Browser Forensics - Cryptominer

How many browser-profiles are present in Google Chrome? (1 points)

What is the name of the browser theme installed on Google Chrome?

# C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences
$ cat Preferences | jq
    "theme": {
      "id": "iiihlpikmpijdopbaegjibndhpgjmjfe",
      "pack": "C:\\Users\\IEUser\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\iiihlpikmpijdopbaegjibndhpgjmjfe\\1.6_0"
    },

# C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiihlpikmpijdopbaegjibndhpgjmjfe\1.6_0\manifest.json
$ cat manifest.json 
{
   "app": {
      "launch": {
         "web_url": "http://atavi.com/browser-themes/?from=chrome-themes&tid=earth_in_space"
      },
      "urls": [ "http://atavi.com/browser-themes/" ]
   },
   "default_locale": "ru",

# google it http://atavi.com/browser-themes/?from=chrome-themes&tid=earth_in_space
earth in space

Identify the Extension ID and Extension Name of the cryptominer (2 points)

# C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egnfmleidkolminhjlkaomjefheafbbb\3_0\manifest.json
egnfmleidkolminhjlkaomjefheafbbb, DFP Cryptocurrency Miner

What is the description text of this extension? (1 points)

# C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egnfmleidkolminhjlkaomjefheafbbb\3_0\manifest.json
Allows staff members to mine cryptocurrency in the background of their web browser

What is the name of the specific javascript web miner used in the browser extension? (1 points)

cryptoloot

How many hashes is the crypto miner calculating per second? (2 points)

What is the public key associated with this mining activity? (1 points)

b23efb4650150d5bc5b2de6f05267272cada06d985a0

What is the URL of the official Twitter page of the javascript web miner? (1 points)

twitter.com/cryptolootminer

PreviousChallenges NextMelissa

Last updated 4 years ago