Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

26/03/2023, 15:20 UTC

230326-sq9zysha28 3

26/03/2023, 15:09 UTC

230326-sjr6kaah31 3

Analysis

  • max time kernel
    37s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    26/03/2023, 15:20 UTC

General

  • Target

    up_8_2.ahk

  • Size

    442B

  • MD5

    42582911b78451b468ecbceac5546770

  • SHA1

    5b4301d65006e68896a8d621287fe88505498bf2

  • SHA256

    e8a4adfbc1a9f80c4a713696262b55f0ae8c491e22487d5cba3eb72c520283bb

  • SHA512

    ebd84ae7e7cdf7206edd8aec99468475ab96302cdc5d2a26ecb797c016da0db98abc22574ca1134ae7584cb612b5777668328ef4498a66d24079a86beb23c385

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 34 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\up_8_2.ahk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\up_8_2.ahk
      2⤵
      • Modifies registry class
      PID:1916
  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe"
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:688
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef72c9758,0x7fef72c9768,0x7fef72c9778
      2⤵
        PID:1676
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1212 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:2
        2⤵
          PID:1116
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1524 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:8
          2⤵
            PID:1444
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1632 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:8
            2⤵
              PID:1320
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2300 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:1
              2⤵
                PID:1680
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2360 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:1
                2⤵
                  PID:1592
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1372 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:2
                  2⤵
                    PID:2096
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2252 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:1
                    2⤵
                      PID:2196
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3944 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:8
                      2⤵
                        PID:2224
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4052 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:8
                        2⤵
                          PID:2264
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4144 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:1
                          2⤵
                            PID:2420
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4432 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:1
                            2⤵
                              PID:2772
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4552 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:1
                              2⤵
                                PID:2936
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4280 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:1
                                2⤵
                                  PID:2280
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4244 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:1
                                  2⤵
                                    PID:2608
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4424 --field-trial-handle=1296,i,7793896627967020173,8102593997347960356,131072 /prefetch:1
                                    2⤵
                                      PID:2256
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef72c9758,0x7fef72c9768,0x7fef72c9778
                                    1⤵
                                      PID:1932
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                      1⤵
                                        PID:1404
                                      • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                        "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                        1⤵
                                          PID:1292
                                        • C:\Windows\explorer.exe
                                          "C:\Windows\explorer.exe"
                                          1⤵
                                            PID:2740
                                          • C:\Windows\system32\AUDIODG.EXE
                                            C:\Windows\system32\AUDIODG.EXE 0x1c8
                                            1⤵
                                              PID:2880

                                            Network

                                            • flag-us
                                              DNS
                                              apis.google.com
                                              chrome.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              apis.google.com
                                              IN A
                                              Response
                                              apis.google.com
                                              IN CNAME
                                              plus.l.google.com
                                              plus.l.google.com
                                              IN A
                                              142.250.200.14
                                            • flag-gb
                                              GET
                                              https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/cb=gapi.loaded_0
                                              chrome.exe
                                              Remote address:
                                              142.250.200.14:443
                                              Request
                                              GET /_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/cb=gapi.loaded_0 HTTP/2.0
                                              host: apis.google.com
                                              sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              sec-ch-ua-platform: "Windows"
                                              accept: */*
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: script
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-us
                                              DNS
                                              www.autohotkey.com
                                              chrome.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              www.autohotkey.com
                                              IN A
                                              Response
                                              www.autohotkey.com
                                              IN A
                                              104.21.91.132
                                              www.autohotkey.com
                                              IN A
                                              172.67.219.207
                                            • flag-us
                                              GET
                                              https://www.autohotkey.com/
                                              chrome.exe
                                              Remote address:
                                              104.21.91.132:443
                                              Request
                                              GET / HTTP/2.0
                                              host: www.autohotkey.com
                                              sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                              sec-ch-ua-mobile: ?0
                                              sec-ch-ua-platform: "Windows"
                                              upgrade-insecure-requests: 1
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: navigate
                                              sec-fetch-user: ?1
                                              sec-fetch-dest: document
                                              referer: https://www.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                              Response
                                              HTTP/2.0 403
                                              date: Sun, 26 Mar 2023 15:21:44 GMT
                                              content-type: text/html; charset=UTF-8
                                              cross-origin-embedder-policy: require-corp
                                              cross-origin-opener-policy: same-origin
                                              cross-origin-resource-policy: same-origin
                                              permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                                              referrer-policy: same-origin
                                              x-frame-options: SAMEORIGIN
                                              cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                              expires: Thu, 01 Jan 1970 00:00:01 GMT
                                              report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKDOCkbdQNfysG9Dmvt8kqTlRlhj5AqtDrjvbqYjGvBFl32uzDYQmSik4%2BRPVzdwjzn%2BKxBNe8teZiuuxYwzbmersWMYC8OWNl213faL7sh2lgQFgE%2BlhDIC5VahRyAcnpbkNbM%3D"}],"group":"cf-nel","max_age":604800}
                                              nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                              vary: Accept-Encoding
                                              server: cloudflare
                                              cf-ray: 7ae06293ce1b0df5-AMS
                                              content-encoding: gzip
                                              alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                                            • flag-us
                                              GET
                                              https://www.autohotkey.com/cdn-cgi/styles/challenges.css
                                              chrome.exe
                                              Remote address:
                                              104.21.91.132:443
                                              Request
                                              GET /cdn-cgi/styles/challenges.css HTTP/2.0
                                              host: www.autohotkey.com
                                              sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              sec-ch-ua-platform: "Windows"
                                              accept: text/css,*/*;q=0.1
                                              sec-fetch-site: same-origin
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: style
                                              referer: https://www.autohotkey.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                              Response
                                              HTTP/2.0 200
                                              date: Sun, 26 Mar 2023 15:21:44 GMT
                                              content-type: text/css
                                              last-modified: Tue, 21 Mar 2023 12:30:57 GMT
                                              etag: W/"6419a381-19c8"
                                              server: cloudflare
                                              cf-ray: 7ae06296ba910df5-AMS
                                              x-frame-options: DENY
                                              x-content-type-options: nosniff
                                              vary: Accept-Encoding
                                              expires: Sun, 26 Mar 2023 17:21:44 GMT
                                              cache-control: max-age=7200
                                              cache-control: public
                                              content-encoding: gzip
                                            • flag-us
                                              DNS
                                              apps.identrust.com
                                              chrome.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              apps.identrust.com
                                              IN A
                                              Response
                                              apps.identrust.com
                                              IN CNAME
                                              identrust.edgesuite.net
                                              identrust.edgesuite.net
                                              IN CNAME
                                              a1952.dscq.akamai.net
                                              a1952.dscq.akamai.net
                                              IN A
                                              88.221.25.169
                                              a1952.dscq.akamai.net
                                              IN A
                                              88.221.25.153
                                            • flag-nl
                                              GET
                                              http://apps.identrust.com/roots/dstrootcax3.p7c
                                              chrome.exe
                                              Remote address:
                                              88.221.25.169:80
                                              Request
                                              GET /roots/dstrootcax3.p7c HTTP/1.1
                                              Connection: Keep-Alive
                                              Accept: */*
                                              User-Agent: Microsoft-CryptoAPI/6.1
                                              Host: apps.identrust.com
                                              Response
                                              HTTP/1.1 200 OK
                                              X-XSS-Protection: 1; mode=block
                                              Strict-Transport-Security: max-age=15768000
                                              X-Frame-Options: SAMEORIGIN
                                              X-Content-Type-Options: nosniff
                                              Content-Security-Policy: default-src 'self' *.identrust.com
                                              Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
                                              ETag: "37d-5f433188daa00"
                                              Accept-Ranges: bytes
                                              Content-Length: 893
                                              X-Content-Type-Options: nosniff
                                              X-Frame-Options: sameorigin
                                              Content-Type: application/pkcs7-mime
                                              Cache-Control: max-age=3600
                                              Expires: Sun, 26 Mar 2023 16:21:41 GMT
                                              Date: Sun, 26 Mar 2023 15:21:41 GMT
                                              Connection: keep-alive
                                            • flag-us
                                              DNS
                                              i.ytimg.com
                                              chrome.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              i.ytimg.com
                                              IN A
                                              Response
                                              i.ytimg.com
                                              IN A
                                              142.250.200.22
                                              i.ytimg.com
                                              IN A
                                              142.250.178.22
                                              i.ytimg.com
                                              IN A
                                              172.217.169.22
                                              i.ytimg.com
                                              IN A
                                              216.58.212.214
                                              i.ytimg.com
                                              IN A
                                              216.58.212.246
                                              i.ytimg.com
                                              IN A
                                              172.217.169.54
                                              i.ytimg.com
                                              IN A
                                              142.250.179.246
                                              i.ytimg.com
                                              IN A
                                              142.250.180.22
                                              i.ytimg.com
                                              IN A
                                              142.250.187.214
                                              i.ytimg.com
                                              IN A
                                              142.250.187.246
                                              i.ytimg.com
                                              IN A
                                              142.250.200.54
                                              i.ytimg.com
                                              IN A
                                              172.217.16.246
                                            • flag-gb
                                              GET
                                              https://i.ytimg.com/vi/SqFe3q8Zssw/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nEs0emIWcnePNR__MAc-V6YOxBBQ
                                              chrome.exe
                                              Remote address:
                                              142.250.200.22:443
                                              Request
                                              GET /vi/SqFe3q8Zssw/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nEs0emIWcnePNR__MAc-V6YOxBBQ HTTP/2.0
                                              host: i.ytimg.com
                                              sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              sec-ch-ua-platform: "Windows"
                                              accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                              x-client-data: COXaygE=
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: image
                                              referer: https://www.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-us
                                              DNS
                                              content-autofill.googleapis.com
                                              chrome.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              content-autofill.googleapis.com
                                              IN A
                                              Response
                                              content-autofill.googleapis.com
                                              IN A
                                              172.217.16.234
                                              content-autofill.googleapis.com
                                              IN A
                                              142.250.200.10
                                              content-autofill.googleapis.com
                                              IN A
                                              142.250.178.10
                                              content-autofill.googleapis.com
                                              IN A
                                              172.217.169.10
                                              content-autofill.googleapis.com
                                              IN A
                                              216.58.212.202
                                              content-autofill.googleapis.com
                                              IN A
                                              216.58.212.234
                                              content-autofill.googleapis.com
                                              IN A
                                              172.217.169.42
                                              content-autofill.googleapis.com
                                              IN A
                                              142.250.179.234
                                              content-autofill.googleapis.com
                                              IN A
                                              142.250.180.10
                                              content-autofill.googleapis.com
                                              IN A
                                              142.250.187.202
                                              content-autofill.googleapis.com
                                              IN A
                                              142.250.187.234
                                              content-autofill.googleapis.com
                                              IN A
                                              142.250.200.42
                                            • flag-gb
                                              GET
                                              https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlL1An4iaKj4hIFDUqFnlI=?alt=proto
                                              chrome.exe
                                              Remote address:
                                              172.217.16.234:443
                                              Request
                                              GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlL1An4iaKj4hIFDUqFnlI=?alt=proto HTTP/2.0
                                              host: content-autofill.googleapis.com
                                              x-goog-encode-response-if-executable: base64
                                              x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                              x-client-data: COXaygE=
                                              sec-fetch-site: none
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: empty
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-us
                                              DNS
                                              encrypted-tbn0.gstatic.com
                                              chrome.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              encrypted-tbn0.gstatic.com
                                              IN A
                                              Response
                                              encrypted-tbn0.gstatic.com
                                              IN A
                                              142.250.187.238
                                            • flag-gb
                                              GET
                                              https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQJVEvttVVT89JrxsqDQzaa_uBpp2bzruP8xKSzsQHLJw&s
                                              chrome.exe
                                              Remote address:
                                              142.250.187.238:443
                                              Request
                                              GET /images?q=tbn:ANd9GcQJVEvttVVT89JrxsqDQzaa_uBpp2bzruP8xKSzsQHLJw&s HTTP/2.0
                                              host: encrypted-tbn0.gstatic.com
                                              sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              sec-ch-ua-platform: "Windows"
                                              accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                              x-client-data: COXaygE=
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: image
                                              referer: https://www.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-gb
                                              GET
                                              https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRc4Y2jGA2vMyWSagTtBvirBbEgiIMayNRXO9vajUj6sw&s
                                              chrome.exe
                                              Remote address:
                                              142.250.187.238:443
                                              Request
                                              GET /images?q=tbn:ANd9GcRc4Y2jGA2vMyWSagTtBvirBbEgiIMayNRXO9vajUj6sw&s HTTP/2.0
                                              host: encrypted-tbn0.gstatic.com
                                              sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              sec-ch-ua-platform: "Windows"
                                              accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                              x-client-data: COXaygE=
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: image
                                              referer: https://www.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-gb
                                              GET
                                              https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRcAHZvpWsGEd6yxHdnOphO9O10SYabQ8Q2x-_bMsW1bg&s
                                              chrome.exe
                                              Remote address:
                                              142.250.187.238:443
                                              Request
                                              GET /images?q=tbn:ANd9GcRcAHZvpWsGEd6yxHdnOphO9O10SYabQ8Q2x-_bMsW1bg&s HTTP/2.0
                                              host: encrypted-tbn0.gstatic.com
                                              sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              sec-ch-ua-platform: "Windows"
                                              accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                              x-client-data: COXaygE=
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: image
                                              referer: https://www.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-gb
                                              GET
                                              https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcS7Tr5BABnPUeGN7erNQAvPwKOh15PCK6GxSs52X7g1gA&s
                                              chrome.exe
                                              Remote address:
                                              142.250.187.238:443
                                              Request
                                              GET /images?q=tbn:ANd9GcS7Tr5BABnPUeGN7erNQAvPwKOh15PCK6GxSs52X7g1gA&s HTTP/2.0
                                              host: encrypted-tbn0.gstatic.com
                                              sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              sec-ch-ua-platform: "Windows"
                                              accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                              x-client-data: COXaygE=
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: image
                                              referer: https://www.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-gb
                                              GET
                                              https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcThRhp_HIJG6HLkkHLrIHcD9W1aswyjRe9W35D4fpjQ4A&s
                                              chrome.exe
                                              Remote address:
                                              142.250.187.238:443
                                              Request
                                              GET /images?q=tbn:ANd9GcThRhp_HIJG6HLkkHLrIHcD9W1aswyjRe9W35D4fpjQ4A&s HTTP/2.0
                                              host: encrypted-tbn0.gstatic.com
                                              sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              sec-ch-ua-platform: "Windows"
                                              accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                              x-client-data: COXaygE=
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: image
                                              referer: https://www.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-us
                                              DNS
                                              play.google.com
                                              chrome.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              play.google.com
                                              IN A
                                              Response
                                              play.google.com
                                              IN A
                                              142.250.187.238
                                            • flag-gb
                                              OPTIONS
                                              https://play.google.com/log?format=json&hasfast=true&authuser=0
                                              chrome.exe
                                              Remote address:
                                              142.250.187.238:443
                                              Request
                                              OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                              host: play.google.com
                                              accept: */*
                                              access-control-request-method: POST
                                              access-control-request-headers: x-goog-authuser
                                              origin: https://www.google.com
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              sec-fetch-mode: cors
                                              sec-fetch-site: same-site
                                              sec-fetch-dest: empty
                                              referer: https://www.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-us
                                              DNS
                                              challenges.cloudflare.com
                                              chrome.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              challenges.cloudflare.com
                                              IN A
                                              Response
                                              challenges.cloudflare.com
                                              IN A
                                              104.18.6.185
                                              challenges.cloudflare.com
                                              IN A
                                              104.18.7.185
                                            • flag-us
                                              GET
                                              https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
                                              chrome.exe
                                              Remote address:
                                              104.18.6.185:443
                                              Request
                                              GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/2.0
                                              host: challenges.cloudflare.com
                                              sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                              origin: https://www.autohotkey.com
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                              sec-ch-ua-platform: "Windows"
                                              accept: */*
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: cors
                                              sec-fetch-dest: script
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                              Response
                                              HTTP/2.0 302
                                              date: Sun, 26 Mar 2023 15:21:45 GMT
                                              vary: accept-encoding
                                              access-control-allow-origin: *
                                              cache-control: max-age=300, public
                                              location: /turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
                                              server: cloudflare
                                              cf-ray: 7ae06299fe40b8c1-AMS
                                              alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                                            • flag-us
                                              DNS
                                              beacons.gcp.gvt2.com
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              beacons.gcp.gvt2.com
                                              IN A
                                              Response
                                              beacons.gcp.gvt2.com
                                              IN CNAME
                                              beacons-handoff.gcp.gvt2.com
                                              beacons-handoff.gcp.gvt2.com
                                              IN A
                                              216.58.208.99
                                            • flag-us
                                              DNS
                                              a.nel.cloudflare.com
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              a.nel.cloudflare.com
                                              IN A
                                              Response
                                              a.nel.cloudflare.com
                                              IN A
                                              35.190.80.1
                                            • 142.250.200.14:443
                                              https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/cb=gapi.loaded_0
                                              tls, http2
                                              chrome.exe
                                              2.5kB
                                              46.9kB
                                              29
                                              42

                                              HTTP Request

                                              GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/cb=gapi.loaded_0
                                            • 104.21.91.132:443
                                              www.autohotkey.com
                                              tls
                                              chrome.exe
                                              949 B
                                              4.9kB
                                              8
                                              7
                                            • 104.21.91.132:443
                                              https://www.autohotkey.com/cdn-cgi/styles/challenges.css
                                              tls, http2
                                              chrome.exe
                                              2.2kB
                                              14.6kB
                                              19
                                              26

                                              HTTP Request

                                              GET https://www.autohotkey.com/

                                              HTTP Response

                                              403

                                              HTTP Request

                                              GET https://www.autohotkey.com/cdn-cgi/styles/challenges.css

                                              HTTP Response

                                              200
                                            • 88.221.25.169:80
                                              http://apps.identrust.com/roots/dstrootcax3.p7c
                                              http
                                              chrome.exe
                                              375 B
                                              1.7kB
                                              5
                                              5

                                              HTTP Request

                                              GET http://apps.identrust.com/roots/dstrootcax3.p7c

                                              HTTP Response

                                              200
                                            • 142.250.200.22:443
                                              https://i.ytimg.com/vi/SqFe3q8Zssw/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nEs0emIWcnePNR__MAc-V6YOxBBQ
                                              tls, http2
                                              chrome.exe
                                              1.9kB
                                              11.8kB
                                              16
                                              18

                                              HTTP Request

                                              GET https://i.ytimg.com/vi/SqFe3q8Zssw/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nEs0emIWcnePNR__MAc-V6YOxBBQ
                                            • 172.217.16.234:443
                                              https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlL1An4iaKj4hIFDUqFnlI=?alt=proto
                                              tls, http2
                                              chrome.exe
                                              1.8kB
                                              7.0kB
                                              14
                                              16

                                              HTTP Request

                                              GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlL1An4iaKj4hIFDUqFnlI=?alt=proto
                                            • 142.250.187.238:443
                                              encrypted-tbn0.gstatic.com
                                              tls, http2
                                              chrome.exe
                                              999 B
                                              5.8kB
                                              9
                                              8
                                            • 142.250.187.238:443
                                              https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcThRhp_HIJG6HLkkHLrIHcD9W1aswyjRe9W35D4fpjQ4A&s
                                              tls, http2
                                              chrome.exe
                                              2.7kB
                                              18.2kB
                                              23
                                              27

                                              HTTP Request

                                              GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQJVEvttVVT89JrxsqDQzaa_uBpp2bzruP8xKSzsQHLJw&s

                                              HTTP Request

                                              GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRc4Y2jGA2vMyWSagTtBvirBbEgiIMayNRXO9vajUj6sw&s

                                              HTTP Request

                                              GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRcAHZvpWsGEd6yxHdnOphO9O10SYabQ8Q2x-_bMsW1bg&s

                                              HTTP Request

                                              GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcS7Tr5BABnPUeGN7erNQAvPwKOh15PCK6GxSs52X7g1gA&s

                                              HTTP Request

                                              GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcThRhp_HIJG6HLkkHLrIHcD9W1aswyjRe9W35D4fpjQ4A&s
                                            • 142.250.187.238:443
                                              encrypted-tbn0.gstatic.com
                                              tls, http2
                                              chrome.exe
                                              999 B
                                              5.8kB
                                              9
                                              8
                                            • 142.250.187.238:443
                                              encrypted-tbn0.gstatic.com
                                              tls, http2
                                              chrome.exe
                                              999 B
                                              5.8kB
                                              9
                                              8
                                            • 142.250.187.238:443
                                              encrypted-tbn0.gstatic.com
                                              tls, http2
                                              chrome.exe
                                              999 B
                                              5.8kB
                                              9
                                              8
                                            • 142.250.187.238:443
                                              https://play.google.com/log?format=json&hasfast=true&authuser=0
                                              tls, http2
                                              chrome.exe
                                              1.7kB
                                              8.4kB
                                              13
                                              14

                                              HTTP Request

                                              OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
                                            • 104.18.6.185:443
                                              https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
                                              tls, http2
                                              chrome.exe
                                              1.7kB
                                              3.6kB
                                              12
                                              11

                                              HTTP Request

                                              GET https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit

                                              HTTP Response

                                              302
                                            • 216.58.208.99:443
                                              beacons.gcp.gvt2.com
                                              tls
                                              2.5kB
                                              7.1kB
                                              15
                                              16
                                            • 35.190.80.1:443
                                              a.nel.cloudflare.com
                                              tls
                                              1.7kB
                                              6.0kB
                                              13
                                              14
                                            • 8.8.8.8:53
                                              apis.google.com
                                              dns
                                              chrome.exe
                                              61 B
                                              98 B
                                              1
                                              1

                                              DNS Request

                                              apis.google.com

                                              DNS Response

                                              142.250.200.14

                                            • 8.8.8.8:53
                                              www.autohotkey.com
                                              dns
                                              chrome.exe
                                              64 B
                                              96 B
                                              1
                                              1

                                              DNS Request

                                              www.autohotkey.com

                                              DNS Response

                                              104.21.91.132
                                              172.67.219.207

                                            • 8.8.8.8:53
                                              apps.identrust.com
                                              dns
                                              chrome.exe
                                              64 B
                                              165 B
                                              1
                                              1

                                              DNS Request

                                              apps.identrust.com

                                              DNS Response

                                              88.221.25.169
                                              88.221.25.153

                                            • 8.8.8.8:53
                                              i.ytimg.com
                                              dns
                                              chrome.exe
                                              57 B
                                              249 B
                                              1
                                              1

                                              DNS Request

                                              i.ytimg.com

                                              DNS Response

                                              142.250.200.22
                                              142.250.178.22
                                              172.217.169.22
                                              216.58.212.214
                                              216.58.212.246
                                              172.217.169.54
                                              142.250.179.246
                                              142.250.180.22
                                              142.250.187.214
                                              142.250.187.246
                                              142.250.200.54
                                              172.217.16.246

                                            • 142.250.200.14:443
                                              apis.google.com
                                              https
                                              chrome.exe
                                              4.7kB
                                              48.0kB
                                              25
                                              41
                                            • 8.8.8.8:53
                                              content-autofill.googleapis.com
                                              dns
                                              chrome.exe
                                              77 B
                                              269 B
                                              1
                                              1

                                              DNS Request

                                              content-autofill.googleapis.com

                                              DNS Response

                                              172.217.16.234
                                              142.250.200.10
                                              142.250.178.10
                                              172.217.169.10
                                              216.58.212.202
                                              216.58.212.234
                                              172.217.169.42
                                              142.250.179.234
                                              142.250.180.10
                                              142.250.187.202
                                              142.250.187.234
                                              142.250.200.42

                                            • 8.8.8.8:53
                                              encrypted-tbn0.gstatic.com
                                              dns
                                              chrome.exe
                                              72 B
                                              88 B
                                              1
                                              1

                                              DNS Request

                                              encrypted-tbn0.gstatic.com

                                              DNS Response

                                              142.250.187.238

                                            • 8.8.8.8:53
                                              play.google.com
                                              dns
                                              chrome.exe
                                              61 B
                                              77 B
                                              1
                                              1

                                              DNS Request

                                              play.google.com

                                              DNS Response

                                              142.250.187.238

                                            • 142.250.187.238:443
                                              play.google.com
                                              https
                                              chrome.exe
                                              11.1kB
                                              914.0kB
                                              127
                                              739
                                            • 104.21.91.132:443
                                              www.autohotkey.com
                                              https
                                              chrome.exe
                                              86.8kB
                                              277.7kB
                                              150
                                              285
                                            • 8.8.8.8:53
                                              challenges.cloudflare.com
                                              dns
                                              chrome.exe
                                              71 B
                                              103 B
                                              1
                                              1

                                              DNS Request

                                              challenges.cloudflare.com

                                              DNS Response

                                              104.18.6.185
                                              104.18.7.185

                                            • 104.18.6.185:443
                                              challenges.cloudflare.com
                                              https
                                              chrome.exe
                                              4.2kB
                                              9.7kB
                                              13
                                              16
                                            • 104.18.6.185:443
                                              challenges.cloudflare.com
                                              https
                                              88.5kB
                                              275.8kB
                                              145
                                              270
                                            • 224.0.0.251:5353
                                              204 B
                                              3
                                            • 8.8.8.8:53
                                              beacons.gcp.gvt2.com
                                              dns
                                              66 B
                                              112 B
                                              1
                                              1

                                              DNS Request

                                              beacons.gcp.gvt2.com

                                              DNS Response

                                              216.58.208.99

                                            • 8.8.8.8:53
                                              a.nel.cloudflare.com
                                              dns
                                              66 B
                                              82 B
                                              1
                                              1

                                              DNS Request

                                              a.nel.cloudflare.com

                                              DNS Response

                                              35.190.80.1

                                            • 35.190.80.1:443
                                              a.nel.cloudflare.com
                                              https
                                              5.6kB
                                              5.8kB
                                              11
                                              12
                                            • 216.58.208.99:443
                                              beacons.gcp.gvt2.com
                                              https
                                              3.9kB
                                              7.4kB
                                              10
                                              12
                                            • 216.58.208.99:443
                                              beacons.gcp.gvt2.com
                                              https
                                              3.6kB
                                              3.6kB
                                              10
                                              10

                                            MITRE ATT&CK Enterprise v6

                                            Replay Monitor

                                            Loading Replay Monitor...

                                            Downloads

                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

                                              Filesize

                                              61KB

                                              MD5

                                              e71c8443ae0bc2e282c73faead0a6dd3

                                              SHA1

                                              0c110c1b01e68edfacaeae64781a37b1995fa94b

                                              SHA256

                                              95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

                                              SHA512

                                              b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                              Filesize

                                              342B

                                              MD5

                                              774fad1a9eb0066535aa0face4806d3e

                                              SHA1

                                              ca208aebff9e7ef05c2451d567c072bcdedc7c10

                                              SHA256

                                              d4a6a20742e33bcaa573b0e85ea118e9242c58632ba44dc5c832feed50ab4e91

                                              SHA512

                                              98a059e7d8ec57dafd06012f5a20d917b66aee7ed53827d49f80c3629c01034742c2eb5b18e5d7e433d45e975065fdee79d0799e2bcd98214b9e333b5b4050ce

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                              Filesize

                                              40B

                                              MD5

                                              d33b61c2fc1dd881d02d27617d77b65e

                                              SHA1

                                              5a3f6949857e1787a99c912577346ff6000fedd2

                                              SHA256

                                              983865fa820512337344a27d32709dbd2cbea157fe5b9ed8a7f29c8875013f59

                                              SHA512

                                              8ecfa11596f65b25ac4838aaa6aacb5468488fd1345c269b19c37c265d29adcb4b42da5555c0c1518a6b720868ecd4d2acd26872d601ab92693a433fae15592c

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                              Filesize

                                              40B

                                              MD5

                                              d33b61c2fc1dd881d02d27617d77b65e

                                              SHA1

                                              5a3f6949857e1787a99c912577346ff6000fedd2

                                              SHA256

                                              983865fa820512337344a27d32709dbd2cbea157fe5b9ed8a7f29c8875013f59

                                              SHA512

                                              8ecfa11596f65b25ac4838aaa6aacb5468488fd1345c269b19c37c265d29adcb4b42da5555c0c1518a6b720868ecd4d2acd26872d601ab92693a433fae15592c

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                              Filesize

                                              40B

                                              MD5

                                              d33b61c2fc1dd881d02d27617d77b65e

                                              SHA1

                                              5a3f6949857e1787a99c912577346ff6000fedd2

                                              SHA256

                                              983865fa820512337344a27d32709dbd2cbea157fe5b9ed8a7f29c8875013f59

                                              SHA512

                                              8ecfa11596f65b25ac4838aaa6aacb5468488fd1345c269b19c37c265d29adcb4b42da5555c0c1518a6b720868ecd4d2acd26872d601ab92693a433fae15592c

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\46077536-b011-4e18-974b-47ed11c22577.tmp

                                              Filesize

                                              4KB

                                              MD5

                                              0d4138e6739c10053e8b0ad3806e2adb

                                              SHA1

                                              50174b0bc487598f52e6ea1107ba598e97e914d3

                                              SHA256

                                              8b1ee636eafdb14496142f531cb49d04a6376b842abc6a0aae2d3329c8256ee9

                                              SHA512

                                              9e6396ab60b209c1576c2294a129a5640ede134dc461106905b3aa8c75ae4704e42c81a026370a7dc776ca160e1086023343c5bf809992665ca39fa04eac95ae

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

                                              Filesize

                                              264KB

                                              MD5

                                              f50f89a0a91564d0b8a211f8921aa7de

                                              SHA1

                                              112403a17dd69d5b9018b8cede023cb3b54eab7d

                                              SHA256

                                              b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                              SHA512

                                              bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                              Filesize

                                              363B

                                              MD5

                                              47815c178861f84bd517808c0e924c6c

                                              SHA1

                                              46fadbcd70f530369554594747854671969ab605

                                              SHA256

                                              46dc8aea599a28c26e654f84b53c127a95eccfa6ff6fe2b2cbb2f8c2d168834f

                                              SHA512

                                              59cb776380c369884397f09f3072ccf191ba4d28cb82163d87b82217cca67df45dead5a1ccc0fa3dbc89806a1514da382dff2d20b2413d589c6f67926da5ea16

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              4KB

                                              MD5

                                              d9567a725ff83bbce043083b41518b32

                                              SHA1

                                              5b7388012358e90b13fab951e2118b23a1420409

                                              SHA256

                                              3f23be67751a2d889d9ecb58fed7cac727e8c70e76a90d49d4f6c92e15f9752a

                                              SHA512

                                              64930524fadf2661593dcc91a7eb92b2cb506d50ee28cfc720dabd16d2e81a80009007f7f7ffaf817e9dc820a616c64e84d91cdcbf2feb14e7aac57ea57ca790

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                              Filesize

                                              4KB

                                              MD5

                                              e9404a0dcbfbf6effc29185ba7f9c433

                                              SHA1

                                              8e193cf50c7ad2f8a8b5e40f4c06a6ba80998f60

                                              SHA256

                                              fb3b3db1d29cb8d9caa9f8b0e9d3081cc256206f29a57f786b490d77a09e2039

                                              SHA512

                                              20282c5c15010fab583547f42326df1514bbeefc1a96eb2f64d974ae4b9bf5680fed78d0d15417ab4f37cf3729696372760405f51db1d9c74747a3cd67e95690

                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000004.dbtmp

                                              Filesize

                                              16B

                                              MD5

                                              6752a1d65b201c13b62ea44016eb221f

                                              SHA1

                                              58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                              SHA256

                                              0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                              SHA512

                                              9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                            • C:\Users\Admin\AppData\Local\Temp\Cab78AC.tmp

                                              Filesize

                                              61KB

                                              MD5

                                              fc4666cbca561e864e7fdf883a9e6661

                                              SHA1

                                              2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

                                              SHA256

                                              10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

                                              SHA512

                                              c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

                                            • C:\Users\Admin\AppData\Local\Temp\Tar78ED.tmp

                                              Filesize

                                              161KB

                                              MD5

                                              73b4b714b42fc9a6aaefd0ae59adb009

                                              SHA1

                                              efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

                                              SHA256

                                              c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

                                              SHA512

                                              73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

                                            • C:\Users\Admin\AppData\Local\Temp\Tar7F0B.tmp

                                              Filesize

                                              161KB

                                              MD5

                                              be2bec6e8c5653136d3e72fe53c98aa3

                                              SHA1

                                              a8182d6db17c14671c3d5766c72e58d87c0810de

                                              SHA256

                                              1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

                                              SHA512

                                              0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

                                            We care about your privacy.

                                            This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.