hxxp://Blocky[.]games

Analysis

max time kernel
2700s
max time network
2675s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
28-06-2024 11:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://Blocky.games

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exechrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

Processes:

chrome.exechrome.exe

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133640476090147725"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

Processes:

chrome.exechrome.exechrome.exe

pid process

3812 chrome.exe
3812 chrome.exe
916 chrome.exe
916 chrome.exe
916 chrome.exe
916 chrome.exe
396 chrome.exe
396 chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

Processes:

chrome.exechrome.exe

pid	process
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exechrome.exe

description	pid	process
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	3812	chrome.exe
Token: SeCreatePagefilePrivilege	3812	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe

Suspicious use of FindShellTrayWindow 53 IoCs

Processes:

chrome.exechrome.exe

pid	process
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

Processes:

chrome.exechrome.exe

pid	process
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
3812	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3812 wrote to memory of 1984	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 1984	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4776	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4020	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 4020	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe
PID 3812 wrote to memory of 2588	3812	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://Blocky.games
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3812

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb9238ab58,0x7ffb9238ab68,0x7ffb9238ab78
2⤵
PID:1984

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1916,i,17049133920649031388,10728526745830874525,131072 /prefetch:2
2⤵
PID:4776

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1916,i,17049133920649031388,10728526745830874525,131072 /prefetch:8
2⤵
PID:4020

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2208 --field-trial-handle=1916,i,17049133920649031388,10728526745830874525,131072 /prefetch:8
2⤵
PID:2588

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1916,i,17049133920649031388,10728526745830874525,131072 /prefetch:1
2⤵
PID:3576

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2960 --field-trial-handle=1916,i,17049133920649031388,10728526745830874525,131072 /prefetch:1
2⤵
PID:2280

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1916,i,17049133920649031388,10728526745830874525,131072 /prefetch:8
2⤵
PID:1388

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4872 --field-trial-handle=1916,i,17049133920649031388,10728526745830874525,131072 /prefetch:8
2⤵
PID:4972

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5104 --field-trial-handle=1916,i,17049133920649031388,10728526745830874525,131072 /prefetch:1
2⤵
PID:368

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3272 --field-trial-handle=1916,i,17049133920649031388,10728526745830874525,131072 /prefetch:1
2⤵
PID:1860

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2080

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:916

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb9238ab58,0x7ffb9238ab68,0x7ffb9238ab78
2⤵
PID:3264

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:2
2⤵
PID:5104

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:8
2⤵
PID:2724

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2208 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:8
2⤵
PID:3268

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3140 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:3420

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3144 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:4736

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3988 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:5008

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:8
2⤵
PID:4460

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:8
2⤵
PID:2308

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level
2⤵
PID:3532

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x25c,0x260,0x264,0x230,0x268,0x7ff77663ae48,0x7ff77663ae58,0x7ff77663ae68
3⤵
PID:4660

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4996 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:4176

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4732 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:8
2⤵
PID:3536

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4548 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:8
2⤵
PID:2600

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:8
2⤵
PID:2848

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4508 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:4512

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4896 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:1012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1716 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:1920

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4488 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:2480

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4516 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:396

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3032 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:408

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=1300 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:3428

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4124 --field-trial-handle=1964,i,9251116762807648660,1241939153948226003,131072 /prefetch:1
2⤵
PID:3324

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:5000

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Google\Chrome\Application\SetupMetrics\20240628112733.pma
Filesize
488B

MD5
6d971ce11af4a6a93a4311841da1a178

SHA1
cbfdbc9b184f340cbad764abc4d8a31b9c250176

SHA256
338ddefb963d5042cae01de7b87ac40f4d78d1bfa2014ff774036f4bc7486783

SHA512
c58b59b9677f70a5bb5efd0ecbf59d2ac21cbc52e661980241d3be33663825e2a7a77adafbcec195e1d9d89d05b9ccb5e5be1a201f92cb1c1f54c258af16e29f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
Filesize
1024KB

MD5
d9a49a7d6d5ca840cf0f0e937007e278

SHA1
90197e483cc1bf8970cb6012997b1968f43d8e78

SHA256
183acf4a52e283da352ac2e3d51d43dbdd1534325f4585b6763a4ef38151b876

SHA512
142acbf150500db5f703b3e56c42895cb4374927f6e26adb02f090cf18e9797b8f4e34b7e621de6daf03093cc0a7df73cb4328525ac7a1a4f36e2b61dfde0642

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
Filesize
40B

MD5
757f9692a70d6d6f226ba652bbcffe53

SHA1
771e76fc92d2bf676b3c8e3459ab1a2a1257ff5b

SHA256
d0c09cff1833071e93cda9a4b8141a154dba5964db2c6d773ea98625860d13ad

SHA512
79580dd7eb264967e0f97d0676ba2fcf0c99943681cad40e657e8e246df1b956f6daeb4585c5913ca3a93fdfd768933730a9a97a9018efa33c829ab1dea7a150

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
Filesize
44KB

MD5
d3068989e317629409b241a0fc90b07f

SHA1
016edcd5eb1f31def69c484f7e7f7cf616d14a09

SHA256
ae590d1c25968b069ab88408ec4236d0d2fa28fb8567380f5fd698f654e69721

SHA512
58a061153a0d9910bc8f2238bd7486fd423ccdbcab6aa950477b5f5b1e714fae3a0a79a612e92662b3610641b1ce2bab8579f486fec1902f184ee7636d045cf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
Filesize
264KB

MD5
9d34b395465bd22bdcc80541820a9ddb

SHA1
aafdedb85ca9c10d74c4b1f0b8c115ea6ad9dbf4

SHA256
23fc1c41a6255ab68aa46548fde4fdc7e85c7fd99df47b5a03d765d27ba36f7e

SHA512
7c94c858f56b1c1820f286ff1d9d21f6c112bbe2f8bbed037c94ba4c7a5e1c4fc97273d9ffa60e290a9c2803d173dd2146f5e9e94a0bb2b9d11d81140e5bb0c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
Filesize
317B

MD5
01df2307f9f8a00557e55303c5687183

SHA1
e16e111c867a8c87d8e9a35f5c87591e009e9f8f

SHA256
331614cb76545d6d0b31c3d9ab5356312615635a54c271675d60577aebc244b5

SHA512
e43265f33f624859de63927d5070ca77fdb2883be00a3c22c6160b20f3810fe162eb2a5535e702fa0d2e1a697a069c2a5686d599c990ee86fbb53373b99ce14f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
Filesize
327B

MD5
8ee1bf0eeacf2db0fc45eb8c2b295050

SHA1
264517cfaced12239c4d27645e497edb1712a623

SHA256
2d3c9a16db2a5d67af5235ff41548957635c50b48cde24bbef55ad06e74a5e22

SHA512
79e94aeac24ad74646bb07206eea969a0c1c93ba9e5a18a27fe9a020af3dbc0545323b172509e662cc52d354a8841cbba13f749ff15f33f1403db0e0c08e4269

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
Filesize
329B

MD5
c31ae1bf676bd0be332912ccc38ac561

SHA1
f7092232e5f1dffe32aea6bc4fcab367088ad03a

SHA256
c2141ae7a1b3d7940447aaaf2b54f5ccbd35296356574f90a50f990f72536c51

SHA512
d6ed98b9c5b90c962646e169e3320230d48d7181fb277810321a90d7d01570a0ba71978a6a767d9380b18c2c4e8aeb8eb26eecea041a8095bef44168f31d5d28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
811B

MD5
d32dd4f0eab5fa5a0af1aa6ffe5c85b8

SHA1
85d10cfc7a1fe1b0a10e6e7c0ad29cdc7e60d8c2

SHA256
5d0292825bc2d95d6965353ec127284e8cda147487e0012878c398b95599b310

SHA512
b67fd8882ae1c2ce133d0fb79247b1deec15191b48f57e379afac80b0cf6e0c7a9aeb335d2871d85fc722691e8486751749792bc113418f376d155de1ab0ac22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
33016faf13f86d387ec34a27a3255f22

SHA1
720051d9df922519f950c171e69934fea51371b8

SHA256
42e65a678ad46940070fe33ef00fb417ceb66781e8043ebfbd362adf63395eb8

SHA512
bde2c5743cc388570aa1ccce7888d09de92ba647289d3d4730655751b7c498d079a6e207cd34f80723522ce45cd446d343b2e564c8d3254751dae374d30749a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
7f287bb128ea4722d031d434c7982f85

SHA1
72eac57826f9c1b23df76613e805f5d8f96df434

SHA256
7fa55ad6991554f3e3b6b0f3f557d8fecd2ce2f7d7809c4ef5a62b0ab3619a69

SHA512
b37b2961b1dc19347de87cb0649c5c93562323144e21e9c486041a42ac448b2fc44a85db3e62bca3500f13165adb4c515c8b46a1b3a03e1312fdffa1f141d8eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
0c89747b76abb9ceb8510d1d0bea2055

SHA1
38aff25f3010a1f167e41970d132acdcb8189fe7

SHA256
7a5eb9953bddbe072d5a31ad7a1cc487e929a62aed66fcf919fafa537c2f027e

SHA512
0a7d43936b842102851f56d34a0d20639b2a87121218268f5c468f8070ede6a8fb47a7cc141a23a2adba68e54762d4ab157c7822a544faf393ee00b31393e9f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
cc8264a51ed5f0e97ef7ee2a1ad64d00

SHA1
645022686670011877ae1b5d10e1fee81ce3f149

SHA256
ffe9e1f319b0fa49ee1b410e85183d82d0e67ca3da8ffa22b49377f91e069e04

SHA512
307bbc85e2eeb6c1bcffbe4187a0651fdf115c48a6f34efa4f71d8edb0d1b7fdf32b612eaec62a5c7c4be2634b2f8ebde4a4146d6ab7fc09cf0e0ab2902b0a1b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
Filesize
232B

MD5
8a30a1fdd0459d9ea8b1e78a8e636856

SHA1
9d7225e97f9cfcfb225cfbfd0b0bba21d4efdd20

SHA256
88fe1d31608930f2738d102d45c75dc77acdf01a1b69bfb7e7c0281575b75e33

SHA512
b529bce870cd8165bf82f3ebf94f07552467bd0993b9d35145182e54e26fb2ae8e7bb167d88267b632757e2146f27dfddf8867db0c66e5dcc306db12ec6b7bef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
Filesize
317B

MD5
c68da26532c1adcdab50bd20bdd07c28

SHA1
33584b26efdb4bded5f0ff2aeb966b9101ff6005

SHA256
702e628aa126749670cdbdd78db7303170e1d9a28ceb64f9d8b5ae8378ea142a

SHA512
9e610ee4bcd62c7f107961b49ba0459c2963bb6e821dae8fd092d49f7cd319110869868bcde4efa9c3a4592bd16a31066890f3ccaf38b127964a3a796d61a49f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13364047606337337
Filesize
1KB

MD5
e51aa394630fc5df6cb3c3d0a5ef13d0

SHA1
753e9883354120b2db1db89901ef859f8c208f32

SHA256
33c0623e097700700ba1fc4c1f4779261c2e8fd471dabb13ca95576aed168156

SHA512
28bd309edbb699ef3b58c083f2f83e4b656a9762bfcc780401276ef691165279e9cbff0d0c091c20cfa83fd1d7ae7ecafcb7264510755bb9725cdccf1b1df806

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13364047623837337
Filesize
793B

MD5
df808fdbdb5a8a170cefb58d93e3aa41

SHA1
03d5e099d3d595618b236023a3705d49a63db327

SHA256
9bb934d731c5d6c3a46b07cc35e6b10a1928c1dddb8e174b086be3ea61b41c2b

SHA512
56ec68f86bf827605542a9c74196114a9f5bb658c9833cadcea266e1bcee3fd98388d6e57326d76e9bda09416a31a37097e5f653a8d1b55f5150521a29f4a214

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log
Filesize
112B

MD5
120bb31d2a03014eb8b1c9c06dffd3f4

SHA1
183cac4865d239f469e29730d0d4310b207a5084

SHA256
67bb6fd4897d3600e90339fdc62c912d53ba15028daa32020f48aed3c795da41

SHA512
629c5757fc574dd19856af54f23fa18f230c870c8663a6407c7c72500cb4b886775a70e5af9cdef99c16a5807f7de728130e9eac0d2398a75ab4f65cf1dd39ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
Filesize
345B

MD5
9b862212c07e23151768abfc1450ea8a

SHA1
509a715f8d358511dd90cd57be9b528f4b59aef1

SHA256
8f0c86a5ac05967d4af1795fa2919a30870dbc57aa60ba5f7982a83ab5c3743b

SHA512
ea7fcb1636cbb222fc27ebff28658eb0c0f139fea2d9e4f4dae16e54ec5cf27417b4dd2956dae87da6401fef62bdb83f9bb47ed527b6df3bbdec6b8fcf347d3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
Filesize
15KB

MD5
ae9ae9c7af7e6967000575e8f56b7475

SHA1
78b6522808aae600e60d588b58351a60bb6cfbb0

SHA256
9d278560a112bfbf55b692e0129ff9dbd8622948789f7d24034d367badc00a3f

SHA512
a4775ff0b1fa57aed77daab16d95085d265ff7214a331908787d0bc675ff52aa3dc1a62cf01a040fcb3734d7e3da3d03fe7977c6fb8f2072188b8d4ee064ca0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
Filesize
321B

MD5
a87158109c19304b65748bf69ae3121c

SHA1
4a614889cd27eeab63c12c73b6faf809b8ed5be5

SHA256
52cb467dec46913810577c652c217030e53a0538d713fe3b059123fe9d261bd4

SHA512
a0cf12b01a7d9c382ce1c7c47999e09f8da4c8b81b43affffa7710b3218621a4d2fc23f81bd5bbbec7a32c04c14a1ea4d761cce5893385f8f8d47c3fae1cbc9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
Filesize
1KB

MD5
241ae591d35e70f603c4d39f2759d545

SHA1
c77f0a5464667778bde31f57e20ccd485c9b9968

SHA256
cef3d5002def0a2c503e5afdfd41c6f773cf7dc3eb094f67dd5160c261448969

SHA512
19970301e66fced8933a48457fd3d77e653a7a8841db3e3d3710176c7a74b1e254f9956c3a166bd420304c20661f53480f7daed5321f209c79f6798abb564a1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
Filesize
317B

MD5
ae0e01b88432115a6a4dda8de5d117fe

SHA1
9d57239a85aa845d2eb45590b7b2dc4b5bea934a

SHA256
b40d1027278ba3dcc1fcb57d37cef45acef144b386c24d58f279fc4e64276720

SHA512
d3e6999a4013e182589b844308f9ff13584e1948f099e0b0d59b1982ff9a24459f2d0320a104829bddfa2c0327fb5de9f913a46958bc23ebe604259b98088916

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
Filesize
889B

MD5
c31c4325b6b9099d3fa9c007ad3a16e2

SHA1
686046aae26ce5c5b75e807e48e11a8de74a73dc

SHA256
980856d398501a500254c358b46c06061d6f66f4f5e77ac049625d24500380b1

SHA512
d4c6eb6c29560e60052b1c24ece9a282b51a3374eca307ee3d6a824104b12fbc2f10d14f84a14830e13ed52252616320f2d10075da5d323a30a883ad4863f9fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
Filesize
335B

MD5
f1b61199782ea29705dc2bad27c657c0

SHA1
81dcb90537067e67c6abfe26361535b7e195374e

SHA256
e51e47a9dbea8403dcbf0fe41f91390139afe01d4d97923768dbe2f0074fafd8

SHA512
5c5e4d7cdc798a7244edba86214c6b4f317c572d828f72ae6fc99f13f2d97b7c6f7d9ae45e481d85c1463e2058adefedbb45c0181fb1bf8564a9feef8173c003

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0
Filesize
44KB

MD5
6ad1e0850514120ee13c950e53bc6320

SHA1
c96b34ed608148de0e52b63e1e593d16c685e83e

SHA256
2829c9796082efa901370080f4529ef35a73641fc84ab03620fbac9b0cbcd3d6

SHA512
93c49eeabe87bfed9c81c413d0af15b051ed8a43d57839187c0617064807e03ff5ac559e522da29bcd0f76e7ab928666295f7c7b9663d05842abc5eb081b39e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1
Filesize
264KB

MD5
28b32ab7b05fcbc67c51596e2073e4f4

SHA1
7c57d90967e12dcde6762c8b11b99bb32dee1c8a

SHA256
23e03d98beefdbda219599cd6fcba4f8c734cf289660b08b2936c6950ce7b76d

SHA512
0cea8b2feefad450c82271be6034d9101f1a8dfac4ca2eacc4b6c3470012a053dfcc134363e42ded686a7db3003aed735a4dbca0124c96b196572a43ec7b1ded

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3
Filesize
4.0MB

MD5
89f635db4b9cf604495a33b707bf1921

SHA1
661dafebefc944cc50225bae27ae1fe0b0cb1739

SHA256
5e289c538094ab8da4d2986959ae090b8ade5c6136a1ae286bc67aa35e682f04

SHA512
5bfc6b68c192326accf4145893952ec0ac24889fc1f0dc2c2e252628d8e7b67c4b2635d86faef24c3f8029e8ba9dd21a1c636ab5f09fe7c3ce1bc10d72acee5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser
Filesize
106B

MD5
de9ef0c5bcc012a3a1131988dee272d8

SHA1
fa9ccbdc969ac9e1474fce773234b28d50951cd8

SHA256
3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590

SHA512
cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
Filesize
14B

MD5
009b9a2ee7afbf6dd0b9617fc8f8ecba

SHA1
c97ed0652e731fc412e3b7bdfca2994b7cc206a7

SHA256
de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915

SHA512
6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
257KB

MD5
ac5564af625b1ab8723aa190237fe61b

SHA1
3cc64c698386480a829f8c830445c6cbd14dcbb6

SHA256
f9c76e6f7a3cd3ee73e86874f0b6c1d1da6c9ca79045eb6175e20abb0c0d61ef

SHA512
2d8a10882b5cd9e8163bd2c1d666ca41fd443febd255a25c31aa6e9acee6f004707a95cbb72cfe4033c916c14f9d228ddca0daaebd1db985949be818bec0bc13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
257KB

MD5
fcb28b845f744b81012c30ace01952c8

SHA1
19715370be5a0694bc9a727b199659ec91820322

SHA256
a51c47b806ff34442bfe0a41a0cc3bd276fc67b2c8b8813799d20d30afd2fcf8

SHA512
0fd51143f3b57d36240d15c80e1b2b5c72902d250c56cafb22c2327e57cc5118c0eb38d11a5fb8091766b3889f6acc8b6d8d0bc21f7f1da909647e321d38f4ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
257KB

MD5
137c60e8b57f4d8f75905c7f49b6b19a

SHA1
b0eb76bc1df204aeeaac6d49186203c83700cd08

SHA256
685b71b2f9e08e034452fb01bad90b7319f7b65c14d8cbba98704915dc1b8b3d

SHA512
673e4ea9c92560ebd103ebb1cb215a06b51fe66138ce0801285083fa6f155e8df18cb14f0bf93967bc95dd9c52a0dafd3dae4356c4a5be2480fe5579dcd82f71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
257KB

MD5
a5046034390bcad344b5d6ed1c2d2ab0

SHA1
6417b8edea893223fcc7302d9e84e196dd03c78f

SHA256
b8bd172d55a77e9bec656da68f4b1a958f82aaa63cc701bf6d4aa920adbd17a9

SHA512
abb3622e8d20ef773d2a498ceb79941ad601f3c0964743c3d022644e5a47d80de3623ea5ff5197ad82c27c46172e46113b7ef855507b19e0547767220e448d17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
257KB

MD5
e773482718dbad70c3b57c77296f6f11

SHA1
639e352c3ceab1031dfbdfaf731de2ab6ca83cff

SHA256
f849aec9b2bafea7dd6a628220ef1089d1242eee3e5630fc215b72b6d68bd1e2

SHA512
96a75cdc086c96ab2960281309f029823e71ae94bd0bbc38c1e91a68a9fb7eba21a085ccb5bd7cc60b944326f249a238e54d7e035f930557378e91af3b7e60f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
91KB

MD5
c5cf9745ba18c3d9656c0410b9bbffa0

SHA1
a07dcbf981ce4d4a96ddde1a02d4def81169d513

SHA256
643a08fccdb52e1600d45c291d5015207971ea2d4388929a36270bdaf0d686c7

SHA512
82417e99843394da89e86c09ef31d87c58aba52073485c3ed52b9e4cf62601da4e809ea5d580ee6bd5979f465455c21ede0ab80d730aa93954901ff0a38f87ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
94KB

MD5
f3d711efda124b9e843bb21d937b785a

SHA1
c36384f8dd0e825d5e42e33670953ff61cbec16c

SHA256
09a52bc4eff3e77428229db8069708b6940b3c11ccb3b0d82a7477a08119b378

SHA512
9445589a39805a48c879773bed3690f468f929d705936bc687edaa29757959fccb1b900bbe38cc2f54671dd619d5aa30dd4cb06ad034b6d266ec49a3d3bac5c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
88KB

MD5
32fc4351a3423d4aaef4f32ec4590357

SHA1
4479e680a295216e599700e04d9164c1948a4ac5

SHA256
8c56073ced380fe4c183b864c7a6fba705242a9ff6bfcd2e851e998134f29e42

SHA512
0cba27a36503b79c1a09749f7522d0c2e51f3af9bfa52f5643ec64dcc913d9d12ffb7c89c4b338497f3797e235e2ac1ff89a0616277d1e83f024410ada23eea8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
Filesize
4B

MD5
0549ab451fc6006d559eef1f1e45b654

SHA1
e18b0d666289011e448522121279c1ccc4c2ed96

SHA256
752d107aa1486813353020045296e11b2e5fadfba21653ad7912d9087c460716

SHA512
a6497e744bdf6bf01acba85e6d270204dca40c4bf75f05009f051c2b89897d2fcf402b20e8d2029ee746a411ea64a126f0d2f86475fc25c24981d1d03a2a39fe

Download Submit
\??\pipe\crashpad_3812_CVVAKAWJDXRBDOIP
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit