

                                                788e28a1d303177c96cdf850419f086e83bb368c93d2b44f8b1269e53925ff529eaa12e5befa201e8af731970b3f372ae0173d37bc438363f7f0d163655efe69

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                                Filesize

                                                2B

                                                MD5

                                                d751713988987e9331980363e24189ce

                                                SHA1

                                                97d170e1550eee4afc0af065b78cda302a97674c

                                                SHA256

                                                4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                SHA512

                                                b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                Filesize

                                                1KB

                                                MD5

                                                aaf35edb8c411de1aea6c260cfba7844

                                                SHA1

                                                695bc1fcb0fb189f8aaebdd897f990f875a04320

                                                SHA256

                                                bebbef18228bff6bb9a493e1f148dab65e8b7baa52162b67f89957f79e6d4122

                                                SHA512

                                                a53ef74f3b05eaaf5b73f646b3abd033ae2a9d7bed20d2402ad58fd959c86b8148618a0576ac4f93e6b7a5bbe425640c8f7b9e5d5344ec95792d8d4d2ff44739

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                Filesize

                                                1KB

                                                MD5

                                                c246eee5d755ddf252566617fe9e1dce

                                                SHA1

                                                8faaae94fbe4f449a9da611bb5928b4cd1b2eca1

                                                SHA256

                                                dcd2ea4aa257b80e29c819eedca6c4a897425cb6ac3a27e5519a5cd41ec12ef2

                                                SHA512

                                                01d36f18d6ea7db6c4989e0ecba36f89ec3c8fc3415bc41fa71d9a22587546bb8b052dc7082851c6c5caca13e8d320ba4ac19aa59a5d21c4ab1de02768fae64a

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                10KB

                                                MD5

                                                c78a8ad48b5f8e8c3a19bc827d3837e6

                                                SHA1

                                                13b45f83967345d9c54ecb6469548139c8daa2eb

                                                SHA256

                                                1109abc2b7a01f557ea9d2722583120bfe1c5c02d0f80f7c21e7a6719b8c45f8

                                                SHA512

                                                a49013132f312ddd60f9419f3fcbc9b19ae043b045ebef08266c25d82388bb9d4012c29cf19bc550d85cca4e8ad965c194644dcf3503c5d13f4b66af9e6e1e51

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                10KB

                                                MD5

                                                cea1e3d3fe00045313bf55ae09e653fb

                                                SHA1

                                                5a7195e12ddc57907bd2ca0a29529c9146541d4d

                                                SHA256

                                                fd251195f1f607a4c012823934e20a0e6b9fd0d7f03466ee23d7353ced2d7088

                                                SHA512

                                                f38d287c59ce0d35fb4915f4ad52f6604d700443a488f167e4eff5e8056b34b5d158de22d827596ebd11672e50da43342368854d1965f6100bbee02eedb1deeb

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                10KB

                                                MD5

                                                b6240c2983b98d4b6f721bcbeb09b416

                                                SHA1

                                                00d826521be3c716961a267c37af56659dc66a9d

                                                SHA256

                                                5772cd92b0b78ca60811331b5e9d1a135ead3ce0544ab39f8a38eab66deddb48

                                                SHA512

                                                13c6c58a72bf8a08adbce853ff331983748adc9fe1c5110f8e140e1a7065fc9cc4cec8acb6b055957f6ff0a779b0f1dd6bde299a92562a14b4e17f826b0a8a33

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                9KB

                                                MD5

                                                64a70542c0c1343d038b40c8d3d33ab0

                                                SHA1

                                                73d6ae98a7531dffb946013d5167a16abb9743f2

                                                SHA256

                                                07bab48f3f0f6703d1f5f3a39a7af67a13756f27785ed88968781818683b0d7a

                                                SHA512

                                                794f6ab945bed7b654bc41de570519f10a35cd79b6440998d4f024f277fb6eef8015d6c4a1115cfe8f39e6c110e6135663b5d917b1ff5a86604b84fe7502f587

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                8KB

                                                MD5

                                                a7e5f96945853612b78c1e683b14896b

                                                SHA1

                                                04a25db1488f7d28308ac85e275755c5f56d6993

                                                SHA256

                                                0a7366a5ac60de7c72913d5a3da7ec8ad71bedd20434da209324fd518d3d948a

                                                SHA512

                                                323ed4a950fb9e68ab5fe9e284b5f2b84d27bbbc43e21059beab9a3b07241242511afc239e870e9f22c042628e3ca7b670ae6a0929875d1dad12d067faa39c73

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                10KB

                                                MD5

                                                a7dca302df883e8989bd82b1a03b3a7e

                                                SHA1

                                                f8713def6b3146555363d35a1720d5e190680f8d

                                                SHA256

                                                a755cb1bda7ef731d04275a925eb67ea204b1245562b318903eba984bbe319c4

                                                SHA512

                                                5756abc78121ec069d481306659d1a6797c5deee185b3ced1baf1f92756523b403c80d237edb35126890aaf023bbc05874535db72d49cf9e83fded7414c70265

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                9KB

                                                MD5

                                                ab098029db724b430510b0c583f3187f

                                                SHA1

                                                2d66d6f21b0771d128fc618b6def40008d989b74

                                                SHA256

                                                9122643fc19a68925b87a094c747c0953b49abaa3a1976b551de3afb10d79070

                                                SHA512

                                                acc15c3379fe879788b3850e2dbda95cb270cadc57e17434e2abf19569f9438426e307bfc070c0fe04c4d2c232ff0869f685c29b1de268c06a772f662bf304e4

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                                Filesize

                                                13KB

                                                MD5

                                                87430d5e53f47d7ac9b96c2b06fe9452

                                                SHA1

                                                4e21f7d85959aef4a04360ce238e18907a2d5dfb

                                                SHA256

                                                e73fd22b89ca0e3122bc339a24a5c932e7bcff154f12658e140ad456e2b7bcf4

                                                SHA512

                                                5e23f7fdc1e4aa9544207087c24fa675de563c03b319877326801ff42cd05c3e816969fc2e1ee29c51436f743b0b213b111f5180cd6426eca7613bfd3d50f757

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                Filesize

                                                72B

                                                MD5

                                                d207cc6baede852b2b32c95cefbb67e2

                                                SHA1

                                                f359b115929a93267857085d60854b6597e128cd

                                                SHA256

                                                35336b143c7bd56540675c8b16c2f2dc3e6ea8d85d28bc9fe09a177a10bb7923

                                                SHA512

                                                47a8a85b65d3373c650d76212a57ddd0a7e8d5a2272bc69ed3f4104bc1b198038355efd82bb72119b637cc84c64a6a2bcccaf7c928d56c0f600f5fd7fb3f9dac

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                Filesize

                                                244KB

                                                MD5

                                                d17879d882ade14e931b5d3058d4d648

                                                SHA1

                                                8ddd7df44466bfbc0a0a4984f0ca1f85efa7744e

                                                SHA256

                                                8f5e69c5b92806b38cfbdfcd7d5694c2fc2c680455151032bb56df504d5c888d

                                                SHA512

                                                5bad2701127fa570dc576baa6ad69889055b953ba1ffa19dfc754d52d33e8772bee307274bb276de8c3df39b6a0efa76563396fc570f8b9bdb90751f24331838

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                Filesize

                                                244KB

                                                MD5

                                                8a1d469b4168af6559cfa6d7929d75f1

                                                SHA1

                                                df54adc38cdafa359bb9da6b296c76426f4952ef

                                                SHA256

                                                84bd0b1c68f4ad5aa211f7b9ee2bf5f5c076dbaceea371e3779d559ea6cbb795

                                                SHA512

                                                5b9fc0e8287ea65b4a5504f7ab798a74da78dbe9a72477d9c45e534366721c1fe239dc1c1ac0c000a2751eb9bcb80767268313c99abdcd47475b336bac10658f

                                              • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

                                                Filesize

                                                23KB

                                                MD5

                                                2237e76835bdbe6de268b1c9ba8c5f43

                                                SHA1

                                                9d0ff481e1175fe35145cbffbaa43e53e23915d4

                                                SHA256

                                                428d10927769a7e7f453af3bc213de9ea562e58e27bbbe892b7077fc1c41413d

                                                SHA512

                                                c34bc35afb397237b9a3c23234fd61bae0c49d86389b6eb721c2fb47c17b0036dd9eada47ccce557d8ef962267c9933e47a9971948e5f109f5a05dc46e079bed

                                              • C:\Users\Admin\AppData\Local\Temp\scoped_dir2484_79891900\2445191e-1dcd-4a30-a4ea-e20432bba9cc.tmp

                                                Filesize

                                                150KB

                                                MD5

                                                eae462c55eba847a1a8b58e58976b253

                                                SHA1

                                                4d7c9d59d6ae64eb852bd60b48c161125c820673

                                                SHA256

                                                ebcda644bcfbd0c9300227bafde696e8923ddb004b4ee619d7873e8a12eae2ad

                                                SHA512

                                                494481a98ab6c83b16b4e8d287d85ba66499501545da45458acc395da89955971cf2a14e83c2da041c79c580714b92b9409aa14017a16d0b80a7ff3d91bad2a3

                                              • C:\Users\Admin\AppData\Local\Temp\scoped_dir2484_79891900\CRX_INSTALL\_locales\en_CA\messages.json

                                                Filesize

                                                711B

                                                MD5

                                                558659936250e03cc14b60ebf648aa09

                                                SHA1

                                                32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

                                                SHA256

                                                2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

                                                SHA512

                                                1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

                                              • C:\Users\Admin\Downloads\Release.zip.crdownload

                                                Filesize

                                                6.4MB

                                                MD5

                                                89661a9ff6de529497fec56a112bf75e

                                                SHA1

                                                2dd31a19489f4d7c562b647f69117e31b894b5c3

                                                SHA256

                                                e7b275d70655db9cb43fa606bbe2e4f22478ca4962bbf9f299d66eda567d63cd

                                                SHA512

                                                33c765bf85fbec0e58924ece948b80a7d73b7577557eaac8865e481c61ad6b71f8b5b846026103239b3bd21f438ff0d7c1430a51a4a149f16a215faad6dab68f

                                              • C:\Users\Admin\Downloads\Release.zip:Zone.Identifier

                                                Filesize

                                                26B

                                                MD5

                                                fbccf14d504b7b2dbcb5a5bda75bd93b

                                                SHA1

                                                d59fc84cdd5217c6cf74785703655f78da6b582b

                                                SHA256

                                                eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                                                SHA512

                                                aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

                                              • memory/2268-662-0x0000000005AE0000-0x0000000005B72000-memory.dmp

                                                Filesize

                                                584KB

                                              • memory/2268-661-0x0000000006140000-0x00000000066E6000-memory.dmp

                                                Filesize

                                                5.6MB

                                              • memory/2268-663-0x0000000005C90000-0x0000000005C9A000-memory.dmp

                                                Filesize

                                                40KB

                                              • memory/2268-664-0x0000000006D00000-0x0000000006D14000-memory.dmp

                                                Filesize

                                                80KB

                                              • memory/2268-665-0x0000000008500000-0x000000000851A000-memory.dmp

                                                Filesize

                                                104KB

                                              • memory/2268-666-0x0000000008520000-0x0000000008532000-memory.dmp

                                                Filesize

                                                72KB

                                              • memory/2268-667-0x000000000A420000-0x000000000A442000-memory.dmp

                                                Filesize

                                                136KB

                                              • memory/2268-660-0x0000000000E20000-0x0000000001022000-memory.dmp

                                                Filesize

                                                2.0MB