ce5710fe1983efbb18fb7e902d7a62103debe6b331c4aa8c91e82d894580d7eb

Analysis

max time kernel
164s
max time network
443s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
22/04/2023, 12:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

djifcc.exe
Size

1.9MB
MD5

45ecfc1819773b3fb94e364fb3d0a044
SHA1

5fb4c7406c409cccfc62df7b87bacbb50be47965
SHA256

ce5710fe1983efbb18fb7e902d7a62103debe6b331c4aa8c91e82d894580d7eb
SHA512

ff425dae4070123a4b837b087d3daf16d5a5430692218ffd65169427e048e8d3fb4edc93cf0aed7f4794916e34001e82c8a6f79ce1d09096aaeeb04e8a0c7799
SSDEEP

49152:8C2yxLt4Ls/3gX00I389ezh5geXqf8Ow2L+kmmtJ2K9QP:8C2Ct8wvp5g3Bw2Cfao

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 7 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/928-54-0x000000013F5B0000-0x000000013F9F8000-memory.dmp	upx
behavioral1/memory/1064-55-0x000000013FD60000-0x00000001401A8000-memory.dmp	upx
behavioral1/memory/2576-225-0x000000013F240000-0x000000013F688000-memory.dmp	upx
behavioral1/memory/2576-227-0x000000013F240000-0x000000013F688000-memory.dmp	upx
behavioral1/memory/2600-238-0x000000013FC70000-0x00000001400B8000-memory.dmp	upx
behavioral1/memory/2600-246-0x000000013FC70000-0x00000001400B8000-memory.dmp	upx
behavioral1/memory/2796-248-0x000000013F100000-0x000000013F548000-memory.dmp	upx

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
2704	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1004	chrome.exe
1004	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	1952	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1952	AUDIODG.EXE
Token: 33	1952	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1952	AUDIODG.EXE
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe
Token: SeShutdownPrivilege	1004	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe
1004	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1004 wrote to memory of 1728	1004	chrome.exe	36
PID 1004 wrote to memory of 1728	1004	chrome.exe	36
PID 1004 wrote to memory of 1728	1004	chrome.exe	36
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 680	1004	chrome.exe	38
PID 1004 wrote to memory of 1544	1004	chrome.exe	39
PID 1004 wrote to memory of 1544	1004	chrome.exe	39
PID 1004 wrote to memory of 1544	1004	chrome.exe	39
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40
PID 1004 wrote to memory of 1584	1004	chrome.exe	40

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Users\Admin\AppData\Local\Temp\djifcc.exe
"C:\Users\Admin\AppData\Local\Temp\djifcc.exe"
1⤵
PID:928

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4dc
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1952

C:\Users\Admin\Desktop\djifcc.exe
"C:\Users\Admin\Desktop\djifcc.exe"
1⤵
PID:1064

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef68f9758,0x7fef68f9768,0x7fef68f9778
  2⤵
  PID:1728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:2
  2⤵
  PID:680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1480 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:1544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2200 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2256 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3724 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:2
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1168 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:2376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3748 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4060 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4084 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:2456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4300 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:2464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4288 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4612 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:1460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1176 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:3052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3704 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:1460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2264 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=1304 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:1980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4828 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4980 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4920 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4828 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4668 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4972 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4140 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=3768 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:1272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=2364 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=2316 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3436 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:2408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4660 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:2464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=4232 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4804 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:1456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4832 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:2404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=4136 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=3284 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4296 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:3004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=4640 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:3052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=4088 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=4816 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=4788 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:1760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=2056 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=3548 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4892 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4856 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:2748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2780 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:2584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3976 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:8
  2⤵
  PID:1908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=3644 --field-trial-handle=1236,i,10828852461001330475,12325964932077833044,131072 /prefetch:1
  2⤵
  PID:1896

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1212

C:\Users\Admin\Desktop\djifcc.exe
"C:\Users\Admin\Desktop\djifcc.exe"
1⤵
PID:2576

C:\Users\Admin\Desktop\djifcc.exe
"C:\Users\Admin\Desktop\djifcc.exe"
1⤵
PID:2600

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\pass.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:2704

C:\Users\Admin\Desktop\djifcc.exe
"C:\Users\Admin\Desktop\djifcc.exe"
1⤵
PID:2796

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
61KB

MD5
e71c8443ae0bc2e282c73faead0a6dd3

SHA1
0c110c1b01e68edfacaeae64781a37b1995fa94b

SHA256
95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

SHA512
b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2459db89cc787deaecce30bd5b545a61

SHA1
2569b213cc49624021a0f759b14dee06d12ad1b7

SHA256
57ec119dbb9e60a9de093c8f00a576baa709fcefb2177c8357e9105843abdd6f

SHA512
b05b18cbda4b233f4bdb8cded5e2bebfccb059a463ec7b3143103aeadc0a24295250d1e9511cb3c8967367f0ef825c13e4c64f86ef6af3088e9047b9a0132f0e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
47c96fb0220691db22ce260c4f1fd91f

SHA1
5cfcc46eb0272cf59b1b2d101f86349800e45500

SHA256
394db8d85e67168295705dcbb28aa70567589151ea3353471c357196390df7bf

SHA512
c3fd0c3a11230708fbb5b1185478dacd112106eddac7cfcc68da27b7f85b9f12e92f03cd8ed961d67ce698d0aee88b3bba676a0baf29d733ac70b0774756b3b7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8a018790db811c21c3383d78fc5c35c6

SHA1
4c2361af831648805e631b5c55a309e14db57123

SHA256
685657fc7b97f72d8294f3dd570e8a2bf14d9752ac0b72a81b134d57ce3f3d74

SHA512
b73d6c84322b4ad315f0c9d3a79aca3dbb3501cefafa562bac4133dafb4051a4930c887c116ea14a5af5f8aaa2bd4b90b0d5344bd1b9c0670912a19a27f5ca73

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
627cd704b6d9743e0b321a2e6c5cdce6

SHA1
70defc3a547ad4980778d476e4288782a127d06d

SHA256
d97879fa7cf6d942c488945f4e544376b457a378df44be9d815585a59d83f30d

SHA512
004ba844a7bfcb0df35755094e4ea5067383cf711dc805a0116ed28a7655010156338f2b17676528b5bb47e49bfef434f18ed632d24680b7c1c0d02d7cc636b0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dbbb8376f5cf68e71d28402272918370

SHA1
d205fd6dda70938e0b70e7ae69500c4dcd3e9009

SHA256
e0524f8c562a772658d3c9ed55ca7959fc5b10b29c98a1bab5e781b13fa128c0

SHA512
16680f2430fa3e35e096dd64c03e23797cad78ee176cb0d3f2509a1f00bce329015f0631798e1255af87d992fb8774aa27d26d46f38d9f2c663975f90b4978ac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8cc4e2347972d78855008d89e79a20ba

SHA1
bc8ab9d2b665d60abfa82a9ae1b3d03d110f1914

SHA256
b596489a8fe06691a24c9d408e92ed4d0379221d2d70a2bd72bdeae72e578333

SHA512
d34a1c264c45eb4a9ae7ea915d6f2d9ad22ac58f6e5c1f31dc2d3bf7f043843bfe10e1601dbba6933e684d9da2f671c3f8ad4ca1b9a0ed07737f8c50da96d478

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0146eb157541e6b256d06cdd93d539fc

SHA1
7e62bd7f032fddc34883cd4968ba85e5a1e7add2

SHA256
cc82f5e2b71bae9ac3496447ad3f4b54412134194106ac832eda5c605d5a7417

SHA512
e6cabb22b887c066e0d0854d4d7b95aedde588b7b23dcef44d6168b887c363334fd50f91481c0719c98d21512df9545c4e0a17593887e7084c720e78ffe82912

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7e760db31622f9e183122ede12b2acaf

SHA1
d5a2ca7555855e71cabe727a9e04c31f1b164cf3

SHA256
f7ce3d4c8cfa1c0e1d3722d69d5864e962d2e4f958fe34f542daecc531f96eec

SHA512
6a95de1ea3743c4fbefd9aed17446c36213dd9701b42048a6d2438c529f267c4f1a574d7ea6ca4a5d19f3fd4d6269533c52370ed7e476067b1c81a87df6cf8b0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
151675630e238f61024d07af41658226

SHA1
a88190e87034ab1ebadacd863e85a2b1cb0d863d

SHA256
2f87fc3a0985de0370a7a306764a65eefd01f8a8330d13b330f078675f227e60

SHA512
006c39fbf47bafa15783ec5eb491ee932105e3c2b55419c6d109e21d457c723f0a0d7a2439f38cad3ca4f320369708a94b05ab3d2a35e7b780e9ceb9fd526fc9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c0bf91a8b090cfedfed2717a8f98f10f

SHA1
a1b484758cd8b54c147e39aa5866ae27a1581a37

SHA256
f442abed417efc13c774f1f7e56c8686a26d80388f2f82bb7b1e8920a0a34748

SHA512
6187d317c8eb840af4aee59be5fb02ff21dfffc410d95f004acd0bd4a2fe472feb641f73400a1b56f195a6275ba6ea87cc778ce82bb4fbddd3de0fc19bb4c804

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0fa43182940b2ca9e1f79e24541d1e0f

SHA1
eb773ae0da2592234f8703625f0c1a0ee973b6dc

SHA256
cda2e862e564a963bb3aed8c840af5d3e7b2f1033790b7d0a57d8a8030cb3d15

SHA512
ac5f5e83cfaaab8157b776f2e3a689008b1492ae17615ac29e4b32945e273576a884254f4339f62f3d899b0ea564e9b24701388a7ef4f81179c4794907382aca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
177b9092ce1c1affd7e2a630461f49c4

SHA1
715dd6c7a36e34acc03c162a5e3172269bbd15d5

SHA256
14995422b3e8f90194cfb1cdc457b9df4c7a78c04c563de84b0c533eca855ddd

SHA512
738674c726431407b3e8ccf923a5e6c5b257b037c73c65077a16d960919bb449ca21f9d4ea84f3203166f0da3890d42bccc7bf23f7553d0f1888c34713c7b73f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c7467b1c73baba5d993371d82df73a93

SHA1
c9e531aa6258d9b9989f98f9caf2bc35ca70e2d8

SHA256
127662f4ab2b45a5b9cefc71a94990ef914f2b5e99ef1cc1916578860c46fe1a

SHA512
ddb66df2bf8cc6a5ae8f645089b0ba72fcacf8f05cc65c3fa00e9264431348c8e2d2b94eaaa61a18c5d28370c13b9a107dd27bc0eefec228710727df1b5cb8fb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
824b2a1b46ce15b4e8982a0586c20943

SHA1
4cb9b449485093304e7ef29073fe3d30863110e9

SHA256
f69e1da8c920fb26fbf5520fda1fd859c7bd807884fa2819ad4b75d142260121

SHA512
12a09eddd9c1442677d4ce25f7f097fb77f5ff558927cd2ce69da6a28391790a7641395f0c1598f1676aecb85733680f54740233a8c6ef90975af94741a8a7dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
076adce6a1fc2d6821fc268dc3548d24

SHA1
47d2f318b374cf7370eab22551c254df8a7733af

SHA256
4092b06ce76e3b54ec8c230b6a431a65ff2006e2de4d9a418fc39d84b6e88ab4

SHA512
a4e0822bacff74679476b65dee340e97f481768561aa4344c3a1128c79995a39df4c0ce4c07f0b5e9a501d9b047147ec5bea6cd552d17a0e46846c2ca3347ce1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\3faef7a4-94b8-4d71-817a-e528183a195f.tmp

Filesize
200KB

MD5
c534ecae96dbe252975d0c1fe2b54706

SHA1
ce7bf8de5a7d428f3918730bedabfa2fcd04aed2

SHA256
39eef732538d65a2a225ab398cbbd3145641017a3fa262afad8fad36f08dff88

SHA512
b1e8e9855328c2420a16d136404f8cf903aea5c9fb0cccd0c7c8b4d416b5ad1c77ef0cd7df0f0c85d7dcc3a1f0ea2a90de5c068fa609703aeab5bae983127847

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4710f209-2295-40c1-9ce2-7e4e7d911ea6.tmp

Filesize
6KB

MD5
b25d566bc25a31afebffe57d14939ccd

SHA1
8de45dabfc204a1908213c053016335b9bacbbeb

SHA256
7716077f57a56e59834ff8d6ead7ffb26ff05a39ed1eadf0024bd0fb62982be3

SHA512
b2f77f1504f9558b9e64e52deef2cd6b556cd40de927d565da7280a515d7e64f110e1c8059d1dfab0f70c9825ca59c491ce8639c9ab6a3ba2579b1fdadb8073d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
48KB

MD5
45bc79163c95bc1a788811217ffaa42d

SHA1
cc2577b9f0538691aa5894101e37148379580bcc

SHA256
76215491a73618074f805bc3e443aeeaf2800b382124b64bde48c0074b3cfd96

SHA512
6061c304190ac86c93341466db59941b4de3ea7661e44f928ee1ea0b8900c41c9fc2dfad76734d8b0fb3e63826090c3127e47ab38da5a1ea495ec651458440a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
298KB

MD5
5385cf3b38909ac87add8fcc21b99d1d

SHA1
8ac5fbf87b07f71850de9dbcc31eec042566b7b2

SHA256
4da964eed0c4e6e69c5b73455917ef4f7cfe8ea95c2fa899d1f021e2e9f36b19

SHA512
4f418bfa6e58a0bfb9cb43eed7ef128f384107aeeefd4de5ea70c097d6f633341defac96da6d79c81e7cf69024f30ea4843f50bb5222fd119133b04dae7288f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
65KB

MD5
a7b7e7918a12587fee69cc84717f74cc

SHA1
6d002c60853e5c94a48817fb947ac1b3d16f1b6e

SHA256
605b901bc776b2358a2ea914f06c9da0ce5b422b01f764f308c68e9a789ca3e3

SHA512
85b0c4cdc2e67f6125ce2abc45bb934ea14c0c1a27b9bccb9e1fea7638ca7680765c39e15ad64f00f1fe8568c9ea10a57e6f6d96a21c1d10a339991600b7dd2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
71KB

MD5
1a25da4514378d922ca47b31b019e763

SHA1
0ff53ab3fddafdd43ace6c16ec3eb6f836760349

SHA256
edd7d40cb4d93365259679f0fcba087bd68e994bd34279f6637e3d909750403b

SHA512
6c2b1386a52aefe3ab0885b3321c4ef5a23de1d388791e57051eedfb49ebf4fd79f6623ed2058c246546a911738c7a42f588ca0afb53f853858a32d7ec06ad5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038

Filesize
107KB

MD5
a7777374a08be03dea007b97063c1fab

SHA1
74323b6d16f5da98d844cd9d5e871cffce620c97

SHA256
cdb0cae3bc84603c86215f25506135e0c43afa2e884c148a0d0127154de72481

SHA512
cd4883fecff20fe3f89505c4c470d848d16e89a1c4c5a12e78ae8e9eabd40e02b011c367cc8bc5d3c4a2fa2868da1204962f5c875cea4af2baeb385bbe3a629a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

Filesize
163KB

MD5
109e1354dcad59ff8d3e589dcc09299a

SHA1
bc2cf564c7967a59936c2074b78e124e17439c3a

SHA256
a9f34a49984f7a94c7a522a6d171e470701d34a4b630dcb7ae673e6cfaf2e5ae

SHA512
4a85f37ac35db60a44e729a0ee842e45172657c17c71022dfa73aed445106b833cdceccf94b1735737d5b9c06da8db19a6799186bbf742544c943a4b8de737ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

Filesize
37KB

MD5
519005befdbc6eedc73862996b59a9f7

SHA1
e9bad4dc75c55f583747dbc4abd80a95d5796528

SHA256
603abe3532b1cc1eb1c3da44f3679804dd463d07d4430d55c630aba986b17c44

SHA512
b210b12a78c6134d66b14f46f924ebc95328c10f92bfed22a361b2554eca21ee7892f7d9718ae7415074d753026682903beba2bd40b35a4eeb60bf186dcdf589

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000060

Filesize
19KB

MD5
ca7fbbfd120e3e329633044190bbf134

SHA1
d17f81e03dd827554ddd207ea081fb46b3415445

SHA256
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

SHA512
ab85f774403008f9f493e5988a66c4f325cbcfcb9205cc3ca23b87d8a99c0e68b9aaa1bf7625b4f191dd557b78ef26bb51fe1c75e95debf236f39d9ed1b4a59f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
7a13febfba27e94f1e68d1feb3a8e9fe

SHA1
243b66e9fe6d6910ff0790ac66b7c0b57c2ea006

SHA256
002de274b287137dbf81add77f2ba266f79593298260b605bb2115be92ac108b

SHA512
af72d7a1fde2fbc344a36fef1c18a47237047f3c7e8631caaee40e5284005a71515658291cc239e0ec0cf3e5ff3dd15b750ffffda7f538c650a768faf664a3f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000002.dbtmp

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\CURRENT~RF6ef48d.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
63917841fc21924d85dec99a4f76c005

SHA1
598c7b31ad82f50ffcd9c5e6cb91c0091f05db5e

SHA256
d28aee2e1884ce9ebb2609f312fb02beb8e120aba02fb1f59130e54a3f4a37c0

SHA512
f2841981410da0b42cf9024fb2375d8e68380cbb8668f25a14ebd8623e700eb37b85b30e5355e996e2e20307e341d51cddf317a7fd1996cc0db8eed60faf4a70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1013B

MD5
126a0edd67e2941bcda4704172c7d072

SHA1
59b60062c21faff5780692a51f3127c83f9cae2c

SHA256
dfec70b28871130e66f94e67993486759144780bbda4f1403a74dd388743e5ae

SHA512
785ec6a5a439d9868c754de1dc3c047ced4ad24981d73ddbba6b30deaa4a429d25f712dff71a42e20735e7411a3203515cc8fb3af2612f4131ac840b1924b480

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
9aab9fbeb8dc22ea94ef769cee823462

SHA1
dfc07d068d168530e764965c119644bb78b5a12e

SHA256
b3be23860d1c0aec3200c0aa5f626fe05a1d1d174d52d51ab7714a7b8fdac2da

SHA512
ef9ba62d438e110a86f1f56ecd1bc74b107c6eacfa70849fe0abcc395acc906b9f8ba70cd0744827350c6f5d2c35efca87afb18a95b634351142a4e9ca1c9d11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
3e589b52ce94f2583f800eb17ad6b5fc

SHA1
f24dc67dad501810b3caf5f5c9e9dcda81db1e37

SHA256
70bfaad07f4ef18050613432901c436cb934ba72420683c29b12a2183c4e282e

SHA512
9e22d9f891f0154997dbfce9008762803dcf3cc0de590f1ee2d92af020d45215d9ec82b38e7457488408a801a4c104b9b2340ca6c58b92fe033f4027b430c935

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
fdc5633b29e1ccb7a6ceba76ad082a10

SHA1
11b8594c31e76c98c17563dc693549e09746ac13

SHA256
9888b4178777fe03928783a78f135c04cd5586438296db455efe3a6869ee919b

SHA512
3a9e9712542dd55351ea89fa77b75cade7b00879e72449c10539c20cb7632b6cf7454c808c41e618c9c99b173dafa3a3a94fe841909a87edf0214f9694536a14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
0da886e2f58d3aa6e06cbccb6e275b21

SHA1
52099d4ba38ab3b038a86dfcd8baf104f1da61a7

SHA256
ca059ca8dd0149be1eb44aeac4b91658542530de3f9dc2fc3a2c208f1d119339

SHA512
7a002dff8831a6a27e7c33ce6d6825584cd0a8069ec546e8ca0f32899d5862403acbf7831ad5d4de567f4b04cfc778844af1335bb1f46bc15fd111b7462cbd8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
2aa9dc7353d00f51a49408f295b4eeac

SHA1
d163a911eb4b1401c2b25c8286f3a41b43a7638a

SHA256
ab2d0360f7e681c26bdb94d87b21b78646b6b211b202267f860138c82ff0de24

SHA512
10ad4fd04a05f15430e3ce957d196efba851ecbd98db2d27481b94e87467e41517b9cf5077f67d39bb21e728c99173b89697fc9d99b01a80a60bd45a2f23489d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
366dff0e5132ef9e5b11ae6045dc7f06

SHA1
5e24dcb63122b3aa74347110bce9a050bc4f4ae3

SHA256
6c492af5d3223586cec53df1b885d17861d56be2f49e932e401673d477367ffc

SHA512
60ce33000ec4fbd597391470436ebe453ab7f7edbc0f86f14899f0866f5590214d964d19b5c8af1c4570cab075de4288ce9ada2a9050c5e0154921a4715e526f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
7ab95d522139369f14650111a98c904a

SHA1
af05ddfa3f381d98fe722f8d388efa209d3ea13a

SHA256
ba4ad2e41307aaae87b486d6f50d34a07cd59197ad9ecdf9b5e275c468a2e4ac

SHA512
37e38cc64160600353cbf730ee751d46cd8175fade77c5d3a27918891a9ff53284b8e02012bc7f913ca869a86e9afc40b392441d7173237dc007793b6e302104

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
3b27e236ead9e9783b1e02b887ea95b8

SHA1
f23aad312419711fbbdbe13b6af90b0229bf9c04

SHA256
2863180d1cdaa715eff25511e334284270c860a38bcc22ed2b8af51d97ea2108

SHA512
399b3304041746a18183765d1a49c8faedb0ab19d638aa598e2dfbf25a2b4885c47aff6484706606677ab9a829fe6c264dc27fa68ac2a58b5e56eb4230ca1f5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
6d42c6e25c35a081045968c3b899702d

SHA1
5d325dbd53b0c137d887bf67b415bc26483028aa

SHA256
fff71d6e2a2983249e143c472cf3e25e083d123481f3589b3d274d9019d51e70

SHA512
0d15ba22d20a956ae5d1955ebd469de478b8542379f1c2f34dfe1a4a1b0a432208297ba44dba4e42c79dec2d51fc0bddee34531acb8dfea233e0797a0ca6464e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
d3af8f58598ecbe670b2dcf9e1236d6e

SHA1
9760e24aa03c11183b096fa4e92b002c76c5f062

SHA256
2cafea16f78d82aaf5dc8ac4fb9d0a0684d8dc056a74322bd888e2c39656a1a1

SHA512
dddf0f4f477f3cba92fd1df7a048b36d45546e624e129bdab748de9ed3104b81e9b1e9e6cb03c604a95c39ee8a9544483bf1a047883851196a861c657dadb641

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
71d1da5af2590817c3dfe3c406965c4c

SHA1
4d61f33ea22f2c92a7ed28b4c791bc8d1395119f

SHA256
afa8096538c343fd2b086cf657463e5e86db2633e3dbcc9ce4d53a4a920ef00e

SHA512
3069a79f6c48aabee406b1a3933e65048a95436a428477f89a2e4200065cdf2f45f5cfdcd78009f7ff9a061417a69a194051eb5afd529ac0a5ef5fedc07aff85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\abe2ae7f-a0c6-409f-a0b0-4ff3f585c9a7.tmp

Filesize
7KB

MD5
956bdbc728eb304dd0e9517d571e328e

SHA1
3fc160047b27041d6f2a44817a302209db92cc8e

SHA256
545e4682fd54f42b0316e7d2de33bc49597e7942ab8900ae8b625773f384bfc5

SHA512
c70e79f6d765674c905ba8a7641e740249a007119c305e846cdeeafc5ea6ab4f66f979ad93485d7a74ad444b94d6b5fc466afb4d8b0739df487b16cf47ba8d1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
63da77b290398a0a2d0affa4fb4d11c1

SHA1
2f9dab3308f5eab8f33822c884e565bd19990b96

SHA256
1de85f91b0a9720624266b1c4541305af4abf322a9d50ccaab6b36c559121233

SHA512
510754d5053d4e28c832076af9f52a85afbc915fbb8e724f69491d5995e286852146f146678384d48b40692ab329e4bccf9ce6137ddc8c1d33527646403af774

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2e9f42eb046cd8f089e14d2cfc6685a7

SHA1
78b627acc01a6976ff20fbeaa464968808d3d55d

SHA256
6cb952807958e3ceab2275a464cf98375b185e842509b14c63c8e36c275aed63

SHA512
d00c7752bad27bf612e0bb0f339cb711041dfc61cec3d48914b83ff5eed68169cdeddcd876474a7bf95d17d110a57c3b07930f678619e669b74ee1172f6acdf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e9ed7c6e8754ee8860d31d50bcbb99fc

SHA1
f64545eeca323a3bb0019c8418f5d6ef30cbe143

SHA256
dd8c606c01b8f1a992d98dadf7ba0c146955bf28bb7b6f33b71740c727817623

SHA512
cf4384ef8a0511e4e5fc94252b9da5bd38a0d3aced5897e9de4c5c4ded7c15e029c89d2727cd20103906bf97689184a3f210bbaad9a906c997c5a6fed61964b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
752495561565d369b59c8ff143d79b60

SHA1
31039a1d28cf8f217e258de187ff44cf67bdd042

SHA256
e7972cb1a3a9672ec118599ae9891320542ff8ad710b204db4fc2a3aad9e329a

SHA512
f93c19849c32ff680069d02d65bbf7dbc7ef6b7d46166daab53860c59f68061f5f0a98f4506c256dfb0690151cc4e6772cf97c44415a8375297739a9c74b24d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2389d62566716ccdf64b71511e715fd1

SHA1
91f39776dabdb4c42535ffe8ba440ce81abc1875

SHA256
03f452220589c4bf1211ab5a86e4300ce740ea2928be4b895476f17c28e0e416

SHA512
9b12ec87a5b7f41e46c587e7a1ba5bde96105fa9978244911146ebfb9418eb287c115557acb728e6c8a9d4d564c77f6f682e8a5c656c6725b3e73c7b59c23719

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
dfca3c5b369b3fcb4f712b87421db0b7

SHA1
919b599734a6b81e1e3365384c1ca87a69b305b7

SHA256
9e0ab644351eb8a1effd6c7c721889de15c92b46366d98669295cf6459ed5db6

SHA512
cec74bc885d965015a20c7da915af3f47a4fde3ed150fee302f81ff982b90bcab5108ac5c0accc284efd5bb6c65d07c895524612cdcb557a7f490321b6a7b4c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
71cc2e15732f476f9bf8fdbf293697bf

SHA1
f8cbfcb9c48a588ad1c8be943dee594302aeadac

SHA256
a63a6548fade5c98edb723db81d8e0beabf19346e6c829efc0a65f54d566c2f8

SHA512
2912dc47e4fe6a7e2d46312acf46a3fa93c689cf17b1f78010877f7e2e7673a5a7093ab66a74ee95af90aade31ccf63f38f29d91f6867f0957d4644d1b8bc54c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
bbf67b03e6561603ee1459302e574784

SHA1
41d86a96810dab157a0d01e85f660a28c4e5d948

SHA256
57717f8d1c3cb38ea394e94019eadd25c8a846f08854ba10d7caec20eb0be37e

SHA512
82538e82d1e39ed14691a7e29511fdeb988b89788fe2a103e0316f490abf94860bf33bbd890320b08dd16707353b9ffdd16758a9a0996e95b065d0376d1f1692

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
8e561067bed2ecf3b708cc4f25d2a2e1

SHA1
55f38e405cc2ac704d91b00daa7985a983745a34

SHA256
107e342a782a1d6f0be3a127161eb8b0e48f592a570a7b081f87cfe65b56f1f3

SHA512
383be865b6c63c1e8bcdffbdfc82fca6c4188632241c8ee489added93b69644dead58782d29ba06b96ab84428845437760a461d0eb394a956b9dbe58304a154c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d4ca431625427a3913842968dabebd46

SHA1
bf4518809b89953d16e91a3bf6d2c3fa17ff886e

SHA256
c2eeb6a57ce88fac0b3aaef9f81f3bd3654e64402bb6711060a725a18b909952

SHA512
3fd1aadc93bd3f256b737621f9430a1ff65f6d1026c48c828630af7e7fa0fa9c18342f20e4f2fe4adba840e1f2ea48f036387ce248df5e871ce30c1b291e362a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
b039b57232cc54491cba7aef4e7441b2

SHA1
8833b2f91438660910817aeb4eb46b65bb02c152

SHA256
07b744fbd0c652f7d229410b088ef9e6f9fbabb7eddea51f9de809c0c71bfe7d

SHA512
82bef51ca326be99ab38a2ab23304212618fff248ffda1d8d642b7794428240f70095c97fbca494774cb4cef0a83035a50a7d68e8d074fff9b93825625196052

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Search Logos\logo

Filesize
45KB

MD5
1424f35fdcba2e21e3109852b7ea3f33

SHA1
350bebf39a8e58dcafe4d0938c6197a8c12b11c7

SHA256
52b2ca02396bb77fe6e73d0e78e4dd6fefb60b8e522414560c4b95c5a6df1b5c

SHA512
31c879f04165df1c3c2698b7d565842ce74d980736e0da996e5fedf0beb2e1053200b30bda04535218a58a1bd50e2f4aa88381bcb32af863225b596e8d2373cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000004.dbtmp

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
b77f0f65f9c88b5be83a4039114979e5

SHA1
87cffbdcb8a0dc81ac3c41d3eff00c7e5fdfb735

SHA256
ca1777d6248962729da32f7c582ae06ca2798801407932833946ee102dd149f4

SHA512
51b48c1464a1589e50eec642c9958a258baf6c1ed60d6a28ea604248c159050b5851a163ced2eb71006448d26035e9e40d3d2373e32a30ee99f77a437b5c2d4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
ea6288039b6f11d7a7bcb083f873421b

SHA1
b66e3921fc906d31262965fa67a85f0e93e0aa51

SHA256
969bb4fd8207149dbf4fec2fcc32ab53367acff279ffa261fe490c5e60d4b45d

SHA512
a21a2fc282f1ae1fc57420ebed5b4f510f64a89d07448bc58c5d782506c9be904e6e13e3effa0ab7b2445951bf7e62e27087f27375705bfa0632440f277b6da4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
50255e406f22207d6e3168a33cb9d248

SHA1
1a575e0fa76de619fe2280d34d9e469491756ac1

SHA256
0f5edeccd643023f4fa95448acc47aef7c61ee7b1e3f3ac633cbdfcfe5e45927

SHA512
9c4a791ba49011fb4218e25c13ee61f6f26fd1ce38b2c572026471b8e98eb36c37e83de656bb85c74fab1affc312cbaf3c888ba325c9bd0d3564042c68ea21d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
cf943991a86586506bca38af5e447fd3

SHA1
d1ec9beedfd129a01673a4f4b3ff8402e5c93949

SHA256
655a3cdd6d0ba1fcf7491199fa5eaec91bc79a8ad722b36fa73d3bc7f3bb4391

SHA512
cc429ce24e251b12bc155a79a4be069e38ef0757b0fb070094ff22c34cbc50b8c4606cf8e00f7630526a04561a75d73631220d786fe836479c009491380d52c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
770873f550622566bd276c20435de89f

SHA1
b81366c263208d53af967e62bcec4ba3181b57fc

SHA256
fa78855138329929f919f46a3c1fa83731c99d07c07bd9980c9fa4b6bd74313b

SHA512
d5333921f376f27212ae76a7dd28f8511d6d9de7d64f98c2a68f7a4f92ef0f455b76b61b31c1029252fc895a0742ae4a2bffea006508fe2fa79793d9e77ae48a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab7C63.tmp

Filesize
61KB

MD5
fc4666cbca561e864e7fdf883a9e6661

SHA1
2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

SHA256
10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

SHA512
c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8070.tmp

Filesize
161KB

MD5
be2bec6e8c5653136d3e72fe53c98aa3

SHA1
a8182d6db17c14671c3d5766c72e58d87c0810de

SHA256
1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

SHA512
0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

Download Submit
C:\Users\Admin\Downloads\djifcc.zip.crdownload

Filesize
2.0MB

MD5
7e709c574480a03488fbf879199e40d5

SHA1
948f4bac08eec51ccdde31729d3b54a4b5a3ac33

SHA256
148f4a4bab20a25049b2d94843c36b0c67b7c6df0dbe13ca81774dc2e177ef65

SHA512
d3f3a27b5efd487f72fc917fc9eb357b518712950a2d76edd150c7089d471b85557eed4df7ffa955c8705e1d2d2f7376e5c6553ffcf71369b7123709c5b336a2

Download Submit
memory/928-54-0x000000013F5B0000-0x000000013F9F8000-memory.dmp

Filesize
4.3MB

Download
memory/1064-55-0x000000013FD60000-0x00000001401A8000-memory.dmp

Filesize
4.3MB

Download
memory/2576-227-0x000000013F240000-0x000000013F688000-memory.dmp

Filesize
4.3MB

Download
memory/2576-225-0x000000013F240000-0x000000013F688000-memory.dmp

Filesize
4.3MB

Download
memory/2600-246-0x000000013FC70000-0x00000001400B8000-memory.dmp

Filesize
4.3MB

Download
memory/2600-238-0x000000013FC70000-0x00000001400B8000-memory.dmp

Filesize
4.3MB

Download
memory/2796-248-0x000000013F100000-0x000000013F548000-memory.dmp

Filesize
4.3MB

Download