d8fce9dd9c65ca143343f7711859a7cffc3c5e656a8b84108183fb769a12ed8b

max time kernel
157s
max time network
152s
platform
windows11-21h2_x64
resource
win11-20250217-en
resource tags

arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
submitted
10/03/2025, 15:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

test.txt
Size

18B
MD5

5b3f97d48c8751bd031b7ea53545bdb6
SHA1

88be3374c62f23406ec83bb11279f8423bd3f88d
SHA256

d8fce9dd9c65ca143343f7711859a7cffc3c5e656a8b84108183fb769a12ed8b
SHA512

ed2de1eec50310ced4bde8ef6ae4b7902920b007df7b6aeb200cfe9fcc0d36ef05af7526c4675be2feac52831668798d5fe3523175efad6f6549b30f30a0b5d6

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 4 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe
File opened for modification	C:\Windows\SystemTemp	setup.exe
File opened for modification	C:\Windows\SystemTemp\Crashpad\settings.dat	setup.exe
File opened for modification	C:\Windows\SystemTemp\Crashpad\metadata	setup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133860942131089229"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-501547156-4130638328-323075719-1000_Classes\Local Settings	cmd.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
3488	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
656	chrome.exe
656	chrome.exe
688	chrome.exe
688	chrome.exe
688	chrome.exe
688	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe
Token: SeShutdownPrivilege	656	chrome.exe
Token: SeCreatePagefilePrivilege	656	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe
656	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3460 wrote to memory of 3488	3460	cmd.exe	80
PID 3460 wrote to memory of 3488	3460	cmd.exe	80
PID 656 wrote to memory of 5060	656	chrome.exe	84
PID 656 wrote to memory of 5060	656	chrome.exe	84
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3768	656	chrome.exe	85
PID 656 wrote to memory of 3024	656	chrome.exe	86
PID 656 wrote to memory of 3024	656	chrome.exe	86
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87
PID 656 wrote to memory of 3340	656	chrome.exe	87

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\test.txt
1⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:3460
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\test.txt
  2⤵
  - Opens file in notepad (likely ransom note)
  PID:3488

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff2c97cc40,0x7fff2c97cc4c,0x7fff2c97cc58
  2⤵
  PID:5060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1792,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=1788 /prefetch:2
  2⤵
  PID:3768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2044,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2108 /prefetch:3
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2196,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2208 /prefetch:8
  2⤵
  PID:3340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3096,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=1552,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3544 /prefetch:1
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4412,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4624 /prefetch:8
  2⤵
  PID:4924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4732,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4748 /prefetch:8
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4792,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4612 /prefetch:8
  2⤵
  PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4360,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4892 /prefetch:8
  2⤵
  PID:4712
- C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  - Drops file in Windows directory
  PID:1704
- - C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff786474698,0x7ff7864746a4,0x7ff7864746b0
    3⤵
    - Drops file in Windows directory
    PID:1020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3776,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4768 /prefetch:8
  2⤵
  PID:4484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4660,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4404 /prefetch:8
  2⤵
  PID:4008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4592,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4920 /prefetch:8
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5228,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5236 /prefetch:8
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5148,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4948 /prefetch:2
  2⤵
  PID:3380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5368,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5384 /prefetch:1
  2⤵
  PID:1492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5264,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:1060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5364,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4928 /prefetch:8
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4404,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5340 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5252,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3456 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4408,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4424 /prefetch:8
  2⤵
  PID:1780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5180,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4944 /prefetch:8
  2⤵
  PID:2064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5188,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4952,i,10616140979186329174,12054902884415241896,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5112 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:688

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2016

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:768

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\4980937f-2920-47ac-965b-c7307447c504.tmp

Filesize
245KB

MD5
9435fae96404ccdff15a944da0cc5ac6

SHA1
09838a55c1c1b25514514255dcb3d0af56f0a593

SHA256
8b2096acbe6d9a57904e5a6e5031d1ae098890ed84eb5a579c21a04986b8236e

SHA512
fea2f642d4fb91aa3fbd02cd1b5e151c29b01e9dab1e93db7b9d3ad77855f6fbbceac0f00a8a0d05b137b9676984bf928f9e494120b1032981533b1d86a1b51a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
21d08b3475b5039d85d79b1deda897fc

SHA1
a93a8f929f0b977c58cf640e067e8b43da75af8f

SHA256
173fa4bbd811c80b1128d87f4fe1b4f2ceef8d7ffc38ab048d60bd459bfd3e74

SHA512
1531456f017a9ed5e933204cf58af9862e639c6740b2a81e93eb23760289227efd785ff67ed97adeef2c7125e8d4923bfc2afd849f1327522dbfff00b82e38ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
215KB

MD5
786c4894e2393c2a6df8fe0fd6aeee3f

SHA1
2242cd681f699ef3d642ed9ed1f202dbf6b0c1b0

SHA256
258ce3bda497a9ddf8e00e70ab2b08608c3f3211aecc90348179eea95be084a4

SHA512
73751c1624a8a7e8141c387159a700f637e4fed6f5974d7402fc4faf4dd72c0779eae74049746098ad2c05765fa97329c51e9cc5f422c02abaaa92035aa991db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
43cafb84531c5c89e6df8b98d25c9444

SHA1
22d1dbdae0dd9a2934cc166fdf3bd800c8677cbe

SHA256
7124032449c8dce2352055d1e0a00641270eaad82972236301d11ace43328113

SHA512
a3806c212f98d48360076465040e5d93e77625a0076d52851cb9a25d68d2a48e2c700be1d36b45437b2dd974ec974238f03a942ea48875427f425d67e6a5da00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
014edd2da1cacbbe682c33c673746fc9

SHA1
9a1eb116ec400d76b858e10e4f7a36a32357b5cd

SHA256
c0343b0efea6b4c946a711df61b9ac59aa522ff8af7e48002fa3959bffc5bdc5

SHA512
1547b79d6722c993c6d4fb51dc0f21b2a436e217a2d5a53ee60dca7043341412ede3609f94ab9ef4b6d62eccea3756b1c0feaee8ed07c2940329e3c2982da0f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
84d11c3944c74be24c9ed84318b3a406

SHA1
bc911c948b7272a95f4828497827aecb56358ddd

SHA256
812840cf016a7242abcbe58d730b7d60e724b96f58a184f2c9e56ace70a236c1

SHA512
ce24e9b9baf430e77b4ca58f9b43971f27d9bd28e8365a2862d765484ce6f15814d0ccc59377fc8364b60956e34a51d5d0b439f491f9a15c6f0725066435ef00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
8247af5b447dd251a8cef26666c43518

SHA1
5c0b38f1235c022c963008262cf8d1a6599f3acf

SHA256
08e273814a0ebe4deccfdf8532e7cd149a3641b9cb7ebc706cf6ad8661c45f25

SHA512
b9b0f467741c03971771b4e44520f2cabd0194296e24fb6926a8a59e221b7a92138e607ac1fe1b3f0b4d603e05623baeee8dc682419686626487f9df06fed9ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
64f72347662351b0f14cf16d89571d8a

SHA1
4996ad8c57c7def00e7d2068ae1cbc028cbdc60a

SHA256
93da7d3d6837b83e9466b63328e783b754d9b6c2f60064efc798e0c10af1d293

SHA512
3e97d9d0690480dd5a4094c8baceccb5930b50bbe56893524793904d8ec53ee7164cbd3f1cd5b9ae698a45eea8822c8a2b4da7c375c36d40b4572088443f6abe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d2e954871a4d837821389e547c93255f

SHA1
0baf23bfca810d45eee899096ee57975bfb9c938

SHA256
226b1e82773890710e47bf3a2710ba707de7263cdfffbc18710b0331060bb7cf

SHA512
b3b80fc40216930af50a4d93c21df0f37498bf9c5bf93be1e61e0f027c8310ae14f39916e2d7f210e5d9a70fb4b448398fb541d4272fcb81f07839c72b682247

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5a27b1e19204fe8e23f95199d9a83b02

SHA1
a8af770505d7fceeb8030331fd51baa4e7e6f718

SHA256
71b6de4230695b6078fba5d06a426638902105deac165320f731f1d3e18f3d37

SHA512
110afa10e8b341ba56ba6b26f15587fef3bbca5629cb4cc14eff21d26c86ca7736e7e56cc142499cc93489ae09303ad9fc28997a8b557c3bf7bae953bd145614

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1a338467bcf2903d88a4999251f37b2f

SHA1
53caac239b6854522fcba4d4e18949c0a9fea5ad

SHA256
55e720e3d5617a167872bd4de750cade602ff342dbf6ebc21d91b18c27264b54

SHA512
efb80e68824a84c2218e034c306c509e03363f5656236d8ea97919ef7367e2b3a8bddae48062b9f2b2d1835c6c7b594fef0de1c3034c4d7981c25158459ca310

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5d5071467769a8facc1fad123937fea0

SHA1
d82ab9e059519617a4d9ea22433d07fca290ea28

SHA256
8f4e580868ac5d3c57032318d99b112e35ee788793a5b018df79ee71e1d75fe3

SHA512
5b4c98b2bb54e138b0d0be0aeee6f092eb6c0ac317605bff431fa93217732330068b058335c96d8ab9ea56fa1ec2eb361cc18c9438d46f92b8e29cf060c2fac4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1bf6643bbeb0f90c974d1121048d1282

SHA1
6266556a210e3e3d382a9c5e1d1e6db1ccfbad95

SHA256
c5e8ba9ddf16f94c6b1d552662129bd8962fbb0dc31e326aa07a26cd2e0aa04e

SHA512
51cb758cc657254e0165ce63b6362aba83e4a45fc4954edbd156540896e15254425d11abd91e017703424bf8cdb986c27c807c5a4bf5a8fbd827c3850548d89b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c2801b87e821e4c88093e5c8019cd3f0

SHA1
a311550adec208b71149f337b891a663a75fab31

SHA256
a191f990e9bf56fedff2080e19d13426b930f331334b1a001d6d9a6446f05639

SHA512
6b3567b7e24b48ced3e613e38f0a07b41675268e291859b548ad007f61d163966f8c5fafb22d81614046555a4564058225a7a3ad06b2a54ac3639ae003945e8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
237991814e740b667f348978066326ce

SHA1
c0c6b741eef8746f4ea4b74afb6c008766155e64

SHA256
239bc4a19d9395e1b21db17b1788e3a84d87c322e1863ac4e33e5af5238e44f7

SHA512
c82a408352cd3ae0b863ed80e5329ab0b76bc7ddcd7ced850372ea5824a5f4e428fced71a85557f57fbef219eced9bc65bf7b6e7db4fe2bf3217b92426a417b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dc9cd9d0b1520b8b858625688afbc50a

SHA1
e06ede01af1d8e489a22550146b88d1514f6468e

SHA256
710da4715041845407bb94cdaf414770f1192bedbf425213a9a3c8007b101207

SHA512
07070cfd1e487c93edd6b2d5caccea2725865e9d86cb1d6d196635a78104027e0a7752a9880826940367af6c6282ec249741f0661b2fd4c6b3beae6b3c510df9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e65f1c1e1e0495c7b01b695521343604

SHA1
4542c91fa51879f0df717d794a4b903222892159

SHA256
cbed7ca7a78cf256407c31f99c2d151313e53749553818737502499d64dc2017

SHA512
ef252c6700bd0b77f16e055d030b768fc85dc2bc8d06e2cc532fce90586bbddc5590904eefc96997040ea35c1dddd53a018f9b5f2dd87cb8ab114da91e9533c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6980247e624c63f9bb7561b0daf9f8d0

SHA1
15cd589afc539bb26e5e64ee5dacdd9605ef7e37

SHA256
9cf4a107114464eea50915d435b61b75b857540b35ae85ff2377350f23093b23

SHA512
d2ae55afd245df572ce59ab38ef6535f6aeba5b9549031e5d6353465e18d8cd6f9efa41fc99b7a63acf3233056a8988da4670fb0ce84a887a9ff77d9c834bb73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
10cb2e231a9f4b73b35d35885eff508d

SHA1
23c07e1b66981db596a01f8a149efcaf1f597cdb

SHA256
6bab8d2d88f37a761eaa3bfed7338a0d7df3f1edadbccd4e5e87578f586024e7

SHA512
73cc655fd6414aaca79391f840e892a14d3bd2981df1707a4171a6a8f5e79e2d7fd56e361579dbba31c563ae72635c501fe6e7d5c1c647cf0a88166ab1049d22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e19f2cc492aa24a994685ecfbfc9615f

SHA1
66bac42b989f5dd567291ffe8c45d9279fad057e

SHA256
54c6afad59387e17403ed5f9810192a2e7be48be11ece8a079c60aa2b00e9d17

SHA512
ddd5a0fc4cbbb7d2322f2d04e1fea8bd78912f737386691c6ab3a86cba86e95ce77320f5fd9ad15da39d88124611e639e04a45a1418d55c65121a1b7452a5fd6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
61ab5cc65ecbfbf07589516e2a8ec3fd

SHA1
6cb90f7344bff251ded728e372279cb65c96a44f

SHA256
22aa58f1f32bd1e620f3cf7481022c2d3de7c778ed3d4da79acbff076ce7541a

SHA512
770ecd1f3babcc1593d83d77558dce903152452a9d1fcef7a7a6e17da6bcb7d82e82ff6dc1c5e57769bc2322ea7b177b8404723722d0b5fa616e8954de094db3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
4bff84455545c558594012f0951fe88c

SHA1
cd7780075ff5f2f98844c07bb637cbaf558e32b8

SHA256
29d741d1c2807855b068ee1f808b9d00894e975ab0e7fa4037a73ce5c3b7f28d

SHA512
5bb7bb129cc7618ff84ef81ef9942021c2af91ac340e888f460a4ce728c481211597148a7d6c3caa93c6651be7b38fa6756d64eac12f6d384c2b5f5e439ff346

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
e757bb93c8aefebf398c1e8f12715a5a

SHA1
b5ab626d292a034e79f92818b480d95f63ade579

SHA256
ec62d5aea540614aca416104dad5da0be3a031972b5d8b90408043e54a4690ff

SHA512
73746d67d69620d87e6820da7c899ffcc71a2f1d7c18da8630602db1cfd4dd87ca45550b5ba3c3a7162b78914bf2c8b29eb335c92b6eb62fab3354f262763930

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
245KB

MD5
e92b48d5b9d6a763afd0d41788671b4c

SHA1
fe906478a64969bdd417c7ec4bdc59197d75dcdf

SHA256
da159069191ed605b2c0e14a99d7a9d180d0ca8444a4ac77e8e911abdbc53686

SHA512
87c03e5f44c7acb9b81c55eb15ab863b260f5ff61f2fac9437de1907b9f3867ba25de41488a369ad2123272fa36f36fa005357c3d4a44f6d77b5b498155eef3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\cd799074-cd8d-4b03-83c2-0814115da261.tmp

Filesize
245KB

MD5
bfd5d07da56953cc7d4b28e207f3a780

SHA1
e522e352c9ef28fc72a6109c89a618b04d623bf4

SHA256
9c390e8b23f90ecf1a80c8f02f95bd1d1379f8a11991212dfe95c5429a713084

SHA512
68ef832a901c56b8be9c6524afa88f3ef51afb3f16cec1da8d450815363f8000e5cfc433a6f7f2b8b00d68a29a87faf9083955590da064ad867bb4fa75fa972c

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir656_1807452379\0745c0d1-10fe-4929-944b-c43f7d31f66c.tmp

Filesize
150KB

MD5
eae462c55eba847a1a8b58e58976b253

SHA1
4d7c9d59d6ae64eb852bd60b48c161125c820673

SHA256
ebcda644bcfbd0c9300227bafde696e8923ddb004b4ee619d7873e8a12eae2ad

SHA512
494481a98ab6c83b16b4e8d287d85ba66499501545da45458acc395da89955971cf2a14e83c2da041c79c580714b92b9409aa14017a16d0b80a7ff3d91bad2a3

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir656_1807452379\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit