lumma | 16fcbcc1418657e83e30f6c4d8e9c9925b11444feb8bbf6648eb4913cd03d60e

Analysis

max time kernel
134s
max time network
136s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
28-06-2024 12:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NewSetup.exe
Size

4.1MB
MD5

54b924d299ee549a0d7e8ee515a7acac
SHA1

4ac7584339fea57e62bbbd5f1d48a3307ef5760c
SHA256

16fcbcc1418657e83e30f6c4d8e9c9925b11444feb8bbf6648eb4913cd03d60e
SHA512

bc6c163c06ccef5efeb8299fe187ff2bac87664d293cf33e8c9ced5f54cfe33e088e8918b6ad49825cfc09cb8e6956341b454425b18b2b64e137c8534e6be310
SSDEEP

98304:yFYjfvTXyCfwakE4HCsdv9q5bFleVZm3U:yFYTLXyCfHkE4VvMD4VD

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

https://harmfullyelobardek.shop/api

Signatures

Lumma Stealer
An infostealer written in C++ first seen in August 2022.
stealer lumma
Suspicious use of SetThreadContext 1 IoCs

Processes:

NewSetup.exe

description pid process target process

PID 1580 set thread context of 4704 1580 NewSetup.exe NewSetup.exe

description	pid	process	target process
PID 1580 set thread context of 4704	1580	NewSetup.exe	NewSetup.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133640517590245721"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid process

2196 chrome.exe
2196 chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

Processes:

chrome.exe

pid	process
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

NewSetup.exeAUDIODG.EXEchrome.exe

description	pid	process
Token: SeDebugPrivilege	1580	NewSetup.exe
Token: 33	1492	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1492	AUDIODG.EXE
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe
Token: SeCreatePagefilePrivilege	2196	chrome.exe
Token: SeShutdownPrivilege	2196	chrome.exe

Suspicious use of FindShellTrayWindow 60 IoCs

Processes:

chrome.exe

pid	process
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe

Suspicious use of SendNotifyMessage 56 IoCs

Processes:

chrome.exe

pid	process
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe
2196	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

NewSetup.exechrome.exe

description	pid	process	target process
PID 1580 wrote to memory of 4704	1580	NewSetup.exe	NewSetup.exe
PID 1580 wrote to memory of 4704	1580	NewSetup.exe	NewSetup.exe
PID 1580 wrote to memory of 4704	1580	NewSetup.exe	NewSetup.exe
PID 1580 wrote to memory of 4704	1580	NewSetup.exe	NewSetup.exe
PID 1580 wrote to memory of 4704	1580	NewSetup.exe	NewSetup.exe
PID 1580 wrote to memory of 4704	1580	NewSetup.exe	NewSetup.exe
PID 1580 wrote to memory of 4704	1580	NewSetup.exe	NewSetup.exe
PID 1580 wrote to memory of 4704	1580	NewSetup.exe	NewSetup.exe
PID 1580 wrote to memory of 4704	1580	NewSetup.exe	NewSetup.exe
PID 2196 wrote to memory of 576	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 576	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4692	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4784	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 4784	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe
PID 2196 wrote to memory of 1508	2196	chrome.exe	chrome.exe

C:\Users\Admin\AppData\Local\Temp\NewSetup.exe
"C:\Users\Admin\AppData\Local\Temp\NewSetup.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1580

C:\Users\Admin\AppData\Local\Temp\NewSetup.exe
"C:\Users\Admin\AppData\Local\Temp\NewSetup.exe"
2⤵
PID:4704

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5104

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\ConvertToMove.bat" "
1⤵
PID:3512

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3fc
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1492

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\ConvertToMove.bat" "
1⤵
PID:768

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\ConvertToMove.bat" "
1⤵
PID:860

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\ConvertToMove.bat" C:\Users\Admin\Desktop\NewHide.avi"
1⤵
PID:1480

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2196

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffdb6899758,0x7ffdb6899768,0x7ffdb6899778
2⤵
PID:576

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1528 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:2
2⤵
PID:4692

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1832 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:4784

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2064 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:1508

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2928 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:2524

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2936 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:4256

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4472 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:5060

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4476 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:3712

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4748 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:2576

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4940 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:2320

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:1792

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4740 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:4220

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
2⤵
PID:5004

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x250,0x254,0x258,0x22c,0x25c,0x7ff7ec427688,0x7ff7ec427698,0x7ff7ec4276a8
3⤵
PID:4056

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4980 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:4580

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3108 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:4724

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5168 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:3992

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3120 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:4396

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5484 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:4700

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2924 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:1292

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5544 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:4364

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5600 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:644

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5748 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:640

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4752 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:2540

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=2960 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:2500

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5648 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:3704

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=1672 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:4964

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=2924 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:1
2⤵
PID:2932

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3156 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:3204

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6104 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:864

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3004 --field-trial-handle=1772,i,8792968099179157753,9990179190221282928,131072 /prefetch:8
2⤵
PID:4580

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5052

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003
Filesize
41KB

MD5
cfd2fdfedddc08d2932df2d665e36745

SHA1
b3ddd2ea3ff672a4f0babe49ed656b33800e79d0

SHA256
576cff014b4dea0ff3a0c7a4044503b758bceb6a30c2678a1177446f456a4536

SHA512
394c2f25b002b77fd5c12a4872fd669a0ef10c663b2803eb66e2cdaee48ca386e1f76fe552200535c30b05b7f21091a472a50271cd9620131dfb2317276dbe6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
Filesize
27KB

MD5
75f1d5724eddb6c481e2e87727c0a19d

SHA1
3cfe079018e25b2646f23e0744bc5af2114ee256

SHA256
751f9ea75e28033193df30031bf3d33e0553e1644ccbaecb26fe7d3bda21b78c

SHA512
a52fade9a438e7896f12afb5b8cccf05ab2cdd71dcc8683ba80001e74800d0c6a6d446d162e75eff573ccfc7106c1beb6f91bdd41753b81a6f5b7510c7c36b4a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
Filesize
64KB

MD5
f4c391b9fc7da1437dd6ab8259af2e20

SHA1
d2d6b5b67f425cc7d609b789e085ae7f3f7c6f5e

SHA256
5ad10d3de9418f73d688615ca81888af65be8c569102a3e39361a3c80d158866

SHA512
84160d8a18ed159eec6741ca516197f9dca1522ae5cb6e30028f0dedfb911224f5ff679745b17899a7124a9d54a4a175f085f7449787b713221787793f2fe0e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
Filesize
80KB

MD5
4340099ae2a2022796660c525964cdd8

SHA1
32fdaf53a24c5114d976ac9df93a10eb754885a3

SHA256
768d151f85201211c1082ce7c0495083bcefa3ce611564255396b9a1d42ba950

SHA512
a74cee21d0efc6c7d1fce35c2a348310daa519f975fd0dc9eb3ec9d9da4e7f452e12d454ede69a1e6e352ecf355a80273e9cac1a09c2d5e5c21846a4659a1cec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e
Filesize
99KB

MD5
3b5e5ff249fe431e4dd11bd655f27951

SHA1
51b38ea77cbcca29394a9fc3a0db1a85b62f7256

SHA256
01e6c4af7c374604f2ecb192a7975bdc8b1f27851eac1649e7ad9e153f84d8c7

SHA512
4ca46fe5e39a801913e5b5eaa5f2f47e8b79232f5dfd2d17c7fa736941fd6b415847bc3eb9a2b8668c895570882d2b122f415602303b28af9775bc1b0c32b5fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
Filesize
29KB

MD5
f85e85276ba5f87111add53684ec3fcb

SHA1
ecaf9aa3c5dd50eca0b83f1fb9effad801336441

SHA256
4b0beec41cb9785652a4a3172a4badbdaa200b5e0b17a7bcc81af25afd9b2432

SHA512
1915a2d4218ee2dbb73c490b1acac722a35f7864b7d488a791c96a16889cd86eee965174b59498295b3491a9783facce5660d719133e9c5fb3b96df47dde7a53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030
Filesize
16KB

MD5
48c80c7c28b5b00a8b4ff94a22b72fe3

SHA1
d57303c2ad2fd5cedc5cb20f264a6965a7819cee

SHA256
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

SHA512
c7381e462c72900fdbb82b5c365080efa009287273eb5109ef25c8d0a5df33dd07664fd1aed6eb0d132fa6a3cb6a3ff6b784bffeeca9a2313b1e6eb6e32ab658

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000056
Filesize
88KB

MD5
a12add35e68b642a1e79badf5711dd10

SHA1
e1a275058cfdc9e379157396f6d4909c5ec3c61d

SHA256
fe6bd73748b162f71eb99521733022101b90fb3e4814863b19ce892837856966

SHA512
39858d1d2de6e844ce4db37348ee51655645d518c31e4933746ecb7bc5f292c4c9279d73936755386b3c10b97145da5df8bea3c93f750b6fa38088b558ca7fe0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
ecf4f00c56bf8dc301138662576f37f1

SHA1
1409f8dc8e53f1a0c45a56522c3d72674f0f2ecf

SHA256
7d5f3839eaed975f3cdb06f9ccf9269914056643f2db084fc49f519ac1766dca

SHA512
ccd63a97507b9614c55fd3949261bf0a0fbcb3b548a3a9e201794e4bb539824c3f359d747f200ab3a26482a36a18156dd65bde8c78ddd1102ab57744a73e4d00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
Filesize
264KB

MD5
d14de70b8608148f52a1fa698d0bf188

SHA1
954eb28d722e4f8d7c70436be718508d2e10bf42

SHA256
9342c008893222c528ec3910a8895a3c370eec726fa2950687de7a2c70e2572f

SHA512
2f62c810c32ec788270d21765b5c47807ba4370f7c6060d545e4e7fd2cf17d9adeff05648bcdd8a89f97b148cd1c5ddb182c799945f44cb1e711b5e59e2ae563

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
4KB

MD5
fddbcbec3b9f7bfbe4d6cf6f495d55c6

SHA1
956e7b49ec9e5302b8049dab6b4b9d4ef3ea81a6

SHA256
6c85ff6a1999f7601110284b265cb3388c4a68d638b0aebbb2d94b2e9dd58366

SHA512
d5dc06ef2e466ca60a88339278ad64e6a6d47f12dde312888c61f9c02fde190a3b82132c4b0a6febf24e31f9f451ee57a2171e9f08885e5ce2750945b2212a4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
5KB

MD5
d82495a3b5da6eed5179ef5161a4a06d

SHA1
cf76615a1478cc7610d8ad4704dbd4d8cd7e4d39

SHA256
1f9cf24333b73a76749d88caaf1ff4c357fda0ceb32a7e17addae10e29a3d678

SHA512
41afb8a0d4b82be82641c2f5edca170bd531f741653382dde3bf13fd5910e229f9fa760f66ade9cc63c185b00af2f3377ac892077f9f0f01b2364898c8e51bd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
b4358abb25813a82b5800d6615410d1e

SHA1
5b32f43db690e281b705373e31e9e5e1bae8a0a7

SHA256
11e6e57619416226fb8e0c778f8efd308ec9b7f00d9ec33cb2ae252f8d0fe1c6

SHA512
5ddbdc223434b8789865e4095875f33992a0983f6628b8de42bfc5cd0e278462cff0afeb7fdd12fe4edc72e5c5cdd8a93e79dc2ec4d668cc30e1523480ef18ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
369B

MD5
50fdbe625c1406a747f2f1bdc5381e29

SHA1
84afb6f59f98b36ffea05e1a4f8c5b0044bcf5f2

SHA256
1e91f3cb9f1633259ddd74c9509401e608d4b1a380e367e38625b0936061a8ad

SHA512
c6e793199a7c499c5161e214f84699c1d4ca16fc9978f3b8980f0716f9c4d13ba6a89734be529ac5278940739e74a431dcc3ff7d44280d5f71e65fb35f665169

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
a03bbedf1e7db2738f6a601cab723c21

SHA1
3b7aaa1ddb2ec68482c124c714cadb0e3bb1d877

SHA256
fe311968b3656d9a125296ef32d1b45a9079777f6d5233d1a929936c48d21af4

SHA512
86ce5e34754ae31b2d2698f6a97a970a53cc6d3c88180536e76fd9b731c425688e98badabe8aeb2ddf6228dae583d1f2c24e9d5831d076187652acaa7f493dcc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
ffa901cc19a61eb0fa325bb5edf831d4

SHA1
9dd729fb4ae0aaa86d8237a04c8ababc37b4675c

SHA256
e702d0bf7f6061d354d907ab14b9937f829f84c28d15ba23342e6a5c11988c22

SHA512
d8fb5604da2facb95471996a2240d248a12d3138ecef001fb105d4b5d1fe5ed78375e5bb0d1e7ebcf1a39778b28ebd0661c777198fb020de8b5c8f42f00816eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
8c842ebfc0684a5623b32e315dfd1970

SHA1
6d40f9ad54ebdced424bd7f5e0951a092e154b16

SHA256
726cbc689cc041e99d3d0cdb21ff70219894f5f86944cc4710f90e51011c52ef

SHA512
36d73fcfd0fdcd2d72d116a0a90336850cfaacd7e04716b5e82d28b1cc1d7a182c02579d707352fce0cc6998099191781490f0a6e3bb1a4ce39d2aaf8e4e1536

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
e048a69e8efa2cc42c9d654dada5ed7c

SHA1
583b9cb337d7b79b4618f7be871a22fd06914202

SHA256
aa273163109309501a36feed32e7571da203ae70d6176da3c0a9b7453aaea68e

SHA512
737c1cda3c5184b30dec32771e56ec9f63221c53f491d83fa1d43db7d23bdc984d50bd79cbe9698f51365d28e76756b9487734d95f8e211f72994dbd2e82dbf3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
4c2803ff358f12cbebed1a917bfafac4

SHA1
3fc19eca649aab3a2b03b7b63ae9677b83a91a04

SHA256
5318a7c178decf44d0e1f5a3aba3e14cc90ce5946d19e25a3a0b860857049039

SHA512
bf66075d027e27a96a6b8e2181a3030a7c922d2a1a15194b00b76ac74de38ecc07a090d0b3077699f0dc0e2c5170325981e1f42cca4f46855f8b44935c09bc74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
88cd1ccc5430341aa07bc5c2b95315e0

SHA1
2c1c939107658906359e7ba64c085dcc3177ecf6

SHA256
1281a7dfe4aaaa174ed5a8e82f141db91a9f581b0673eb7d200c47a3fdbc6cf2

SHA512
69c81de8fef481b2629ef16d3fff4cefaa34475c69ffae6d0fbb962e52b886c9b9caad737dbd8a79dbcfbb527fe89955ff4bebaefda790bf0f264fb01f3e3f80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
dcd681a2ec0dbe11cdf9e134fbcca9e3

SHA1
bf72ce90d809eb9a7d9384e209c19adc8bc34ada

SHA256
11f93047da24110f6f18e3da7fd695d8f1936226c57a577b7df8ee2a0dd10ef2

SHA512
5203bb30f73511412713cdfb7f383475cd9dc9a443cfe19595e56c49303692cd57b8f11749cae1eadcbbc21ee9bec0df576a07d6acf76ec0ec1256428cd9b283

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
d273e1f46fda65aa904cb0a045911ae9

SHA1
e3bbcc921808f2d4cc78e8634ec43cc484a9eef8

SHA256
3f537df8e692a370ba35f72d98f4ecca9bbd009c6a29d638a52942e6c6b84e32

SHA512
f87b7afa4456f5cd2c3981ca1854361f00ed28316ad3cba7ee2068799facbf2e8db602d2fd3249ffd60e39055a4567ec22d1e6f2e672db7ea900152b4435e47e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
8fe5520bbf2aee3831be2e45833e41b2

SHA1
cce49e49efcde27f704583eeb1d8c9959a152d28

SHA256
085a60fcc750609c088ae58841a6c1752be13e8cc7f184cf959ce9e41bdfad0c

SHA512
01d8a1a03b452c69c55442db1a58a48ecd277573b644299a39584601cb319611d1972865de534636bf6f2dc4451dda7d8784292b26a6ca31e2e62a1d328ac755

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Filesize
12KB

MD5
159c954d79281e3f6000a771abb9c9f0

SHA1
1dd843d18a6f94033ecb83c56bcbee2c1c96abac

SHA256
a52cf73c705f7ee0821be6efd98bcc8d730d7c2ee20321a18705697c7732bda8

SHA512
99f2b8669e1bc8cada9be82176f6bb64e7ed29a1d4c0b4b02c737f4a23ebb4567f11da9944b36f9e08491652dd3ea0f0f1bfd9f2586720e62f45eb8c5ededd26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize
96B

MD5
dfe765b8b3359ab24fcc2aad3117538b

SHA1
12c03bcc49b212e1eb2af5a4850213eb42b47694

SHA256
8438f8a1859e37ad42e1c3fdf133f1e100d342de6c904a0e7c2183cea762cc36

SHA512
ca8f069af45384a3c8c79dcd4352bb3141dd7efa4fd414dcabbddb57058cad335bd2ad54e610af8c71e5baaf5eafd0fa19d4d383e26839bc5be703806927f730

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe587d97.TMP
Filesize
48B

MD5
6da9e62cee10b11ad24f6a334536d8c8

SHA1
921ad3c1e950efa56e09916fa83b7f4ecc1c63a2

SHA256
a48f3be0de2bbd4234eb8338b66380ddb9cc024aa6a6473987c5a93f4371a770

SHA512
8d9941b713d705a6b5a4d0a5c8fbf81f133d11448dbc57dbebde9673a2fb389312000ec579b543fc58d5ff9100306c31c3f0b15d74869983fc0c78ea4bb4b557

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
289KB

MD5
f03930607191d98d3d09ffbd97e342e7

SHA1
8aae9e3f8ca7063dc8f4051e9093b4f91969caf7

SHA256
cb2d0c88339591b3b73fd15c8da00c2ea92661d624ddcdee5edb798d1446e8ac

SHA512
50c82ed2dbd6d89cfc3a7cd3a7478423604016d1dfd674ca291a9f5e13fe661047bda57ee8c9d6902e421987876042f1c73f63141b4086453ce5064ecf15e74f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
289KB

MD5
9ddabfd7f1e616fb5117be183c174876

SHA1
774244bf06600bc9b04e88420667da78c77722ba

SHA256
7007cd99ebffa7094881c36cb0c3e76738530b88093e09695da1f5a44b5fa459

SHA512
1d7f6a71f78503e49a6cd14222007b71ec23cc55c274ebc1be432b08b31bf0c4f46572bf1ad738e4fe3ccab930bafd63804b85a848beae307ae25bae1ad1862b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
289KB

MD5
00d258857988b0359ab00170fd8632c9

SHA1
9cfb893698a2b557994d45ec5e0e0dbaa4844924

SHA256
7d6cae9547a69885b2ee83b48d4985766b80d3c4ba1d284f7ebbf79943332e01

SHA512
b44303b4592d734e338d72603d4b554110d2a919a51c12d8072cdc62c1435da290aca31a4ab33987f70b00ccbfccbdfeb386a612f982c7d8441a0ec2aa0d63a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
99KB

MD5
e04540e82eca12ddf136c0952ed8dd2a

SHA1
8a1f449add3ef8c705a9b5b59feaddc954d76272

SHA256
bc7473b97400b0c9008a2d9e55050e9fca9c1fa5917b5c3334e1e94051287073

SHA512
ac45f82c0d091bff73148acf73742514d14bfe43549f1de5aa9a9ce7d8a928cc4e22519c3b88d21ec89e89f3572b3dc0663988a8f72dc002bb472b08c7b9cffc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58b810.TMP
Filesize
93KB

MD5
68dca56430b1c57309a9ddc00face836

SHA1
a10412531a8131c694ce25494df43aa7b2d5c77a

SHA256
b0bc6f88d926d65a3d7810bc1cb2363898917b6aa7d0d7749b9483c865537bb7

SHA512
1820f62b85970decdc5f3b3abdd328853ac87755dfcf50a33478389b5e4c65f7b71b11eb0295418e1f26181f9d5693c12f567ffbfb55238e76d0062a3a927aad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_2196_XJTJLUSJXHHGBEWO
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/1580-48-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-42-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-28-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-26-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-8-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-18-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-7-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-1-0x00000000001C0000-0x00000000005DA000-memory.dmp

Filesize
4.1MB

Download
memory/1580-73-0x00000000731E0000-0x00000000738CE000-memory.dmp

Filesize
6.9MB

Download
memory/1580-50-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-12-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-14-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-20-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-22-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-24-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-30-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-32-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-34-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-37-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-38-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-40-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-10-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-44-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-46-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-0-0x00000000731EE000-0x00000000731EF000-memory.dmp

Filesize
4KB

Download
memory/1580-52-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-54-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-56-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-58-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-60-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-62-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-67-0x00000000731E0000-0x00000000738CE000-memory.dmp

Filesize
6.9MB

Download
memory/1580-2-0x0000000004F20000-0x0000000004FBC000-memory.dmp

Filesize
624KB

Download
memory/1580-3-0x00000000731E0000-0x00000000738CE000-memory.dmp

Filesize
6.9MB

Download
memory/1580-64-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-66-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-16-0x0000000002AC0000-0x0000000002AD5000-memory.dmp

Filesize
84KB

Download
memory/1580-6-0x0000000002AC0000-0x0000000002ADC000-memory.dmp

Filesize
112KB

Download
memory/1580-5-0x0000000005740000-0x0000000005C3E000-memory.dmp

Filesize
5.0MB

Download
memory/1580-4-0x0000000005070000-0x00000000051F0000-memory.dmp

Filesize
1.5MB

Download
memory/4704-68-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/4704-70-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/4704-72-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download